Published Vulnerabilities


BMW Mail - Persistent Validation Vulnerability

A vulnerability researcher of the vulnerability lab team disclosed a simple but effective technique that was used against microsoft and adobe some years ago. A persistent input validation web vulnerability has been discovered in the official BMW online service portal web-application.

The vulnerability is located in the `firstname` and `lastname` value parameters of the `mail` module. The vulnerable parameters are insecure sanitized next to being delivered inside of a basic html mail template.


Ebay Inc Identity Security Check Default PIN in 2021

New Ebay Inc Identity Security Check Default PIN in 2021

In the last weeks we have reviewed several identity security check mechanisms of large coporates. Due to that we figured out a funny case with ebay inc. Ebay inc owns a new security identity check function that uses a algorithm to calculate pins for the logins.


Subscribe to RSS - Published Vulnerabilities