Local Privacy Attacks
Many users access web applications from a shared environment in which an attacker may have direct access to the same
Read moreAttacking Other Users
Attacking ActiveX Controls
ActiveX controls are of particular interest to an attacker who is targeting other users. When an application installs a control
Read moreSession Fixation
Session fixation vulnerabilities typically arise when an application creates an anonymous session for each user when they first access the
Read moreJSON Hijacking
JSON hijacking is a special version of an XSRF attack, which in certain circumstances can violate the objectives of the
Read moreFrame Injection
Frame injection is a relatively simple vulnerability that arises from the fact that in many browsers, if a web site
Read moreHTTP Header Injection
HTTP header injection vulnerabilities arise when user-controllable data is inserted in an unsafe manner into an HTTP header returned by
Read moreAttacking Other Users
The majority of interesting attacks against web applications involve targeting the server-side application itself. Many of these attacks do of course
Read more