Showing 2 results for: June 2011 ×Penetration Testing ×

TWSL2011-006: IBM Web Application Firewall Bypass

The SpiderLabs team at Trustwave published a new advisory today, which details an issue identified in the IBM Web Application Firewall (WAF). The IBM Web Application Firewall capabilities, inside IBM IPS products, complement IBM Security's portfolio of web application security...

My Other Ride is Your Image Upload Script

Many security issues are based upon mistaken assumptions. For instance, when testing applications, I often find that the user inputs left unsanitized are the ones that the developer does not believe can be modified, such as inputs from drop-down menus....