Web Vulnerabilities Exploitation
SQL Injection
SQL Injection
Spett
SQL Injection - Are Your Web Applications Vulnerable?
?
Uncommon SQL Injection
N3T D3VIL
and more SQL injection
Di Paola
(more) advanced SQL injection
Anley
Blind SQL Injection
Spett
Blindfolded SQL Injection
Maor
Second-order Code Inkection Attacks
Ollmann
An Introduction to SQL Injection Attacks for Oracle Developers
Kost
Advanced SQL Injection In Oracle Databases
Martínez
Manipulating Microsoft SQL Server Using SQL Injection
Cerrudo
Advanced SQL Injection In SQL Server Applications
Anley
Lateral SQL Injection - A new Class of Vulnerability in Oracle
David Litchfield
Cross-site scripting (XSS)
Cross-Site Scripting for Fun and Profit
Nexus
XSS The Complete Walkthrough
t0pP8uZz
XSS Attacks FAQ
Mangarae
Advanced Cross-Site-Scripting with Real-time Remote Attacker Control
Rager
Cross Site Scripting filtration Bypass
Muhammad
xss2phishing
?
PHP related vulnerabilities
PHP Underground Security
Omnipresent
Php Endangers - Remote Code Execution
Muhammad
Dynamic Evaluation Vulnerabilities in PHP applications
?
Remote and Local File Inclusion Exploits
sunjester
Web Application Auditing and Exploitation
ReZEN
Secure file upload in PHP web applications
Bezroutchko
Misc
Weaknesses in Web-Applications v1.7
theblacksheep
Web Bug v1.0
theblacksheep
The Website Attack Guide
?
Cookie Stealing Upgrade - Ajax Style
AJP
Cross Site Request Forgery - the Sea Surf
Nexus
Biocode uploading using only HTTP
TheVoid
Abusing the internet with popular search engine technologies
c0ntex
Bypassing Oracle dbms_assert
Kornbrust
Buffer Truncation Abuse in Microsoft SQL Server Based Applications
Steele
Preventing CSRF
Nexus
Access Through Access
Brett Moore
Bypassing Web Authentication and Authorization with HTTP Verb Tampering
Arsan Dabirsiaghi
File Download Injection
Jeff Williams
The Extended HTML Form attack revisited
Sandro Gauci
DoS Attacks Using SQL Wildcards
Ferruh Mavituna