SQL Injection -Using Burp Suite
28793
08/10/2018
SQL injection is an attack when an attacker persuades to “inject” his harmful/malicious SQL code into someone else’s database, and force that database to run his SQL
Read More
Command Execution Attacks on Apache Struts server CVE-2017-5638
10889
06/10/2018
Apache Struts is a free, open-source, MVC framework for creating elegant and modern Java web applications.
Read More
Cross Site Port Attack XSPA
10721
06/10/2018
A web application is helpless against Cross Site Port Attack if it forms client provided URL’s and does not disinfect the backend reaction obtained from remote servers previously while sending it back to the client.
Read More
CWE-79 Improper Neutralization Of Input During Web Page Generation Cross-Site Scripting
11784
03/10/2018
Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications.
Read More
CWE-78 Improper Neutralization Of Special Elements Used In An OS Command Injection
5832
03/10/2018
OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.
Read More
Host Header Attack
43652
03/10/2018
Most commonly many web servers are configured in such a way, to hosts several websites or web applications on the same IP address. That’s why the Host Header Injection occurs.
Read More