Skip to content

My experiences with the GiftCards.com Bug Bounty Program

Since November 2013 I reported seven Cross-site Scripting vulnerabilities to the Giftcard Bug Bounty Program. Sadly, only one of them wasn’t a duplicate :-/. Strange? Perhaps, but not impossible given the simplicity of the vulnerabilities.
 
But, what I really don’t understand: Why do they still work until today?
 
 
Continue reading "My experiences with the GiftCards.com Bug Bounty Program"

SSCHADV2014-003 - Serendipity 1.7.5 (Backend) - Multiple security vulnerabilities

Advisory:
Serendipity 1.7.5 (Backend) – Multiple security vulnerabilities
Advisory ID:
SSCHADV2014-003
Author:
Stefan Schurtz
Affected Software:
Successfully tested on Serendipity 1.7.5
Vendor URL:
Vendor Status:
fixed
 
======================
Vulnerability Description
======================
 
The Serendipity 1.7.5 backend is prone to multiple security vulnerabilities
 
 
Continue reading "SSCHADV2014-003 - Serendipity 1.7.5 (Backend) - Multiple security vulnerabilities"
Imprint | Contact | Privacy Statement