Articles by Sven Morgenroth

MORE FROM THIS AUTHOR

Exploiting Oracle: Analysis of the Recent RCE Vulnerability in WebLogic Server

Exploiting Oracle: Analysis of the Recent RCE Vulnerability in WebLogic Server
Cross-site Scripting in React Web Applications

Cross-site Scripting in React Web Applications
Goodbye XSS Auditor

Goodbye XSS Auditor
The Problem of String Concatenation and Format String Vulnerabilities

The Problem of String Concatenation and Format String Vulnerabilities
DNSFS: Is it possible to use DNS as a file system?

DNSFS: Is it possible to use DNS as a file system?
Discovering and hacking IoT devices using web-based attacks

Discovering and hacking IoT devices using web-based attacks
Bypassing disabled system functions

Bypassing disabled system functions
Using Google bots as an attack vector

Using Google bots as an attack vector
The dangers of incorrect CSP implementations

The dangers of incorrect CSP implementations
Pros and Cons of DNS Over HTTPS

Pros and Cons of DNS Over HTTPS
Detailed Explanation of PHP Type Juggling Vulnerabilities

Detailed Explanation of PHP Type Juggling Vulnerabilities

Server-Side Template Injection Introduction & Example

This article introduces Server Side Templates and explains why and how they can be susceptible to Server-Side Template Injection vulnerabilities. It includes examples of HTML, PHP and CSS code and concludes with a list of recommendations on how to protect your web applications from attacks that exploit SSTI vulnerabilities.

Invicti Security Corp
220 Industrial Blvd Ste 102
Austin, TX 78745

© Invicti 2022

RESOURCES

USE CASES

WEB SECURITY

COMPANY

© Invicti 2022

SSA Privacy Policy California Privacy Rights Terms of Use Accessibility Sitemap