OWASP

Total 11 Posts

Description If a user is redirected or forwarded to a page defined by an unverified…
Lire la suite


2 min read

29 janv. 2014

Description Known software vulnerabilities are available to everyone on the Internet. If an attacker knows…
Lire la suite


3 min read

28 janv. 2014

Description An attacker sends a request to a website you are authenticated on to execute…
Lire la suite


4 min read

14 janv. 2014

Description In a web application with different user roles, authentication is not enough. Each request…
Lire la suite


4 min read

09 déc. 2013

Description We have seen in the previous articles that an experienced attacker can easily intercept…
Lire la suite


5 min read

18 nov. 2013

Description Nowadays, besides the operating system and the JRE, most of the Java applications are…
Lire la suite


7 min read

14 nov. 2013

Description The application exposes a direct reference (functional identifier, database key, file path…) to a…
Lire la suite


2 min read

04 nov. 2013

Description Cross-Site Scripting is a specific consequence of an injection attack. The goal is to…
Lire la suite


4 min read

28 oct. 2013

Description The attacker steals his victim’s credentials or any information that will help him…
Lire la suite


11 min read

21 oct. 2013

Description The attacker sends untrusted data that will be injected in the targeted application to…
Lire la suite


5 min read

11 oct. 2013

When starting a new web application, the security risks are sadly often underestimated by everyone…
Lire la suite


2 min read

10 oct. 2013