Sql injection Attacks & Defense
SQL injection is through the SQL command into the Web form submit or enter the domain name query string or page request, and ultimately to deceive the server to execute...
Tagged: web app
Nikto v2.5 releases – WebAPP Penetration Testing Tool
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of...
Metasploitable3: Exploiting Axis2 vulerability
Introduction Apache Axis2™ is a Web Services / SOAP / WSDL engine, the successor to the widely used Apache Axis SOAP stack. There are two implementations of the Apache Axis2...
WordPress <= 4.6.1 RCE via specially crafted .mo language file
Vulnerability Impact Arbitrary code execution with the following two conditions: An attacker can upload your own configuration language file, or the file containing the language themes, plug-ins folder Website attacker...
Cross Site Request Forgery [CSRF-XSRF] Vulnerability
Cross-site request forgery [CSRF], also known as one-click attack or session riding or Sea-Surf and abbreviated as CSRF or XSRF, is a type of malicious attack exploit of a website...
