Note: This article refers to an older version of Acunetix. Click here to download the latest version. We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this…
Author Archives Bogdan Calin
THE AUTHOR
Bogdan Calin
SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3
Note: This article refers to an older version of Acunetix. Click here to download the latest version. Note: This article refers to an older version of Acunetix. Click here to download the latest version. We are continuing with the list of security vulnerabilities found in…
Web Security problems in Zenphoto version 1.3
Note: This article refers to an older version of Acunetix. Click here to download the latest version. We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this…
Security vulnerabilities in Pligg CMS version 1.0.4
Note: This article refers to an older version of Acunetix. Click here to download the latest version. While beta testing the latest version of Acunetix WVS v7, we found a large number of security vulnerabilities in various web applications. In the following days we will…
Gray Powell and the lost iPhone, and malware
In case you didn’t hear about it already, the story of the day is Gray Powell and the lost iPhone. So I searched for him on Google. I was really surprised to see that 4 out of 10 results from Google’s first page were links…
VIDEO: Exploiting a Cross Site Scripting vulnerability in Mambo CMS
In this video we look into the details of how an attacker is able to exploit a Cross Site Scripting vulnerability in Mambo CMS (version: 4.6.5), discovered by Bogdan Calin with Acunetix Web Vulnerability Scanner. This vulnerability is affecting a POST parameter in the Mambo…
Statistics from the top 1,000,000 websites – part II
This is the second part of an older article we posted, where we present some statistics from the top 1,000,000 sites on the internet. We are using the Alexa database as source for our statistics. In the first part of this article, we presented the…
Latest Comparison Report from Larry Suto
Last week, Larry Suto published a report entitled “Accuracy and Time Costs of Web Application Security Scanner Report”. I’ve started to investigate in detail the results from this report. And I’ve found a list of inaccuracies. Here is a direct quote from his paper: Methodology…
e107 CMS system website compromised
As part of my job here at Acunetix, from time to time I analyze source code looking for security problems. Using this information I adjust Acunetix WVS to detect these problems automatically (when it’s possible). Monday, I downloaded e107 from e107.org and started analyzing the…