Description If a user is redirected or forwarded to a page defined by an unverified…
Lire la suite
2 min read
29 Jan 2014
Description Known software vulnerabilities are available to everyone on the Internet. If an attacker knows…
Lire la suite
3 min read
28 Jan 2014
Description An attacker sends a request to a website you are authenticated on to execute…
Lire la suite
4 min read
14 Jan 2014
Description In a web application with different user roles, authentication is not enough. Each request…
Lire la suite
4 min read
09 Dec 2013
Description We have seen in the previous articles that an experienced attacker can easily intercept…
Lire la suite
5 min read
18 Nov 2013
Description Nowadays, besides the operating system and the JRE, most of the Java applications are…
Lire la suite
7 min read
14 Nov 2013
Description The application exposes a direct reference (functional identifier, database key, file path…) to a…
Lire la suite
2 min read
04 Nov 2013
Description Cross-Site Scripting is a specific consequence of an injection attack. The goal is to…
Lire la suite
4 min read
28 Oct 2013
Description The attacker steals his victim’s credentials or any information that will help him…
Lire la suite
11 min read
21 Oct 2013
Description The attacker sends untrusted data that will be injected in the targeted application to…
Lire la suite
5 min read
11 Oct 2013
When starting a new web application, the security risks are sadly often underestimated by everyone…
Lire la suite
2 min read
10 Oct 2013