What to consider for determining something as a security flaw?

Recently, I have found an iframe injection vulnerability on this website. This website allows users to create projects and naming them. So I injected an iframe on the naming function that can redirect the user to a malicious website. But I don’t know if the projects’ name are visible to other users or to the administrators, so I don’t know if this is a vulnerability. I will be very grateful if you can answer my question. Thanks a lot.

Netcat on Debian Security advice please nc -(dknl) [closed]

This is with regards to a Netcat based script running on a Debian based distribution, specifically the Proxmox hypervisor (see here if unknown https://en.wikipedia.org/wiki/Proxmox_Virtual_Environment)

I would need to run a script to start a Virtual Machine from a remote PC within the network. The script running on this Proxmox (Debian) distribution is as follows:

**nc -dknl -p 9 -u |**  stdbuf -o0 xxd -c 6 -p | stdbuf -o0 uniq | stdbuf -o0 grep -v 'ffffffffffff' | while read ; do MAC=$  {REPLY:0:2}:$  {REPLY:2:2}:$  {REPLY:4:2}:$  {REPLY:6:2}:$  {REPLY:8:2}:$  {REPLY:10:2}; echo Received Address: $  MAC if [ "$  MAC" == "0c:d2:92:48:68:9b" ] then echo STARTING VM! qm start 101   # Proxmox Command to start Virtual machine. fi done 

Could the Debian running above script be exploited, as Netcat listens on Port 9 UDP (it could of course listen to another port as well if I change that)? Naturally, anyone in the network could start a VM, but is there another risk?

Security of service requests on a public Wifi

I’m currently rebuilding my network infrastructure and am planning to make my NAS available trough an OpenVPN server running on my router for “outside” use (no port forwarding: NAS in private LAN, available trough the VPN).

Now I was wondering about a certain scenario: let’s say, I have mapped some of the NAS’s drives as network drives via SMB/CIFS in Windows on my laptop (using the local IP address of the NAS in the LAN) or have a proprietary software of the NAS’s manufacturer trying to connect to a certain service on a dedicated port.

If I were to take this notebook to an unsecured, public wifi- would this expose the local LAN IP’s and/or ports in the CIFS request or the connection request coming from the proprietary software until I’m connected to my VPN (i.e. in the very moment, I’m connecting to the wifi until the VPN tunnel is up)? Does this depend on the way such a request is implemented in the software?

Data security while MacBook is on lock screen

I’ve recently sent my MacBook (running on Catalina) to repair by a licensed Apple service provider. The whole thing was simple (replacing one key cap) and took about 5 minutes or so. But I forgot to shut down the MacBook and only put it on lock screen. I have FileVault enabled.

Is it possible for my data to be breached in that scenario? My understanding is that FileVault only protects your data by requiring you to enter your login password when you start up the drive. It sounds like once you have logged into the computer (even if it is now on lock screen), the data is decrypted and vulnerable to unauthorized access?

Thanks in advance!

Desktop Application Security [on hold]

I’m developing a Hospital Information System using Java. However it’s a Desktop Application and not sure how to make it as secure as possible. Focussing particularly on data privacy and availability of the app.

I’ve looked at the Java Secure Coding guidelines https://www.oracle.com/technetwork/java/seccodeguide-139067.html , but not sure they’re within the scope of my project.

Any help would be much appreciated, Thanks.

Should user input be validated/checked for it’s length in PHP (server side) as a security measure?

important to note that this user input is something that after validation & sanitation – will be inserted into a database, and later on be shown to other users on the same web site. (example: a forum) I’m referring to both a case when I know in advanced what’s the length I should expect from the user and a case in which I don’t but know vaguely that’s not more than 100 length. I’m trying to figure out if there is any security advantages for checking user input length in PHP. taking into account I’m already validation & sanitation user input based on the type of content I’m expecting using regex. I know this differs from language to language to I want to refer to PHP this time, but any referring to other language like Java, .NET, python etc. would be fine.

Need to understand the security flaw?

I am creating a database of encrypted value.


Let us say I store “John” which would be encrypted and stored as “Yoky”.

John | Yoky 

Now I store “Johnny” which would be encrypted and store as “Koaddy”

John   | Yoky  Johnny | Koaddy 

Now with the above storage I will not get any kind of regex search functionality. If I wanted to search “Jo%” it will not work.

But what if I store the values after breaking them. as

Jo      |   Yoky , Koaddy Joh     |   Yoky , Koaddy John    |   Yoky , Koaddy Johnn   |   Koaddy Johnny  |   Koaddy 

Here the regex searches will work “Jo%”,”Joh%” both will give Yoky and Koaddy, which is what I want.

I can see the obvious security flaw above that anyone can map out Jo,Joh.

So I have decided to store the encryption of these.


I will AES encrypt my stubs and store them.

qkjklewr!j==      |   Yoky , Koaddy klkadsopos==      |   Yoky , Koaddy oensd%21op==      |   Yoky , Koaddy kaknvp23b02==     |   Koaddy kashdi2094j==     |   Koaddy 

While performing any type of search say, “Joh”, I will first encrypt “Joh” then perform the search, therefore it will map to the AES encrypted value of “Joh”,i.e,klkadsopos==


Note : Both the column will use different keys and algorithms to protect the data.


Note : This storage will be TDE encrypted. HDFS will be encrypted and I will be using Apache Solr for the rest.

I need to understand if I am missing something fundamental here.

Need to understand the security flaw?

I am creating a database of encrypted value.


Let us say I store “John” which would be encrypted and stored as “Yoky”.

John | Yoky 

Now I store “Johnny” which would be encrypted and store as “Koaddy”

John   | Yoky  Johnny | Koaddy 

Now with the above storage I will not get any kind of regex search functionality. If I wanted to search “Jo%” it will not work.

But what if I store the values after breaking them. as

Jo      |   Yoky , Koaddy Joh     |   Yoky , Koaddy John    |   Yoky , Koaddy Johnn   |   Koaddy Johnny  |   Koaddy 

Here the regex searches will work “Jo%”,”Joh%” both will give Yoky and Koaddy, which is what I want.

I can see the obvious security flaw above that anyone can map out Jo,Joh.

So I have decided to store the encryption of these.


I will AES encrypt my stubs and store them.

qkjklewr!j==      |   Yoky , Koaddy klkadsopos==      |   Yoky , Koaddy oensd%21op==      |   Yoky , Koaddy kaknvp23b02==     |   Koaddy kashdi2094j==     |   Koaddy 

While performing any type of search say, “Joh”, I will first encrypt “Joh” then perform the search, therefore it will map to the AES encrypted value of “Joh”,i.e,klkadsopos==


Note : Both the column will use different keys and algorithms to protect the data.


Note : This storage will be TDE encrypted.

I need to understand if I am missing something fundamental here.