Password Reset Vulnerability (Poisoning)

Most web application security vulnerabilities leverage user interaction in ways that were not initially intended by their developers. Password reset poisoning is one such vulnerability that leverages headers, such as the Host header in an HTTP request: GET https://example.com/reset.php?email=foo@bar.com HTTP/1.1 Host: evilhost.com Notice that the…

Read More →

How to Use Excluded Hours

Acunetix provides additional functionality for managing your scans. You may encounter a situation, where scans should not interfere with scheduled deployments or hinder the web application functionality during certain times. With that in mind, it is possible to configure excluded hours for Acunetix during which…

Read More →