Application Security, Responsible Disclosures

Malicious exploitation of Unauthenticated Request submissions

During a recent penetration test on one of our client's application, we came across a case of malicious file propagation through the application server. The attack does not require an authenticated session. The vulnerable section is accessible by unauthenticated users. The attack involves an attacker submitting a malicious request (a...

by Ankit Giri
Tag: Misconfigurations
13-Jan-2016