One click for victims, one huge leap for attackersCSRF (Cross-Site Request Forgery, aka one-click attack) is an attack that tricks a web browser into performing an unwanted action within…Nov 26, 2020Nov 26, 2020
How about injecting some SQL?SQL injection is a web security vulnerability, which permits an attacker to disrupt the queries an application sends to its database. An…Aug 10, 2020Aug 10, 2020
Dot-Dot-Slash And Web App CrashDirectory traversal (or path traversal) is a vulnerability, the exploitation of which enables an attacker to read arbitrary files on an…Jul 13, 20201Jul 13, 20201
Remote code execution or how to get your own server for freeCommand injection is a type of vulnerability that enables an adversary to execute arbitrary OS commands on the server through susceptible…Jun 4, 2020Jun 4, 2020
Hide and seek: How to attack using open access files and directoriesOpen access files and directories stored on an application server are considered one of the most widespread security issues. This is…May 27, 2020May 27, 2020