Lucene search
K

15 matches found

BDU FSTEC
BDU FSTEC
added 2025/05/19 12:0 a.m.22 views

The vulnerability of the AngularJS JavaScript framework for developing single-page applications relates to incomplete filtering of special elements, allowing attackers to perform cross-site scripting attacks.

The vulnerability of the AngularJS JavaScript framework for developing single-page applications is related to incomplete filtering of special elements. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

4.8CVSS6.2AI score0.00375EPSS
Exploits0References3Affected Software1
Spring Security Advisories
Spring Security Advisories
added 2024/02/28 12:0 a.m.29 views

This Week in Spring - February 27th, 2024

Hi, Spring fans! Welcome to another installment of This Week in Spring wherein we explore the latest-and-greatest in the wonderful world of Springdom. This week's going to be a very good one, so let's dive right into it! good news everyone! Spring Boot's been updated! 3.3.0-M2, 3.2.3, and 3.1.9 a...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/09/07 12:0 a.m.5 views

The vulnerability of the $resource service in the Angular application and single-page application development platforms, related to the use of a regular expression with inefficient computational complexity, allows attackers to trigger service failures.

The vulnerability of the application development environment and the Angular single-page application platform is related to the use of a regular expression with inefficient computational complexity. Exploiting this vulnerability could allow an attacker to cause service failures...

7.8CVSS7.1AI score0.04658EPSS
Exploits1References10Affected Software3
Kitploit
Kitploit
added 2023/08/11 12:30 p.m.37 views

Xcrawl3R - A CLI Utility To Recursively Crawl Webpages

xcrawl3r is a command-line interface CLI utility to recursively crawl webpages i.e systematically browse webpages' URLs and follow links to discover linked webpages' URLs. Features Recursively crawls webpages for URLs. Parses URLs from files .js, .json, .xml, .csv, .txt & .map. Parses URLs from...

6.9AI score
Exploits0References10
Kitploit
Kitploit
added 2023/06/03 12:30 p.m.52 views

Burp-Dom-Scanner - Burp Suite's Extension To Scan And Crawl Single Page Applications

It's a Burp Suite's extension to allow for recursive crawling and scanning of Single Page Applications. It runs a Chromium browser to scan the webpage for DOM-based XSS. It can also collect all the requests XHR, fetch, websockets, etc issued during the crawling allowing them to be forwarded to...

6.8AI score
Exploits0References3
Kitploit
Kitploit
added 2022/06/24 9:30 p.m.40 views

Authcov - Web App Authorisation Coverage Scanning

Web app authorisation coverage scanning. Introduction AuthCov crawls your web application using a Chrome headless browser while logged in as a pre-defined user. It intercepts and logs API requests as well as pages loaded during the crawling phase. In the next phase it logs in under a different us...

7.2AI score
Exploits0References5
Kitploit
Kitploit
added 2022/06/12 9:30 p.m.46 views

DOMDig - DOM XSS Scanner For Single Page Applications

DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single page applications SPA recursively. Unlike other scanners, DOMDig can crawl any webapplication including gmail by keeping track of DOM modifications and XHR/fetch/websocket requests and it can simulate a...

7AI score
Exploits0References1
Ivan 'd0znpp' Novikov
Ivan 'd0znpp' Novikov
added 2022/01/28 6:10 a.m.24 views

What is Cross Site Request Forgery CSRF | Example and Methods of protection

Organizations aspiring for all-around resource security against the damage-causing cyber vulnerabilities must upgrade their knowledge and get acquainted with all the existing types. CSRF is what is covered sizably in the post. What is CSRF Attack? A counterpart of XSS, CSRF is one of the multiple...

6.6AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2021/04/30 2:0 p.m.235 views

Rapid7's 2021 ICER Takeaways: Web Security Among the Fortune 500

This blog post covers key takeaways from our 2021 Industry Cyber-Exposure Report ICER: Fortune 500. The vast majority of the interactions an average person has with technology is through some form of a web application, but what constitutes a “web app” can be considered quite nebulous, and the...

7.1AI score
Exploits0
Imperva Blog
Imperva Blog
added 2020/10/05 2:40 p.m.54 views

Providing Security and Acceleration of Single Page Applications

HTTP/2 + gRPC and protobuf Today many digital transformation and DevOps teams have been tasked with building applications that will enhance their customer’s digital experience. The goal, to make the user experience smoother, faster and less impeded by transactional and security controls, is a cor...

0.2AI score
Exploits0
CNVD
CNVD
added 2018/06/22 12:0 a.m.3 views

Serve Information Disclosure Vulnerability

serve is an HTTP server for deploying single page applications. A security vulnerability exists in serve, which stems from the program not handling URL encoding correctly. The vulnerability can be exploited to disclose information via directory listings...

5.3CVSS5.1AI score0.01316EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/22 12:0 a.m.2 views

angular-http-server path traversal vulnerability

angular-http-server is an HTTP server for deploying single page applications. A path traversal vulnerability exists in angular-http-server, which stems from the program's lack of checksums on possibleFilename. An attacker can exploit this vulnerability to read the contents of an arbitrary file wi...

6.5CVSS6.4AI score0.01474EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/20 12:0 a.m.4 views

sspa path traversal vulnerability

sspa is a dedicated server for single page applications. A directory traversal vulnerability exists in sspa. An attacker can exploit this vulnerability to gain access to the file system by placing a '... /' sequence in a URL to gain access to the file system...

7.5CVSS7.7AI score0.02005EPSS
Exploits1References1
CNVD
CNVD
added 2018/06/13 12:0 a.m.3 views

hekto node module path traversal vulnerability

hekto node module is a module to support single page applications. A path traversal vulnerability exists in the hekto node module, which stems from the program's lack of file path filtering. An attacker can exploit this vulnerability to read the contents of an arbitrary file...

7.5CVSS7.4AI score0.01764EPSS
Exploits1References1
Wallarm Lab
Wallarm Lab
added 2018/03/01 9:45 p.m.96 views

Application Security Testing — The Wallarm Approach

Testing the security of the corporate applications is a part of every-day life for Ops and DevOps professionals. Larger companies have whole teams dedicated to independent security testing, called Red Teams. These folks use various tools at their disposal to discover the flaws in both application...

7AI score
Exploits0
Rows per page
Query Builder