HTML injections (HyperText Markup Language injections) are vulnerabilities that are very similar to Cross-site Scripting (XSS). The delivery mechanisms are exactly the same but the injected content is pure HTML tags, not a script like in the case of XSS. HTML injections are less dangerous…
XSS Filter Evasion Basics
The two primary methods of avoiding Cross-site Scripting (XSS) vulnerabilities are XSS filtering and XSS escaping. However, XSS filtering is not recommended because it can usually be evaded using clever tricks. Here are some of the methods that an attacker can employ in their malicious…
How to Use Allowed Hosts
When you build web applications, you often use multiple back-end web services to interface between client-side and server-side applications. For example, enterprises use functional subdomains to distribute static content or application logic between API requests. To scan the entire web application, the web vulnerability scanner…
What Is Cookie Poisoning
The term cookie poisoning is used in different contexts to describe attacks that aim to manipulate, intercept, or forge the content of HTTP cookies. Cookie poisoning attacks are different types of attacks that can affect both the client-side application, data transmission, or the web server….
How and Why to Avoid Unvalidated Redirects and Forwards?
Unvalidated redirects and forwards cannot harm your website or web application but they can harm your reputation by helping attackers lure users to malware sites. If you allow unvalidated redirects and forwards, your website or web application will most probably be used in phishing scams….
Visit Us at RSA Conference 2020
Acunetix will be exhibiting at the RSA Conference 2020 on February 24–28 in San Francisco. Join us at booth #6365 in the North Expo to find out about the latest automated features of Acunetix, the leader in web application security scanning. You can click here…
What Is Integer Overflow? – Consequences & Prevention
An integer overflow is a type of an arithmetic overflow error when the result of an integer operation does not fit within the allocated memory space. Instead of an error in the program, it usually causes the result to be unexpected. Integer overflows have been…
Top 10 Acunetix Blog Posts in 2019
The year 2019 has been very exciting for Acunetix with many changes and unprecedented growth. Not only did we unveil the long-awaited Acunetix 360 for our enterprise clients but we also moved to bigger offices and our team grew almost two-fold! The Acunetix engine has…
How many users can I configure in Acunetix?
The number of users that you can configure in Acunetix depends on the edition that you have purchased. Acunetix Standard does not allows for only one user – the same user that is created when installing Acunetix. Acunetix Premium (both on-premises and online) allows for…