AppSec Blog: Category - Spot the Vuln

Spot the Vuln - Boundaries

I like pushing boundaries. Lady Gaga Spot the Vuln uses code snippets from open source applications to demonstrate vulnerabilities in real world web applications. Every Monday morning a vulnerable code snippet is posted. Take a look at the vulnerable code and try to identify where the security vulnerability is. Every Friday, a solution is posted … Continue reading Spot the Vuln - Boundaries


Spot the Vuln - Floods - SQL Injection

Details Affected Software: Corpse C&C Fixed in Version: ? Issue Type: SQL Injection Original Code: Found Here Details This week's bug is in Corpse C&C. SpotTheVuln reader Christina hits it right on the head, line 32 contains a ridiculous amount of SQL injection. Most of the parameters passed to the INSERT statement results in SQL … Continue reading Spot the Vuln - Floods - SQL Injection


Spot the Vuln - Floods

The moment we begin to fear the opinions of others and hesitate to tell the truth that is in us, and from motives of policy are silent when we should speak, the divine floods of light and life no longer flow into our souls. Elizabeth Cady Stanton Spot the Vuln uses code snippets from open … Continue reading Spot the Vuln - Floods


Spot the Vuln - Grammys - Cross Site Scripting

Details Affected Software: Corpse C&C Fixed in Version: ? Issue Type: XSS Original Code: Found Here Details Fairly straightforward XSS bug here. This week's bug can be found in the index.php file for the Corpse C&C. Specifically, the index file located at Corpse/info/socks/index.php. Buried deep within the print statement starting on line 30 are two … Continue reading Spot the Vuln - Grammys - Cross Site Scripting


Spot the Vuln - Grammys

The last thing I want is to walk into my house after a long day and see all the Grammys and awards. It would make me feel weird. Alicia Keys Spot the Vuln uses code snippets from open source applications to demonstrate vulnerabilities in real world web applications. Every Monday morning a vulnerable code snippet … Continue reading Spot the Vuln - Grammys