My Blog
Here you will find my latest blog posts about IT security, vulnerabilities and current projects.
Multiple Critical Vulnerabilities in CADClick
This blog post uncovers several critical vulnerabilities within the CADClick web application, including SQL Injection, Reflected XSS, and Local File Inclusion (LFI). These security issues pose significant risks not only to the application itself but also to its customers, potentially compromising sensitive data and operational integrity.
Multiple Vulnerabilities in Feripro
This blog post describes three vulnerabilities in Feripro. These include two Incorrect Access Control vulnerabilities (CVE-2024-41517, CVE-2024-41518) and a Stored Cross-Site Scripting vulnerability (CVE-2024-41519). Feripro is a management software for vacation programs.
Geschützt: [DE] Business in Asien: Meine Geschäftsreise nach Singapur und Hongkong
Es gibt keinen Textauszug, da dies ein geschützter Beitrag ist.
[DE] Aktueller Stand kryptografischer Verfahren für Web-Applikationen
Dieser Artikel beschreibt den aktuellen Stand kryptografischer Verfahren für Web-Applikationen. Entsprechende Angriffe werden erläutert sowie Gegenmaßnahmen zum Mitigieren oder Abwehren beschrieben.
Nitrado – A terrifying testimonial
This blog post is a testimonial for Nitrado, which claims to be the world’s leading game server service provider. It deals with the very outdated software and runtime environments and the resulting vulnerabilities in the area of hosting and email.
XSS vulnerability on StudySmarter
This article describes a cross site scripting (XSS) attack that works on StudySmarter. StudySmarter is a learning platform for pupils and students. The web app offers the possibility to create flashcards and learn them via the website and corresponding apps.
First release of the StudyOffline project
StudyOffline is an open source tool that allows you to download the flashcards you have created on StudySmarter and study them offline, without advertising. In addition, your privacy is protected and no data is collected.