|
|
| Black Watch
Lab - Vulnerabilities |
FAQ
Vulnerabilities
Register |
Web application
security vulnerabilities are weaknesses in applications
running on a Web site that arise when end users interact
with the application in unexpected ways. In effect,
hackers attempt to gain access to the Web applications
directly through the Web site itself. Web application
hacks typically exploit weaknesses in third-party
products such as Web servers, application servers and
internally developed code, such as Common Gateway
Interfaces (CGIs).
| Black
Watch Labs' current list of Web application
security vulnerabilities |
| |
| May 19,
2000 |
Web
Applications Should Not Assume That Lotus Domino
Enforces Login When a Privileged Access Is
Required |
|
|
Summary |
Full
Advisory |
|
| |
| May 19,
2000 |
Lotus
Domino Server Misconfiguration - Documents Can Be
Modified over the Web |
|
|
Summary |
Full
Advisory |
|
| |
| May 10,
2000 |
Environment and Setup Variables
can be Viewed through FormMail Script |
|
|
Summary |
Full Advisory
|
(Updated
6/1/00) |
| |
| May 5,
2000 |
Environment
and Setup Variables can be Viewed through DBMan
(db.cgi) Script |
|
|
Summary |
Full
Advisory |
|
| |
| Apr 4,
2000 |
BizDB
Search Script Enables Shell Command Execution at
the Server |
|
|
Summary |
Full
Advisory |
|
| |
| Mar 21,
2000 |
Infonautics'
getdoc.cgi may allow unauthorized access to
documents |
|
|
Summary |
Full
Advisory |
|
| |
| Mar 10,
2000 |
Weak Token
in Mail.Com Application Allows Compromise of
Arbitrary User's Data |
|
|
Summary |
Full
Advisory |
|
| |
|
|
|
|
| Feb 17,
2000 |
Using
Search Engines to Locate Millions of Vulnerable
Web Applications |
|
|
Summary |
Full
Advisory |
Site
Checker |
| |
|
