Tagged Questions
23
votes
6answers
1k views
Is there a difference between GET and POST for web application security?
I have 2 choices in sending data between 2 web applications.
I encode the data in Base64 and append to the URL and retrieve these parameters at my destination application and decode the parameters.
...
5
votes
3answers
1k views
Is it possible to inject HTML into image to provoke XSS?
Some answers mention that it's possible to inject attacker-controlled HTML into images and therefore provoke XSS.
I guess that this HTML will be processed by browser only if hole exists in browser. ...
5
votes
3answers
1k views
Where can I find exploit code?
I am doing VA/PT on a sample web application. I run the nessus scanner and I found some high severity problems. It is related to HP System Management Homepage. The CVE numbers are:
2010-1917,
...
4
votes
2answers
207 views
Does anyone know about how LinkedIn was compromised?
I know some super basic stuff about website security (e.g. using HTTPS, escaping user input), but hearing about high profile sites getting compromised makes me wonder in what way they were broken ...
4
votes
1answer
232 views
How do I check the code of a Chrome extension to make sure it's not stealing my info?
I've been reading more and more about just how much access browser extensions can have to your data. This is a little unsettling, so I'm curious if there is a way to Vet these extensions and make sure ...
3
votes
3answers
3k views
How can I use this path bypass/exploit Local File Inclusion?
I have tried to run a vulnerability scanning script (Uniscan 6.0) on some websites and then I found a site which is exploitable with this following path. (included a word "invalid" , params/website ...
3
votes
1answer
167 views
How did the Tumblr worm spread?
Recently Tumblr was hit by a fast-spreading worm.
How did the worm work? What was the vulnerability in Tumblr that it exploired? Did it exploit a XSS vulnerability in Tumblr? A CSRF vulnerability ...
2
votes
1answer
87 views
Is it safe to invoke PHP GD functions if you don't know whether file is a valid image?
There is image upload function in web application. After image is uploaded, it's resized using functions from PHP GD like imagecopyresampled and others. Before invocation of PHP GD's functions there ...
1
vote
2answers
174 views
DVWA vulnerability list or guide?
Is there a list of vulnerabilities for DVWA, I cannot seem to find a vulnerability list or guide.
By guide I mean an exhaustive list of vulnerabilities to work through.
1
vote
1answer
217 views
Lots of 'unidentified exploits' detected with w3af
I've been running some scans across a few different networks and on certain sites I will get a flag about an unidentified exploit in the log. When I review what the exploit is, most of the time its a ...
0
votes
2answers
139 views
how to bypass “header” in php
While reading an article I encounter an interesting thing I did not know about:
if(!isset($_SESSION['usr_id']) || !isset($_SESSION['usr_name']))
{
header('Location: index.php');
}
...Which ...
