Bugs Disclosures



Disclosed:

Sys Type Date
buupass.com Source code exposure Feb, 2020
telkompostpaid.pesapal.com Source code exposure Feb, 2020
kcb2jiajiri.com Source code exposure Feb, 2020
Cpmini.strathmore.edu Source code exposure Feb, 2020
digitika.kiambu.go.ke Flawed access control Feb, 2020
county-pro.kisumu.go.ke Flawed access control Feb, 2020
online.strathmore.edu Source code exposure Feb, 2020
www.grocerypik.com Source code exposure Jan, 2020
www.is.co.ke Source code exposure Dec, 2019
quicksms.advantasms.com SQLi Dec, 2019
Qwetu.co.ke Source code exposure Nov, 2019
quicksms.advantasms.com Source code exposure Nov, 2019
kcbgroup.com XSS April, 2019
mku.ac.ke SQLi April, 2019

Check out our [Online System Vulnerability Scanner] New!

Give us a Call today - Pentest/Harden/Secure your system(s) in the face of evolving online threats

HTTP requests smuggling Web cache poisoning Business logic Web cache deception Access control CRLF CSRF XSS SQLi Command injection RCE Authentication & session management Security misconfiguation Insecure deserialization Sensitive data exposure XXE Usage of vulnerable components/ software Requests misrouting HTTP methods Open redirects LFI Directory listing