Articles by
While testing our AcuSensor technology, I downloaded a small PHP blog application from the internet. The installation went smoothly. This particular application was not using a database but it was storing everything in text files. …
Today I’m going to talk about a new vulnerability which I named Remote XSL Inclusion. I didn’t find any references on the internet about this vulnerability, which I found while auditing some PHP code for …
Nowadays, a lot of web applications are using URL rewriting. URL rewriting involves converting normal URLs to search engine friendly URLs. Usually the reason for doing this is to improve the rankings in search engines.
A …
On March 2, 2007 the following was posted on the WordPress blog:
Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by …
This post shows how with Acunetix AcuSensor Technology improves scanning reliability by using sensors placed inside the web application being scanned. It also proves that with this technology, one can detect SQL injections in INSERT …
If you try to run AcuSensor Injector on Windows Server 2008 you will receive the error “Error populating websites, Unknown error (0×80005000)”.
AcuSensor Injector is using Active Directory Service Interfaces (ADSI) to construct a list of …
