Web App Vulnerabilities

1. Introduction Server-Side Template Injection (SSTI) is a vulnerability where an application embeds user-controlled inputs into server templates without proper...

1. Introduction ServiceNow Widgets Data Exposure is a vulnerability affecting custom JavaScript components within ServiceNow portal pages. It occurs when...

1. Introduction Selligent Message Studio is affected by a code execution vulnerability, CVE-2017-5638. This allows a remote attacker to run...

1. Introduction Sensitive File Disclosure occurs when a web application makes files available that should be kept private. This can...

1. Introduction Session Cookies Detected refers to the presence of session cookies returned by an application during a security scan....

1. Introduction 2. Technical Explanation Session Fixation occurs because the web server doesn’t create a new, random session ID after...

1. Introduction SGDynamo sgdynamo.exe HTNAME XSS is a cross-site scripting vulnerability affecting the CGI application ‘sgdynamo.exe’. This allows an attacker...

1. Introduction The ShareFile Storage Zones Controller Web Detection vulnerability means the web interface for Citrix ShareFile is visible on...

1. Introduction A signup form has been detected on a system under assessment. This indicates a potential point for user...

1. Introduction The Silex USB Device Server Web Configuration Page Empty Password vulnerability means the web interface used to manage...