News & Articles

Our articles and guides on how to protect your startup from cybercriminals

Read about all the security issues that we find during our automated security reviews, and how to solve them.

Latest Articles

All
ISO 27001
All
SOC 2
All
Vulnerabilities
All
Mitigations

Server Side Code Injection - ASP Code Injection

The 'ASP Code Injection' vulnerability occurs when an attacker can manipulate the application to execute arbitrary ASP code on the server. This can happen if your application does not properly validate or sanitize user input, allowing attackers to inject malicious ASP code into the application.

Vulnerabilities

Server Side Code Injection - PHP Code Injection

A 'Server-Side Code Injection' vulnerability, specifically a PHP Code Injection, can allow attackers to execute arbitrary PHP code on your server, potentially leading to data breaches, server compromise, and other security issues.

Vulnerabilities

Server Side Code Injection

The 'Server-Side Code Injection' vulnerability occurs when an application allows untrusted input to be executed as code on the server-side. Attackers can manipulate user inputs to inject malicious code, often in the form of scripting languages like PHP, Python, or JavaScript.

Vulnerabilities

Advanced SQL Injection

SQL injection is a common and dangerous attack vector that can lead to unauthorized access, data breaches, and other security issues. This occurs when an attacker is able to manipulate SQL queries executed by your application to gain unauthorized access to the database or perform malicious actions.

Vulnerabilities

XSLT Injection

XSLT (Extensible Stylesheet Language Transformations) Injection is a critical web application vulnerability that can allow attackers to execute malicious code within your application. This can lead to various security risks, including data exposure, unauthorized access, and even a complete compromise of your web application.

Vulnerabilities

Charset Mismatch

The 'Charset Mismatch' vulnerability typically occurs when there's a mismatch between the declared character encoding in the HTTP response headers and the actual character encoding used in the response content. Attackers can exploit this discrepancy to conduct various attacks, including Cross-Site Scripting (XSS).

Vulnerabilities