web application security

Pierluigi Paganini January 28, 2017
WordPress 4.7.2 release addresses XSS, SQL Injection vulnerabilities

According to the release notes the latest version of WordPress 4.7.2 addresses three security, including  XSS, SQL Injection flaws. The WordPress development team has pushed the WordPress 4.7.2 version that fixed three security issues, including a cross-site scripting and a SQL injection vulnerability. The new update comes just two weeks after WordPress released its previous version. Two […]

Pierluigi Paganini January 13, 2017
WordPress 4.7.1 released, patches eight vulnerabilities and 62 bugs

According to the release notes the latest version of WordPress 4.7.1 addresses eight security vulnerabilities and other 62 bugs. Wednesday the latest version of WordPress 4.7.1 was released by the WordPress Team, it is classified as a security release for all previous versions. According to the release notes, the new version addresses eight security flaws […]

Pierluigi Paganini August 17, 2014
Critical flaw in Fiverr.com potentially exposes millions accounts

A CSRF (Cross-site request forgery) vulnerability affects the Fiverr.com website, millions users are potentially at risk. The Egyptian Information Security Evangelist, Mohamed Abdelbaset, reported to the colleagues of The Hacker News a serious CSRF (Cross-site request forgery) vulnerability on the popular Fiverr website. The Fiverr.com website is a marketplace where people offers their services for five dollars per […]

Pierluigi Paganini November 07, 2013
Google Bot activity abused doing SQL Injection Attacks

Security experts at Securi firm have recently detected a series of SQL Injection attacks conducted abusing of the Google Bot activity. The exploitation of search engines like Google and Bing to conduct an attack represents an optimal choice for hackers that intend to stay hidden during the offensive. No IT administrator would block traffic from […]