Author Archives Bogdan Calin

THE AUTHOR

Bogdan Calin

Acunetix developers and tech agents regularly contribute to the blog. All the Acunetix developers come with years of experience in the web security sphere.

SQL Injection and XSS vulnerabilities in CubeCart version 4.3.3

Web Security Zone | September 9, 2010 by Bogdan Calin

Note: This article refers to an older version of Acunetix. Click here to download the latest version. Note: This article refers to an older version of Acunetix. Click here to download the latest version. We are continuing with the list of security vulnerabilities found in…

Web Security problems in Zenphoto version 1.3

Web Security Zone | September 7, 2010 by Bogdan Calin

Note: This article refers to an older version of Acunetix. Click here to download the latest version. We are continuing with the list of security vulnerabilities found in a number of web applications while testing our latest version of Acunetix WVS v7 . In this…

Security vulnerabilities in Pligg CMS version 1.0.4

Web Security Zone | September 3, 2010 by Bogdan Calin

Note: This article refers to an older version of Acunetix. Click here to download the latest version. While beta testing the latest version of Acunetix WVS v7, we found a large number of security vulnerabilities in various web applications. In the following days we will…

Gray Powell and the lost iPhone, and malware

News | April 20, 2010 by Bogdan Calin

In case you didn’t hear about it already, the story of the day is Gray Powell and the lost iPhone. So I searched for him on Google. I was really surprised to see that 4 out of 10 results from Google’s first page were links…

VIDEO: Exploiting a Cross Site Scripting vulnerability in Mambo CMS

Web Security Zone | April 13, 2010 by Bogdan Calin

In this video we look into the details of how an attacker is able to exploit a Cross Site Scripting vulnerability in Mambo CMS (version: 4.6.5), discovered by Bogdan Calin with Acunetix Web Vulnerability Scanner. This vulnerability is affecting a POST parameter in the Mambo…

Statistics from the top 1,000,000 websites – part II

Articles | March 4, 2010 by Bogdan Calin

This is the second part of an older article we posted, where we present some statistics from the top 1,000,000 sites on the internet. We are using the Alexa database as source for our statistics. In the first part of this article, we presented the…

Latest Comparison Report from Larry Suto

News | February 8, 2010 by Bogdan Calin

Last week, Larry Suto published a report entitled “Accuracy and Time Costs of Web Application Security Scanner Report”. I’ve started to investigate in detail the results from this report. And I’ve found a list of inaccuracies. Here is a direct quote from his paper: Methodology…

e107 CMS system website compromised

Web Security Zone | January 27, 2010 by Bogdan Calin

As part of my job here at Acunetix, from time to time I analyze source code looking for security problems. Using this information I adjust Acunetix WVS to detect these problems automatically (when it’s possible). Monday, I downloaded e107 from e107.org and started analyzing the…

Security is hard

Web Security Zone | January 22, 2010 by Bogdan Calin

The year debuted with ‘Operation Aurora‘: Google and over 30 other companies were hit by a spear phishing attack which resulted in theft of intellectual property from Google and probably other companies. Spear phishing is a targeted form of phishing in which an e-mail message might look…

Take action and discover your vulnerabilities