Description
If a user is redirected or forwarded to a page defined by an unverified…
Lire la suite
2 min read
29 janv. 2014
Description
Known software vulnerabilities are available to everyone on the Internet. If an
attacker knows…
Lire la suite
3 min read
28 janv. 2014
Description
An attacker sends a request to a website you are authenticated on to execute…
Lire la suite
4 min read
14 janv. 2014
Description
In a web application with different user roles, authentication is not enough.
Each request…
Lire la suite
4 min read
09 déc. 2013
Description
We have seen in the previous articles that an experienced attacker can easily
intercept…
Lire la suite
5 min read
18 nov. 2013
Description
Nowadays, besides the operating system and the JRE, most of the Java
applications are…
Lire la suite
7 min read
14 nov. 2013
Description
The application exposes a direct reference (functional identifier, database key,
file path…) to a…
Lire la suite
2 min read
04 nov. 2013
Description
Cross-Site Scripting is a specific consequence of an injection attack. The goal
is to…
Lire la suite
4 min read
28 oct. 2013
Description
The attacker steals his victim’s credentials or any information that will help
him…
Lire la suite
11 min read
21 oct. 2013
Description
The attacker sends untrusted data that will be injected in the targeted
application to…
Lire la suite
5 min read
11 oct. 2013
When starting a new web application, the security risks are sadly often
underestimated by everyone…
Lire la suite
2 min read
10 oct. 2013
