edit-icon download-icon

Web vulnerabilities

Last Updated: May 07, 2018

Cross-site attack

Vulnerability description

Cross-site scripting (XSS) usually occurs on the client end. It can be used for stealing private information and passwords, phishing, and transmission of malicious code. Technologies used for XSS attacks include HTML, JavaScript, VBScript, and ActionScript.

An attacker embeds harmful code onto the server and uses the code to forge a webpage. When a user opens the webpage, the malicious code will be injected into the user’s browser to mount attacks. The attacker can then steal the session cookies to obtain user’s private information, including passwords and other sensitive information.

Vulnerability threat

XSS attacks are directly harmful to web servers, but they can spread from website to website to impair the users and steal their accounts or passwords. XSS attacks various types of damage as described:

  • Phishing: Most attacks use the reflexive XSS vulnerability of the target website to redirect website users to a phishing website. It then injects phishing JavaScript to monitor the form inputs on the target website, and mounts a more advanced DHTML-based phishing attack.
  • Hanging Trojans on websites: Typical attacks embed hidden malicious websites through IFrame during cross-site access. It then redirects victims to malicious websites, and displays dialog boxes for malicious websites.
  • Identity theft: Cookies are used to authenticate user identities when the user loads a specified website. XSS can be exploited to steal the user’s cookie and obtain user’s permission to perform operations on the website. If a website administrator’s cookies are stolen, the website gets exposed to threats.
  • Spamming: XSS vulnerabilities are exploited to send unwanted information on behalf of the victim to target user groups in an SNS community.
  • Hijacking users’ web behaviors: An advanced type of an XSS attack can hijack users’ web behaviors to monitor the browsing history and sent/received data.
  • XSS worm: XSS worms place advertisements, generate traffic, embed Trojan virus on websites, play pranks, corrupt online data, and mount DDoS attacks.

CRLF attack

Vulnerability description

HTTP response splitting is also called the CRLF injection attack. CR and LF correspond to the carriage return and line feed characters.

An HTTP header consists of multiple lines separated by the combinations of CRLF characters. Each line is in the structure of Key: Value.

If the CRLF characters are injected into a portion of the value input by the user, the HTTP header structure may be changed.

Vulnerability threat

By injecting self-defined HTTP header information (such as session cookie or HTML code), an attacker can launch XSS attacks or session fixation vulnerability attacks.

Web SQL injection

Vulnerability description

Web SQL injection is a security vulnerability that occurs at the database layer for apps. It is used to obtain website control permission illegally. Some apps may overlook checking on SQL instructions in input character strings. As a result, these instructions are falsely considered as normal SQL instructions and executed by the database. When this happens, the database is more prone to attacks, which may lead to data theft, or modification, deletion, or even insertion of malicious code and backdoors into websites.

Vulnerability threat

SQL injection attacks may cause the following damages:

  • Confidential data may be stolen.
  • Core business data may be tampered with.
  • Web pages may be defaced.
  • Database servers may be turned into zombie hosts by attacks, or the enterprise website may be attacked.

Webshell attack

Vulnerability description

A webshell attack is structured to write webpage-based Trojan viruses into websites to control corresponding servers.

Vulnerability threat

Attackers may write web-based Trojan backdoors into websites to operate files and run commands on these websites.

Local file inclusion

Vulnerability description

Local file inclusion is a type of vulnerability that occurs when an app code fails to implement strict control over the processing of included files. As a result, attackers can execute uploaded static files or website log files as code.

Vulnerability threat

Attackers may exploit this vulnerability to execute commands on servers to get server operation permission. This can then lead to malicious deletion of websites or tampering of user data.

Remote file inclusion

Vulnerability description

Remote file inclusion is a type of vulnerability that occurs when an app code fails to implement strict control over the processing of included files. As a result, attackers can construct parameters including remote code for execution on servers.

Vulnerability threat

Attackers can exploit this vulnerability to execute commands on servers to get server operation permission. This can then lead to malicious deletion of websites or tampering of user data.

Remote code execution

Vulnerability description

Remote code execution is a high-risk security vulnerability. It allows an attacker to exploit a code vulnerability of a server to execute malicious user input on the server.

Vulnerability threat

Attackers can use the vulnerability to execute assembled codes.

FastCGI attack

Vulnerability description

FastCGI attack is a severe security vulnerability in Nginx. By default, the FastCGI module may cause servers to incorrectly parse any file types in PHP mode.

Vulnerability threat

Malicious attackers may destroy an Nginx server supporting PHP.

Thank you! We've received your feedback.