top of page
Search
Adi "Adico" Cohen
Aug 2, 20225 min read
XSS in Gmail's Amp4Email
Background AMP is most commonly used as a framework to develop fast-loading content on the web. One of AMP's projects, AMP4Email has been...
7,5040
Adi "Adico" Cohen
Feb 24, 20194 min read
JSON-based XSS exploitation
The following post describes a new method to exploit injections in JSON file - Back in 2012 Introduction: In the world of Web2.0 and mash...
3,4090
Adi "Adico" Cohen
Feb 24, 20191 min read
Microsoft Anti-XSS Library Bypass (MS12-007)
The following post describes the second bypass I found to the toStaticHTML function in IE - back in 2012. Introduction: The Microsoft...
3010
Adi "Adico" Cohen
Feb 24, 20192 min read
toStaticHTML: The Second Encounter (CVE-2012-1858)
The following post describes the second bypass I found to the toStaticHTML function in IE - back in 2012. Introduction: The toStaticHTML...
360
Adi "Adico" Cohen
Feb 24, 20191 min read
Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure Vulnerability CVE-2011-1252
The following post describes a bypass I found to the toStaticHTML function in IE - back in 2011. Introduction: The JavaScript function...
320
Adi "Adico" Cohen
Feb 23, 20193 min read
Microsoft Windows Shell Argument Injection - MS12-048 (CVE-2012-0175)
The following post describes a vulnerability I discovered, allowing the injection of arbitrary arguments into the command string of any...
1240
bottom of page