For reporting a XSS vulnerability and a HTML injection bug I got rewarded with a t-shirt, 3 pens and a key tag.
Uncategorized
For the Fourth Time Acknowledged by Nokia
For the month of October again my name got published for reporting a sensitive data exposure and a vulnerability in Drupal.
http://www.nokia.com/global/security/acknowledgements/
Share this:
Rewarded By NCSC of Netherlands!
I got rewarded from the National Cyber Security Centrum (NCSC) of Netherlands for responsibly reporting a vulnerability in one their government websites. You can find out more information about their responsible disclosure over here https://www.ncsc.nl/actueel/nieuwsberichten/leidraad-responsible-disclosure.html .
Thank you very much for the Reward!
Share this:
Acknowledged By AT&T
I got acknowledged by AT&T for reporting 26 XSS vulnerabilities in their website. I was the first Sri Lankan to get acknowledged.
https://developer.att.com/developer/apiDetailPage.jsp?passedItemId=13400790
This was the E-Mail :
Thank you AT&T very much! Proud to get acknowledged! 😉
Share this:
Acknowledged By AT&T
I got acknowledged by AT&T for reporting 26 XSS vulnerabilities in their website. I was the first Sri Lankan to get acknowledged.
https://developer.att.com/developer/apiDetailPage.jsp?passedItemId=13400790
This was the E-Mail :
Thank you AT&T very much! Proud to get acknowledged! 😉
Share this:
Rewarded By Nokia
Today was a awesome day! I got rewarded with a brand new Nokia Lumia 920 for all my findings and my responsible disclosure done to Nokia!
This was the E-mail :
Thank you Nokia very much for the reward! I won’t forget you guys 🙂
Share this:
For The Second Time Acknowledged By Adobe
Yeah! For the second time my name got published in Adobe Security Acknowledgements page! This time I found a vulnerable version of PHP of their servers 😉
http://www.adobe.com/support/security/bulletins/securityacknowledgments.html
Share this:
Rewarded by Salesforce
I found a POST XSS vulnerability in the Salesforce web site. For reporting it I was rewarded with a Amazon gift card. Special thanks Mr.Suchit Mishra 🙂
Share this:
Rewarded From Lumosity
Lumosity had a undiscovered DOM XSS vulnerability during their signup process. By injecting our payload into the name field we were able to get javascript interpreted back nicely in the edit page. Here is a screenshot. Also we can change our name parameter to our XSS payload and get javascript interpreted back the same way. This is a persistent DOM XSS vulnerability. (more…)
Share this:
Acknowledged by Constant Contact
The blog of Constant Contact was hosted on a vulnerable version of PHP in which their was a public exploitable bug. It was confirmed that it was hosted by a third party and after patching their bug they wanted my name to get published in the Thanks section. So here you go.
http://www.constantcontact.com/security/report-vulnerability
