reflected filename download

Pierluigi Paganini September 29, 2015
The Shopify commerce platform is open to RFD attacks

The researcher David Sopas at WebSegura discovered a Reflected Filename Download vulnerability in the popularmulti-channel commerce platform Shopify. Shopify is a multi-channel commerce platform that helps people sell online, in-store, and everywhere in between. The popular security researchers Davis Sopas at WebSegura has discovered a Reflected Filename Download vulnerability in the Shopify service. Sopas already sent a security report to Shopify explaining […]

Pierluigi Paganini September 19, 2015
Discovered a Reflected Filename Download flaw in LinkedIn

The Security researcher David Sopas at WebSegura discovered a Reflected Filename Download vulnerability in the popular professional social network LinkedIn. He was analyzing another website when he discovered the following XHR request on Google Inspector on LinkedIn: https://www.linkedin.com/countserv/count/share?url=http://www.site_i_was_in.pt It seems a simple request to make by websites to count how many shares their site have on […]

Pierluigi Paganini April 01, 2015
A researcher discovered two security issues in the GITHUB platform

A security researcher discovered a couple of security issues on GitHub platform explaining how it is possible to exploit them in real attack scenarios. The researcher David Sopas (@dsopas) from Websegura discovered a couple of security issues in the coding website GitHub that were ranked by the company as minor, but that could expose users to cyber attacks. […]

Pierluigi Paganini March 25, 2015
Instagram API could be exploited to serve malicious links

A security researcher has discovered a reflected filename download vulnerability affecting the Instagram API that could be exploited to share malicious links. The security researcher David Sopas from WebSegura has discovered a serious vulnerability in the Instagram API that could be exploited by hackers to post a link to a web resource they manage. By exploiting […]