top of page
Search
XSS in Gmail's Amp4Email
Background AMP is most commonly used as a framework to develop fast-loading content on the web. One of AMP's projects, AMP4Email has been...
Adi "Adico" Cohen
Aug 2, 20225 min read
7,628
0
JSON-based XSS exploitation
The following post describes a new method to exploit injections in JSON file - Back in 2012 Introduction: In the world of Web2.0 and mash...
Adi "Adico" Cohen
Feb 24, 20194 min read
3,561
0
Microsoft Anti-XSS Library Bypass (MS12-007)
The following post describes the second bypass I found to the toStaticHTML function in IE - back in 2012. Introduction: The Microsoft...
Adi "Adico" Cohen
Feb 24, 20191 min read
317
0
toStaticHTML: The Second Encounter (CVE-2012-1858)
The following post describes the second bypass I found to the toStaticHTML function in IE - back in 2012. Introduction: The toStaticHTML...
Adi "Adico" Cohen
Feb 24, 20192 min read
39
0
Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability CVE-2011-1252
The following post describes a bypass I found to the toStaticHTML function in IE - back in 2011. Introduction: The JavaScript function...
Adi "Adico" Cohen
Feb 24, 20191 min read
32
0
Microsoft Windows Shell Argument Injection - MS12-048 (CVE-2012-0175)
The following post describes a vulnerability I discovered, allowing the injection of arbitrary arguments into the command string of any...
Adi "Adico" Cohen
Feb 23, 20193 min read
126
0
bottom of page