Categories - Tim Coen - IT Security & Development

Category: security

2019-03-14 ClickAnywhere: An Advanced Clickjacking Script

2019-02-05 Script: Mass-Download WordPress plugins

2019-02-05 Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection, Misc (WordPress Plugin)

2019-02-05 Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin)

2019-02-05 Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin)

More Post >>>

Category: php

2015-07-15 GetSimpleCMS 3.3.5: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc

2015-07-10 ZenPhoto 1.4.8: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution

2015-07-02 WordPress File Upload Plugin 2.7.6: Code Execution, CSRF, XSS, Information Disclosure

2015-06-27 LimeSurvey 2.05+: Persistent XSS

2015-06-27 TinyWebGallery 2.3.2: Reflected XSS

More Post >>>

Category: vulnerability

2019-02-05 Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection, Misc (WordPress Plugin)

2019-02-05 Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin)

2019-02-05 Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin)

2019-02-05 Give 2.3.0 - Reflected XSS (WordPress Plugin)

2019-02-05 WP Live Chat Support 8.0.17 - Reflected XSS (WordPress Plugin)

More Post >>>

Category: java

2015-02-25 Comparison of Java Code Quality Tools

2014-10-19 Java Timing Code: Compare Execution Times of Methods

2014-09-29 Refactoring Deeply Nested if Statements

2014-09-29 Refactoring Simple Boolean Checks in if-Statements

2014-08-17 Bin Packing Algorithm (Java)

More Post >>>

Category: xss

2019-02-05 Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection, Misc (WordPress Plugin)

2019-02-05 Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin)

2019-02-05 Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin)

2019-02-05 Give 2.3.0 - Reflected XSS (WordPress Plugin)

2019-02-05 WP Live Chat Support 8.0.17 - Reflected XSS (WordPress Plugin)

More Post >>>

Category: source-code

2015-02-18 MongoDB: NoSQL Injection & Security

2014-10-19 Java Timing Code: Compare Execution Times of Methods

2014-08-17 Bin Packing Algorithm (Java)

2013-12-14 Java – Image Manipulation

2013-11-23 Missing PHP String Functions: contains, equals, startsWith, endsWith

More Post >>>

Category: code-snipped

2015-03-29 Bypass CSRF Protection via XSS

2015-02-18 MongoDB: NoSQL Injection & Security

2014-10-19 Java Timing Code: Compare Execution Times of Methods

2014-09-29 Refactoring Simple Boolean Checks in if-Statements

2014-08-17 Bin Packing Algorithm (Java)

More Post >>>

Category: web-development

2013-11-23 Missing PHP String Functions: contains, equals, startsWith, endsWith

2012-11-08 Symfony2 Flash Message

2012-10-30 Low Adsense link unit coverage

2012-10-25 WordPress: link image post to parent post

2012-10-22 Talk #4: Moving WordPress to production Server

More Post >>>

Category: javascript

2019-03-14 ClickAnywhere: An Advanced Clickjacking Script

2015-07-15 GetSimpleCMS 3.3.5: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc

2015-07-10 ZenPhoto 1.4.8: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution

2015-07-02 WordPress File Upload Plugin 2.7.6: Code Execution, CSRF, XSS, Information Disclosure

2015-06-27 PivotX 2.3.10: Session Fixation, Reflected XSS, Code Execution

More Post >>>

Category: software

2015-02-25 Comparison of Java Code Quality Tools

2014-10-19 Java Timing Code: Compare Execution Times of Methods

2014-05-03 Comparison of Free UML Tools

2014-04-21 Installing QGIS on LMDE (Linux Mint Debian Edition)

2012-11-05 Domain Name Tools: Name suggestions, Price comparison and more

More Post >>>

Category: download

2013-12-22 Petmory – Pet Memory Game for Android

2012-10-16 WordPress Plugin: Language Tagger and Html Cleaner

2012-09-28 Block Destroyer: A Breakout Game (Java Source Code)

2012-03-12 LogEval – Java Server Log Analyzer and Parser

2012-01-25 Android Snake Game: Source Code and Development

More Post >>>

Category: wordpress

2019-02-05 Script: Mass-Download WordPress plugins

2015-07-02 WordPress File Upload Plugin 2.7.6: Code Execution, CSRF, XSS, Information Disclosure

2015-05-15 SQL Injection & Reflected XSS in Visual Form Builder 2.8.2 (WordPress Plugin)

2015-05-15 Arbitrary File Override & Reflected XSS in My Calendar 2.3.29 (WordPress Plugin)

