|
You are here |
chefsecure.com | ||
| | | | |
www.michalspacek.com
|
|
| | | | | Stealing session ids from phpinfo() output has been a known technique for some time, and is used to bypass the HttpOnly attribute, which prohibits JavaScript from accessing a cookie marked as such (e.g. PHPSESSID). Ijust now thought of a solution that allows you to keep your phpinfo(): we'll simply censor the sensitive data, making phpinfo() lose some of its value to the attacker. | |
| | | | |
www.miguelxpn.com
|
|
| | | | | XSS stands for Cross Site Scripting, it's basically when input is not properly sanitized somewhere and a malicious actor can inject unintended javascript somewhere. That javascript will be executed by some unsuspecting user's browser and then bad stuff can happen. | |
| | | | |
victoria.dev
|
|
| | | | | [AI summary] The article discusses SQL injection and cross-site scripting (XSS) vulnerabilities, emphasizing the importance of securing user input to prevent security breaches by white hat hackers. | |
| | | | |
mmhaskell.com
|
|
| | | Learn libraries and techniques to use Haskell for a variety of real world tasks, like connecting to databases, building web servers, and testing. | ||