owasp

Total 11 Posts

Description If a user is redirected or forwarded to a page defined by an unverified…
Lire la suite


29 Jan 2014

Description Known software vulnerabilities are available to everyone on the Internet. If an attacker knows…
Lire la suite


28 Jan 2014

Description An attacker sends a request to a website you are authenticated on to execute…
Lire la suite


14 Jan 2014

Description In a web application with different user roles, authentication is not enough. Each request…
Lire la suite


09 Dec 2013

Description We have seen in the previous articles that an experienced attacker can easily intercept…
Lire la suite


18 Nov 2013

Description Nowadays, besides the operating system and the JRE, most of the Java applications are…
Lire la suite


14 Nov 2013

Description The application exposes a direct reference (functional identifier, database key, file path…) to a…
Lire la suite


04 Nov 2013

Description Cross-Site Scripting is a specific consequence of an injection attack. The goal is to…
Lire la suite


28 Oct 2013

Description The attacker steals his victim’s credentials or any information that will help him…
Lire la suite


21 Oct 2013

Description The attacker sends untrusted data that will be injected in the targeted application to…
Lire la suite


11 Oct 2013

When starting a new web application, the security risks are sadly often underestimated by everyone…
Lire la suite


10 Oct 2013