2015-05-15 Multiple Reflected XSS in Anti-Malware and Brute-Force Security by ELI (WordPress Plugin)

More Post >>>

Category: wordpress-plugin

2019-02-05 Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection, Misc (WordPress Plugin)

2019-02-05 Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin)

2019-02-05 Quiz And Survey Master 6.0.4 - Reflected XSS (WordPress Plugin)

2019-02-05 Give 2.3.0 - Reflected XSS (WordPress Plugin)

2019-02-05 WP Live Chat Support 8.0.17 - Reflected XSS (WordPress Plugin)

More Post >>>

Category: injection

2015-07-15 GetSimpleCMS 3.3.5: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc

2015-07-10 ZenPhoto 1.4.8: Second Order SQL Injection, Reflected XSS, Path Traversal, Function Execution

2015-07-02 WordPress File Upload Plugin 2.7.6: Code Execution, CSRF, XSS, Information Disclosure

2015-06-27 PivotX 2.3.10: Session Fixation, Reflected XSS, Code Execution

2015-06-27 LimeSurvey 2.05+: Persistent XSS

More Post >>>

Category: linux

2014-08-09 Linux Mint: Remove PPA

2014-05-03 Comparison of Free UML Tools

2014-04-27 Linux: Installing Ruby on Rails

2014-04-21 Installing QGIS on LMDE (Linux Mint Debian Edition)

2013-12-22 Linux command line Image Manipulation for Android Developers

More Post >>>

Category: game

2013-12-22 Petmory – Pet Memory Game for Android

2012-09-28 Block Destroyer: A Breakout Game (Java Source Code)

2012-01-25 Android Snake Game: Source Code and Development

2012-01-24 Mill – the board game – including an AI using Alpha-beta pruning (Java)

2012-01-22 Java Swing: Snake with different Guis

More Post >>>

Category: privatly-developed

2012-09-28 Block Destroyer: A Breakout Game (Java Source Code)

2012-03-12 LogEval – Java Server Log Analyzer and Parser

2012-01-25 Android Snake Game: Source Code and Development

2012-01-22 Java Swing: Snake with different Guis

2012-01-11 Java Heatmap (Example Code)

More Post >>>

Category: tutorial

2012-10-04 Symfony2 Tutorial: Storing Data – Doctrine, Entities, Sql

2012-07-29 Symfony2 Tutorial: User Submissions – Controller, Forms, E-Mails

2012-06-27 Symfony2 Tutorial: The first static Page – Routing, Templates, Twig

2012-06-23 Symfony2 Tutorial: Netbeans and Symfony2 – Setting everything up

2012-06-21 Symfony2 Tutorial for Beginners

More Post >>>

Category: csrf

2019-02-05 Contact Form Email 7.10.41 - Reflected XSS & CSRF (WordPress Plugin)

2018-06-27 TP-Link TL-WR841N v13: CSRF (CVE-2018-12574)

2015-07-15 GetSimpleCMS 3.3.5: XSS, Code Execution, DOS, Password Leak, Weak Authentication, Misc

2015-07-02 WordPress File Upload Plugin 2.7.6: Code Execution, CSRF, XSS, Information Disclosure

2015-06-05 Beehive Forum 1.4.5: Multiple XSS and CSRF

More Post >>>

Category: symfony2

2012-11-08 Symfony2 Flash Message

2012-10-04 Symfony2 Tutorial: Storing Data – Doctrine, Entities, Sql

2012-07-29 Symfony2 Tutorial: User Submissions – Controller, Forms, E-Mails

2012-06-27 Symfony2 Tutorial: The first static Page – Routing, Templates, Twig

2012-06-23 Symfony2 Tutorial: Netbeans and Symfony2 – Setting everything up

More Post >>>

Category: ide

2015-02-25 Comparison of Java Code Quality Tools

2012-10-28 Netbeans: PHP autocomplete

2012-06-23 Symfony2 Tutorial: Netbeans and Symfony2 – Setting everything up

2012-02-03 When and How to improve Java performance

2012-01-27 Netbeans vs Eclipse: An IDE comparison

Category: algorithm

2014-08-17 Bin Packing Algorithm (Java)

2012-01-24 Mill – the board game – including an AI using Alpha-beta pruning (Java)

2012-01-16 Connect4 with Java AI

2012-01-11 Path finding using A Star Algorithm: Java Example

Category: android

2013-12-22 Linux command line Image Manipulation for Android Developers

2013-12-22 Petmory – Pet Memory Game for Android

2012-09-28 Block Destroyer: A Breakout Game (Java Source Code)

