Nirmal Kirubakaran - eBay | LinkedIn (original) (raw)
About
Web application security testing/ Web application Vulnerability Assessments.
Can…
Activity
829 followers
Experience & Education
eBay
View Nirmal’s full experience
See their title, tenure and more.
Licenses & Certifications
Nexpose Certified Administrator
Rapid7
IBM Certified Deployment Professional - Security AppScan Standard Edition v8.7
IBM
Issued Sep 2014
Credential ID Testing ID: IBM000054215
QUALYSGUARD VULNERABILITY MANAGEMENT
Qualys
CCNA
Cisco
Issued Dec 2010 Expires Dec 2013
Projects
Honors & Awards
CVE-2020-15400 (CakePHP Framework)
-
Jun 2020
CVE-2020-15400 : CakePHP Framework before 4.0.6 mishandles CSRF token generation.
Reference: https://bakery.cakephp.org/2020/04/18/cakephp\_406\_released.html
CVE-2019-17184 (Xerox)
-
Oct 2019
CVE-2019-17184 : Privilege Escalation Vulnerability on Xerox printers allows an attacker to gain admin level access. Critical write operations, including disabling of user data encryption can be performed by the attacker.
Reference: https://securitydocs.business.xerox.com/wp-content/uploads/2019/09/cert\_Security\_Mini\_Bulletin\_XRX19V\_for\_AltaLinkB80xx-C80xx-1.pdf
CVE 2018-12592 (Polycom)
-
Jun 2018
CVE-2018-12592 : Polycom RealPresence Web Suite before 2.2.0 transmits end user's video for few seconds when the user has explicitly chose to turn off the video using a specific flow.
Reference: https://support.polycom.com/content/dam/polycom-support/global/documentation/security-advisory-vulnerability-polycom-realpresence-web-suite.pdf
CVE 2017-14379 (RSA)
-
Nov 2017
CVE-2017-14379 : RSA Authentication Manager Input Validation Flaw in Security Console Lets Remote Users Conduct Cross-Site Scripting Attacks
Reference: https://securitytracker.com/id/1039853
CVE 2016-0031 (Microsoft)
-
Jan 2016
CVE-2016-0031 : Microsoft Exchange Server is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Microsoft Exchange Server 2016 is vulnerable.
Reference: https://docs.microsoft.com/en-us/security-updates/acknowledgments/2016/acknowledgments2016
CVE 2015-0774 (CISCO)
-
CVE-2015-0774 : Cross-site scripting (XSS) vulnerability in Cisco Application and Content Networking System (ACNS) 5.5(9) allows remote attackers to inject arbitrary web script or HTML via a crafted URL
Reference: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150609-CVE-2015-0774
Microsoft Bounty Hunters: The Honor Roll
Microsoft
Submitted a qualifying vulnerability to Microsoft as part of the Microsoft Security Response Center (MSRC) Bounty Program.
Listed in The Honor Roll of Microsoft
Reference: https://drive.google.com/file/d/1gLF4bsmZV43x2udJsTfpvLGUyhofMODs/view
Security Researcher Acknowledgment for Microsoft Online Services
Microsoft
Reference: https://www.microsoft.com/en-us/msrc/researcher-acknowledgments-online-services-archive?rtc=1 (January 2016, November 2016)
eBay Security Research Acknowledgement (Hall of Fame/ Bug Bounty)
-
Reference: http://ebay.com/securitycenter/ResearchersAcknowledgement.html
Other similar profiles
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.