Explore >> Select a destination
|
You are here 
|
bogs.io | ||
| | | | |
spawnzii.github.io
|
|
| | | | | Introduction Hello, I'm currently a student at ESNA and I'm passionate about web application security. This article describes the discovery of several critical vulnerabilities in the SPIP CMS and Root-Me. With a friend (cc Abyss Watcher) we decided to search for vulnerabilities on the SPIP/Root-Me. From the first days, we managed to find some bugs, XSS, CSRF and later we will discover a RCE. Environment Of course we did not our research directly on root me. | |
| | | | |
introvertmac.wordpress.com
|
|
| | | | | What is CSRF ? "Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts." - Wikipedia CSRF is at 8th position in OWASP... | |
| | | | |
www.sjoerdlangkemper.nl
|
|
| | | | | Cookies are typically sent to third parties in cross origin requests. This can be abused to do CSRF attacks. Recently a new cookie attribute was proposed to disable third-party usage for some cookies, to prevent CSRF attacks. This post will describe the same-site cookie attribute and how it helps against CSRF. | |
| | | | |
thomascountz.com
|
|
| | | Personal site of Thomas Countz | ||
