Websec Cybersecurity Blog

Expert insights, trends, research findings, and best practices from our security team to help you strengthen your organization's security posture.

Topic: Session

Search Articles

Get the latest cybersecurity insights on LinkedIn or via RSS.

Search Articles

Filter by Topic

Filtering by: Topic: Session

Blog July 4, 2013

(IN)secure session data in CodeIgniter

A security analysis of how web applications built on the CodeIgniter PHP framework handle user sessions, documenting the recurring implementation mistakes we see on assessments and what pentesters and developers should watch for.

# CodeIgniter # Framework # Insecure # PHP # Session # User # Web Security

Blog May 30, 2012

Cookie Stealing By Router Pharming (2Wire)

A multi-stage exploit that chains cross-site scripting, an information-disclosure magic URL, and a default-WEP password reset on 2Wire routers to poison DNS and harvest cookies from nearly any domain the victim visits.

# 2wire # Auth # Bypass # Cookie # Cross Site # Exploit # Forgery # Hijacking # Request # Router # Scripting # Session # XSS

Websec Cybersecurity Blog

Search Articles

Popular Topics

Follow Us

(IN)secure session data in CodeIgniter

Cookie Stealing By Router Pharming (2Wire)