Showing 3 articles


Showing 3 articles


Cookieless Authentication

Most web applications use cookies to keep track of session state. Some applications use other mechanisms to keep track of authenticated sessions. These custom authentication schemes are usually vulner...


XML External Entity (XXE) Injection

XML external entity (XXE) injection vulnerabilities occur when the XML processor allows the attacker to control data loaded into the XML document as "external entities." Some XML processors support a...


Connection String Injection

Applications use connection strings to specify credentials used to access databases. If the application includes unvalidated user input in connection strings, an attacker might be able to change what...

Filter by