Introducing Dynamic API Scanning
Application environments are more complex than ever, with APIs forming the critical connective tissue. But this proliferation has created a vast, often invisible, attack surface. …
Newly added security tests March 23, 2017: CVE-2017-5638 and Joomla SQL injections
Detectify
To bring you the most up-to-date security service and help you stay on top of threats, we update Detectify on a regular basis. Here are some of the security tests added to the tool with our latest release:
- CVE-2017-5638, Apache Struts RCE
- WordPress error log disclosure
- WordPress wp-rich-snippet XSS
- WordPress all-in-one-schemaorg-rich-snippets XSS
- WordPress apptha-slider-gallery XSS
- WordPress apptha-slider-gallery SQL injection
- WordPress backup-with-restore Database Disclosure
- WordPress wp-database-backup RCE
- Joomla! vikappointments SQL injection
- Joomla! vikrentitems SQL injection
- Joomla! vikrentcar SQL injection
- Joomla! simplemembership SQL injection
- CKEditor wiris plugin XSS
- AWS S3CMD header information disclosure
- Concerto fingerprinting and XSS module
- Publicly exposed Lynk Zipper
Check out more content
Redefining AppSec Testing with Intelligent Scan Recommendations and Asset Classification
The average organization is missing testing 9 out of 10 of their complex web apps that are attacker-attractive targets. To address this, we’re launching new …
