Analysis of the recent Oracle WebLogic Server remote code execution vulnerability

Cross-site Scripting in React Web Applications

Goodbye XSS Auditor

The Problem of String Concatenation and Format String Vulnerabilities

DNSFS: Is it possible to use DNS as a file system?

Discovering and hacking IoT devices using web-based attacks

Bypassing disabled system functions

Using Google bots as an attack vector

The dangers of incorrect CSP implementations

Pros and Cons of DNS Over HTTPS

Detailed Explanation of PHP Type Juggling Vulnerabilities

Server-Side Template Injection Introduction & Example

This article introduces Server Side Templates and explains why and how they can be susceptible to Server-Side Template Injection vulnerabilities. It includes examples of HTML, PHP and CSS code and concludes with a list of recommendations on how to protect your web applications from attacks that exploit SSTI vulnerabilities.