Introducing Dynamic API Scanning
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
Newly added security tests, February 28, 2017: New WordPress plugin vulnerabilities
Detectify
To bring you the most up-to-date security service and help you stay on top of threats, we update Detectify on a regular basis. Here are some of the security tests added to the tool with our latest release:
- WordPress gadgetry XSS
- WordPress wd-instagram-feed XSS
- WordPress wp-ultimate-form-builder SQL injection
- WordPress multi-device-switcher Open Redirect
- WordPress ad-inserter LFI
- YaBB reflected XSS
- YaBB Open Redirect
- Ultimate Bulletin Board Email Disclosure
- Roxy File Manager Open Access
- Piwik Error Information Disclosure
- KCEditor Filemanager Unauthenticated Access
- Reflected XSS in hazel.cgi
- Open Redirect in awstats.pl
- Reflected XSS in hyperseek.cgi
- eXist Unauthenticated Access
- Reflected XSS in cshopcart.cgi
- Bitrix Site Manager Log Disclosure
- Information Disclosure of sftp-config.json
Check out more content
Redefining AppSec Testing with Intelligent Scan Recommendations and Asset Classification
The average organization is missing testing 9 out of 10 of their complex web apps that are attacker-attractive targets. To address this, we’re launching new …
