Series

web vulnerabilities

Authentication Vulnerabilities
Authentication Vulnerabilities Conceptually, authentication vulnerabilities are easy to understand. However, they are usually critical because of the clear relationship between authentication and secu
Mar 10, 20269 min read
HTTP Host header attacks
HTTP Host header attacks What is the HTTP Host header? The HTTP Host header is a mandatory request header as of HTTP/1.1. It specifies the domain name that the client wants to access. For example, whe
Mar 10, 202612 min read
OAuth 2.0 vulnerabilities
OAuth 2.0 vulnerabilities Terminology (OAuth vs OIDC) OAuth 2.0 is an authorization framework. It delegates access to an app without sharing a password. Many products use OAuth to “log in”. That’s usu
Mar 10, 20266 min read4
OS command injection
OS command injection What is command injection? Command injection is a vulnerability that allows an attacker to execute operating system (OS) commands on the server that is running an application. A s
Mar 10, 20262 min read1
Path traversal
Path traversal What is path traversal? Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an applicatio
Mar 10, 20267 min read