2012-01-25 Android Snake Game: Source Code and Development

Category: apache

2015-02-25 Mod_Security Bypass Login (CRS, SQL Injection)

2012-10-05 Talk #1: Reuse Apache rules in multiple directories or websites

2012-03-12 LogEval – Java Server Log Analyzer and Parser

2012-01-30 Using SVN Apache Subversion command line tool

Category: router

2018-06-27 TP-Link TL-WR841N v13: CSRF (CVE-2018-12574)

2018-06-27 TP-Link TL-WR841N v13: Authenticated Blind Command Injection (CVE-2018-12577)

2018-06-27 TP-Link TL-WR841N v13: Broken Authentication (CVE-2018-12575)

2018-06-27 TP-Link TL-WR841N v13: Clickjacking (CVE-2018-12576), Missing HTTPS

Category: talk

2012-10-22 Talk #4: Moving WordPress to production Server

2012-10-19 Talk #3: PHP – Comma Separated List from Array

2012-10-13 Talk #2: Twig: Comma separated list

2012-10-05 Talk #1: Reuse Apache rules in multiple directories or websites

Category: uncategorized

2015-02-25 Comparison of Java Code Quality Tools

2014-11-26 Reflected XSS in WordPress Contact Form DB Plugin

2012-10-12 Server Change

2012-01-10 Welcome

Category: design-pattern

2012-02-15 Java Function Passing

2012-01-25 Android Snake Game: Source Code and Development

2012-01-22 Java Swing: Snake with different Guis

Category: lmde

2014-08-09 Linux Mint: Remove PPA

2014-04-27 Linux: Installing Ruby on Rails

2014-04-21 Installing QGIS on LMDE (Linux Mint Debian Edition)

Category: authentication

2018-06-27 TP-Link TL-WR841N v13: Broken Authentication (CVE-2018-12575)

2018-06-27 TP-Link TL-WR841N v13: Clickjacking (CVE-2018-12576), Missing HTTPS

Category: book-review

2012-10-02 Book Review: Effective Java

2012-09-30 Programming Book Recommendations

Category: books-on-java

2012-10-02 Book Review: Effective Java

2012-09-30 Programming Book Recommendations

Category: boolean-logic

2014-09-29 Refactoring Deeply Nested if Statements

2014-09-29 Refactoring Simple Boolean Checks in if-Statements

Category: developed-at-university

2012-01-24 Mill – the board game – including an AI using Alpha-beta pruning (Java)

2012-01-16 Connect4 with Java AI

Category: if-statement

2014-09-29 Refactoring Deeply Nested if Statements

2014-09-29 Refactoring Simple Boolean Checks in if-Statements

Category: image-manipulation

2013-12-22 Linux command line Image Manipulation for Android Developers

2013-12-14 Java – Image Manipulation

Category: refactoring

2014-09-29 Refactoring Deeply Nested if Statements

2014-09-29 Refactoring Simple Boolean Checks in if-Statements

Category: adsense

2012-10-30 Low Adsense link unit coverage

Category: clickjacking

2019-03-14 ClickAnywhere: An Advanced Clickjacking Script

Category: code-execution

2018-06-27 TP-Link TL-WR841N v13: Authenticated Blind Command Injection (CVE-2018-12577)

Category: command-injection

2018-06-27 TP-Link TL-WR841N v13: Authenticated Blind Command Injection (CVE-2018-12577)

Category: exploit

2019-03-14 ClickAnywhere: An Advanced Clickjacking Script

Category: https

2018-06-27 TP-Link TL-WR841N v13: Clickjacking (CVE-2018-12576), Missing HTTPS

Category: nosql

2015-02-18 MongoDB: NoSQL Injection & Security

Category: plugins

2019-02-05 Script: Mass-Download WordPress plugins

Category: qampa

2012-10-03 Q&A #1: Java performance of static variable

Category: qgis

2014-04-21 Installing QGIS on LMDE (Linux Mint Debian Edition)

Category: ruby

2014-04-27 Linux: Installing Ruby on Rails

Category: ruby-on-rails

2014-04-27 Linux: Installing Ruby on Rails

Category: source-code-analysis

2019-02-05 Script: Mass-Download WordPress plugins

Category: sql-injection

2019-02-05 Forminator 1.5.4 - Unauthenticated Persistent XSS, Blind SQL Injection, Misc (WordPress Plugin)

Category: version-control

2012-01-30 Using SVN Apache Subversion command line tool