Security advisory for path traversal in

Path traversal is a security vulnerability (CWE-23: Relative Path Traversal), that can be abused by attackers to get unauthorized access to files.Web applications often include or offer downloading files that are stored on the web server. These files can be referenced by a relative or absolute path. For example, an URL with a reference to […]
Florian Weller
comment icon 0 26.04.2021

Security advisory for open redirect in Vodafone components

Open redirect is a security vulnerability (CWE-601: URL redirection to untrusted site), that can be abused by attackers to forward users to dangerous pages.A web application receives a query parameter with a location, which is normally some kind of internal resource or URL, and sends a HTTP response with status code 301 or 302 with […]
Sebastian Schwegler
comment icon 1 21.01.2021

Helpful aspects for securing the Software Development Lifecycle

SDLC stands for Software Development Lifecycle. An SDLC is essentially a series of steps or phases that provide a framework for developing software and managing it throughout its lifecycle. Although there is no specific technique or a single way to develop applications and software components, there are established methods used by enterprises and there are models available to manage different challenges and goals.
Javan Rasokat
comment icon 0 19.08.2019