Klikki
contact
email
social media
language
✓ English
Suomi
×
Klikki Oy | Contact us
CEO, Jyväskylä:
Jouko Pynnönen
-email:
[email protected]
-PGP:
key
Helsinki:
Mikko Pynnönen
Advertising:
[email protected]
×
Klikki Oy | Social media
Google+
Facebook
Twitter
Follow @klikkioy
HackerOne
jouko
Klikki Zero-day Research
Advisories about security vulnerabilities
Google Forms SSRF
Lazy Load stored XSS
Formidable Forms vulnerabilities
WP Engine security issues
BTTV stored XSS
Yahoo Mail stored XSS #2
PageLines Platform 1.1.4 CSRF
W3 Total Cache SSRF
Fluid Responsive Slideshow CSRF
All-in-one Event Calendar stored XSS + SQL injection
MainWP < 3.1.3 unauthenticated config + stored XSS
Yahoo Mail stored XSS
WordPress < 4.2.3 stored XSS
Unity Web Player cross-domain policy bypass
Wordpress 4.2 stored XSS
Adobe Flash: "double free" and cross domain bypass
Safari iOS/OS X/Windows cookie vulnerability
Google Analytics by Yoast stored XSS
WPML (sitepress-multilingual-cms) SQL injection etc.
WordPress 3 persistent script injection
Facebook script injection vulnerabilities
Facebook Silverlight persistent XSS
Details of Lotus Notes Java vulnerabilities
Sun Java Web Start argument injection vulnerability
Sun Java Plugin arbitrary package access vulnerability
Lotus Notes URL argument injection vulnerability
Windows zone spoofing with encoded URLs
Microsoft Help and Support Center argument injection vulnerability
Outlook mailto: URL vulnerability
Directory traversal in RealPlayer RMP files
Opera skin file directory traversal and buffer overflow
Solaris ld.so.1 buffer overflow
URLMON.DLL buffer overflow details
Off-site
Windows Media Player directory traversal
Microsoft Java vulnerabilities
Netscape Java buffer overflow
Internet Explorer cookie access vulnerability
Linux glibc locale format string vulnerability
KTH Kerberos IV various vulnerabilities
PHP format string vulnerability
UNIX ncurses library buffer overflow
Linux klogd format string vulnerability
UNIX screen(1) format string vulnerability
IMP SQL injection vulnerability
vBulletin remote code execution
Apache Tomcat 3 directory & file disclosure
Internet Explorer automatical downloading and running programs ("%00 bug")
Solaris libsldap buffer overflow
Squid proxy FTP buffer overflow
In the news
ZDNet: Multiple Facebook vulnerabilities reported on Full-Disclosure
Digitoday: Xss-haavoittuvuus avaa oven Facebook-madolle (In Finnish)
silicon.com: Windows and Linux exposed by Java flaw
New Scientist: Java bug could hit PC operating systems
BBC: Microsoft warns of Outlook flaw
ComputerWeekly: MS Outlook hole is more serious than first thought
SearchSecurity: Microsoft upgrades Outlook flaw to critical
Enterprise Systems: New Breed of Attack Targets Microsoft Outlook XP Users
PC World: Opera Patches Browser Flaws
SecurityFocus: Gopher attacks are latest IE security threat
CNN: IE hole could be used to open "back door"
Computer User / Newsbytes: Microsoft to plug devastating download hole
BBC:Microsoft closes browser holes
News.com: Microsoft rushes to close IE security hole
VNUNet: Java flaws burn Internet Explorer