Neal Poole

  • Home
  • About
  • Contact
  • Responsible Disclosure
  • Twitter
  • RSS Feed

Archives

Wed 26 June 2013
Bitbucket: User Information Disclosure via JSONP
Sun 23 June 2013
Code Execution via YAML in JS-YAML Node.js Module
Tue 04 June 2013
CSRF Token Disclosure in Coinbase

  • About Me

    My name is Neal Poole. I'm interested in web application security. I'm a Security Engineer on the Product Security team at Facebook. My posts are my own and do not necessarily reflect the views and opinions of my employer.

  • Categories

    • General Musings
    • Rants & Raves
    • Tips & Tricks
    • Vulnerability Writeups

  • Tags

    0x000006bb Facebook Flash HP Officejet MySQL Oracle Oracle October 2011 CPU PHP Plupload SVN USB Wordpress addons.mozilla.org arbitrary code execution arbitrary precision clickjacking code execution coinbase csrf directory traversal ebay file upload firefox google google apps google code google ejabat google visualization google vulnerability reward program hackathon iconv java java applet jsonp nginx node programming reddit security ssh textpattern web application security xss yaml yandex

  • Archives

    • July 2013 (3)
    • June 2013 (3)
    • April 2013 (2)
    • March 2013 (3)
    • January 2013 (1)
    • May 2012 (1)
    • April 2012 (1)
    • March 2012 (1)
    • October 2011 (3)
    • August 2011 (4)
    • May 2011 (1)
    • April 2011 (4)
    • March 2011 (3)
    • February 2011 (5)
    • January 2011 (3)
    • December 2010 (6)
    • November 2010 (4)
    • August 2010 (5)
    • July 2010 (6)
    • June 2010 (4)
© Neal Poole. Proudly powered by Pelican, which takes great advantage of Python. Theme based on Pyrmont V2.