-
I'd like to revisit #33 for CWE now that CVSS (#86) is in.
CWE is an alternate taxonomy that should map to our VRT relatively cleanly, as demonstrated in #33. This will be useful for customers, an…
jcran updated
6 years ago
-
Hello everyone,
I'm streaak2 on bugcrowd and hackerone. I'm currently a bug Hunter trying to make the world a better place and gain some knowledge at the same time.
I realized that the way I can im…
-
As per the VRT UXSS is a P4. But there is a feeling that here it is in the context of the security of the web site, and not browser plug-ins / browsers. I mean that when you made the VRT, you probably…
-
We are in the process of reconsidering what is seen as noise/accepted risk, based on our experience with the majority of our customers, their expectations and minimal security risk. At the same time i…
-
sorry for precedent cut and paste typo command line error
```
/opt/arachni-1.5.1-0.5.12/bin$ sudo ./arachni --output-only-positives --scope-directory-depth-limit 5 --audit-links --audit-for…
-
after read the doc and do my best
for me it not possible to login in html php web application
possible crash
```
$ sudo /opt/local/ruby-2.3.4/bin/ruby /usr/local/bin/arachni --output-only-po…
-
### Preconditions
Do not give the write permission to all the .htaccess files for security reasons.
those files must be writable by the execution user (www-data, apache, ...).
If a .htaccess file i…
spipu updated
7 years ago
-
DLL Hijacking (also called DLL Side Loading and DLL search order hijacking) is currently classified under executable planting at a P4 or P5. As the title says, the I suggest this vulnerability be rat…
-
Today the website packetstormsecurity.com released an advisory of vulnerability for Magento 2.1.6 and below versions. As they say a bug permits Remote Code Execution.
Here the link to the page:
…
-
If I wipe my cache folder, and run the below command, it seems to work properly (at least doesn't crash). The 2nd time I run it, I get the following.
I'm also not seeing any actual mentions, even t…