Category

CVE

CVE In 5 mins – Hands on Guide

By CVENo Comments

Hello Guys, this blog post is to share my experience about my recent talk on “CVE in 5mins” at Null Bhopal. In this talk, I have tried to break the myth associated with CVE. I used to wonder how to get a CVE? There is always a “WoW” factory associated with it. In this blog, I am going to explain how easy it is to get CVE and get it registered under your name. This blog is based on my personal experience. One day while surfing Twitter, I saw a post on someone posting about a CVE they received. I started looking for a product where I could try hunting such that I could get a CVE for me. On twitter I saw someone posting about Dolibarr CRM. I gave a shot to this and started testing with a simple XSS payload. To my luck I was able to find 4 XSS’s within an hour and thus registered 4 CVE under my name.  At the end of this blog, I did write some of my personal tricks which could be very useful for obtaining a CVE Number.

Read More