News & Articles

Our articles and guides on how to protect your startup from cybercriminals

Read about all the security issues that we find during our automated security reviews, and how to solve them.

Latest Articles

All
ISO 27001
All
SOC 2
All
Vulnerabilities
All
Mitigations

Remote Code Execution - CVE-2012-1823

The Remote Code Execution vulnerability identified as CVE-2012-1823 poses a significant security risk to web applications. This vulnerability allows an attacker to execute arbitrary code on a vulnerable server, potentially leading to unauthorized access, data breaches, or even a complete compromise of the system.

Vulnerabilities

Source Code Disclosure - CVE-2012-1823

Source Code Disclosure (CVE-2012-1823) is a vulnerability that can expose the underlying source code of a web application to unauthorized users. This vulnerability can potentially lead to sensitive information leaks, unauthorized access, and other security breaches.

Heartbleed OpenSSL Vulnerability

The Heartbleed OpenSSL vulnerability allows an attacker to exploit a flaw in OpenSSL's implementation of the Transport Layer Security (TLS) heartbeat extension, leading to the leakage of sensitive data from the server's memory.

Vulnerabilities

HTTP Parameter Pollution

'HTTP Parameter Pollution' (HPP), which occurs when the parameters passed in an HTTP request are manipulated or polluted. Attackers can exploit this vulnerability to bypass security controls, inject malicious code, or extract sensitive information.

Vulnerabilities

Anti-CSRF Tokens Check

The 'Anti-CSRF Tokens Check' vulnerability poses a threat to web applications by potentially allowing attackers to perform Cross-Site Request Forgery (CSRF) attacks. CSRF occurs when an attacker tricks a user's browser into making unintended requests on a targeted website, using the victim's authentication credentials.

Absence of Anti-CSRF Tokens

The absence of Anti-CSRF (Cross-Site Request Forgery) tokens is a common vulnerability that leaves web applications exposed to unauthorized actions. CSRF attacks occur when a malicious actor tricks a victim into performing unintended actions on a web application.

Vulnerabilities