Web Application Vulnerabilities

Hackers today have an ever increasing list of weaknesses in the web application structure at their disposal, which they can exploit to accomplish a wide variety of malicious tasks.

New flaws in web application security measures are constantly being researched, both by hackers and by security professionals. Most of these flaws affect all dynamic web applications whilst others are dependent on specific application technologies. In both cases, one may observe how the evolution and refinement of web technologies also brings about new exploits which compromise sensitive databases, provide access to theoretically secure networks, and pose a threat to the daily operation of online businesses.

The following is a list of known web application vulnerabilities / threats.  Acunetix WVS also scans hundreds of well known applications such as WordPress, PHPNuke, PHPMyAdmin, Mambo, phpBB, OpenX etc heuristicly for the detection of those exploits which have not yet been identified and tagged.

Subscribe to Acunetix Web Application Security Blog to keep up to date with the latest web security news

Web Application Vulnerabilities

• Backup files Security Vulnerability
• Blind SQL/XPath injection Security Vulnerability
• Code execution Security Vulnerability
• Common files Security Vulnerability
• Cookie manipulation Security Vulnerability
• CRLF injection/HTTP response splitting Security Vulnerability
• Cross Site Scripting Security Vulnerability
• Cross Site Scripting in path Security Vulnerability
• Cross Site Scripting in URI Security Vulnerability
• DELETE Method Enabled Security Vulnerability
• Directories with executables permission enabled Security Vulnerability
• Directories with write permissions enabled Security Vulnerability
• Directory Listing Security Vulnerability
• Directory Traversal Security Vulnerability
• Email address found Security Vulnerability
• File inclusion Security Vulnerability
• Full path disclosure Security Vulnerability
• Possible sensitive files Security Vulnerability
• PUT Method Enabled Security Vulnerability
• Script source code disclosure Security Vulnerability
• Sensitive data not encrypted Security Vulnerability
• Source code disclosure Security Vulnerability
• SQL injection Security Vulnerability
• TRACE method is enabled Security Vulnerability
• TRACK method is enabled Security Vulnerability
• Trojan shell script Security Vulnerability
• URL redirection Security Vulnerability
• XFS vulnerability Security Vulnerability
• XPath Injection vulnerability Security Vulnerability

• Product Information
• Download
• Product Tour
• Brochure (PDF)
• Pricing
• Testimonials
• Customer references
• Resell Acunetix
• Acunetix in the Press
• List of vulnerability checks

• Learn more
• SQL Injection
• Cross site scripting
• Web Security
• Directory Traversal
• Ajax Application Security
• Google Hacking