error-handling – WindowsTechs.com

Explanation of CME and CMS meaning in GSM [closed]

Posted on October 31, 2024 by Useb

What do the abbreviations CME and CMS mean in GSM?
I know that the CME errors are equipment related errors and CMS errors are network related, but I’m not sure if this is true as I don’t know what those abbreviations really mean and I coul… Continue reading Explanation of CME and CMS meaning in GSM [closed]→

Should an HTTP error 500 triggered by an XSS payload be reported as a potential vulnerability?

Posted on July 25, 2024 by security_paranoid

So, long story short, I was using an automated vulnerability scanner on a website (bounty hunting is allowed and encouraged,) and it works by injecting payloads in forms and URLs etc., to trigger responses that might indicate SQLi, XSS, CS… Continue reading Should an HTTP error 500 triggered by an XSS payload be reported as a potential vulnerability?→

j_spring_security_check – Stack trace Error [closed]

Posted on March 15, 2024 by infosec_learner

When logging in to the application, on providing incorrect creds the application shows j_spring_security_check – Stack Trace Error.
Is it a security vulnerability or not? as it helps an attacker to get an idea of the backend stack and narr… Continue reading j_spring_security_check – Stack trace Error [closed]→

VAPI on Kali Linux on VMWare [migrated]

Posted on June 14, 2023 by blackblossom

I am trying to install Vapi for a lab, and I am getting this error. Installed docker and tried some pages to troubleshoot it. Don’t work.
sudo docker-compose up -d
WARNING: The APP_NAME variable is not set. Defaulting to a blank string.
WA… Continue reading VAPI on Kali Linux on VMWare [migrated]→

How To Find Windows 10 Stop Codes and Fix Errors Quickly

Posted on February 6, 2023 by Michael Reinders

Windows 10 doesn’t reliably give you easy access to stop… Continue reading How To Find Windows 10 Stop Codes and Fix Errors Quickly→

Error Handling With PowerShell Try Catch Blocks

Posted on August 5, 2022 by Adam Bertram

Windows PowerShell has a robust error handling capability with PowerShell… Continue reading Error Handling With PowerShell Try Catch Blocks→

Accidentally locked an XSS vulnerable input

Posted on August 2, 2022 by Krysslk

On https://ais.osym.gov.tr/ I saw an XSS vulnerable input. I tried some payloads without malicious intent which only contained alerts or console logs. The code img \x00src=x onerror=alert(1) worked.

Now the problem is whenever I try to re… Continue reading Accidentally locked an XSS vulnerable input→

What’s wrong with toggling detailed IIS errors for production?

Posted on February 17, 2022 by Robert Palmer

What is the danger of setting IIS errorMode to detailed in webconfig? It helps me marginally with sanity checks on production, but it seems like it wouldn’t really help a bad actor much. I’d like to set production to detailed errors, but… Continue reading What’s wrong with toggling detailed IIS errors for production?→

Error code prefixes specific to specific micro services a vulnerability?

Posted on July 7, 2021 by visc

If your microservice architecture responds with error codes revealing which microservice had an error, doesn’t this reveal to the caller information on how your microservice architecture is designed?
Caller -> Service A -> Service B … Continue reading Error code prefixes specific to specific micro services a vulnerability?→

Should I hide the difference between Not Found error and Access Denied error in my API?

Posted on July 7, 2021 by Ilya Chernomordik

I have a system that has different entities stored in the database with an integer Id as a primary key. There are different scenarios for queries that cannot be processed:

Get entity by id [Entity does not exist in the database]
Get entit… Continue reading Should I hide the difference between Not Found error and Access Denied error in my API?→