Blog

JNDI injection. JDBC

Preventing JNDI injection vulnerabilities by using a source code review is always a good idea.

JDBC JNDI injection

another JNDI injection was subsequently discovered:

Insecure deserialization

Insecure deserialization is when user-controllable data is deserialised by a website. This potentially enables an attacker to manipulate serialised objects… Read more

Input processing vulnerabilities

Input validation is a frequently-used technique for checking potentially dangerous inputs in order to ensure that the inputs are safe… Read more

Spring4Shell as a class injection example

Two serious vulnerabilities leading to remote code execution (RCE) have been found in the popular Spring framework, one in Spring… Read more

JDBC JNDI injection

Related Posts

Insecure deserialization

Input processing vulnerabilities

Spring4Shell as a class injection example