English
Related papers

Related papers: Detection of Wordpress Content Injection Vulnerabi…

200 papers

Along with the development of large language models (LLMs), e.g., ChatGPT, many existing approaches and tools for software security are changing. It is, therefore, essential to understand how security-aware these models are and how these…

Computers and Society · Computer Science 2023-09-20 Jingyue Li , Per Håkon Meland , Jakob Svennevik Notland , André Storhaug , Jostein Hjortland Tysse

Each year, thousands of software vulnerabilities are discovered and reported to the public. Unpatched known vulnerabilities are a significant security risk. It is imperative that software vendors quickly provide patches once vulnerabilities…

Cryptography and Security · Computer Science 2017-07-26 Benjamin L. Bullough , Anna K. Yanchenko , Christopher L. Smith , Joseph R. Zipkin

Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security…

Software Engineering · Computer Science 2020-06-17 Shuvalaxmi Dass , Akbar Siami Namin

The Web is replete with tutorial-style content on how to accomplish programming tasks. Unfortunately, even top-ranked tutorials suffer from severe security vulnerabilities, such as cross-site scripting (XSS), and SQL injection (SQLi).…

Cryptography and Security · Computer Science 2017-04-11 Tommi Unruh , Bhargava Shastry , Malte Skoruppa , Federico Maggi , Konrad Rieck , Jean-Pierre Seifert , Fabian Yamaguchi

This paper presents a measurement study of information leakage and SSL vulnerabilities in popular Android apps. We perform static and dynamic analysis on 100 apps, downloaded at least 10M times, that request full network access. Our…

Cryptography and Security · Computer Science 2015-05-05 Lucky Onwuzurike , Emiliano De Cristofaro

Software vulnerabilities are constantly being reported and exploited in software products, causing significant impacts on society. In recent years, the main approach to vulnerability detection, fuzzing, has been integrated into the…

Software Engineering · Computer Science 2025-10-21 Tatsuya Shirai , Olivier Nourry , Yutaro Kashiwa , Kenji Fujiwara , Yasutaka Kamei , Hajimu Iida

Content Management Systems (CMSs) are the most popular tool when it comes to create and publish content across the web. Recently, CMSs have evolved, becoming \emph{headless}. Content served by a \emph{headless CMS} aims to be consumed by…

Software Engineering · Computer Science 2025-08-28 Joan Giner-Miguelez , Abel Gómez , Jordi Cabot

Plugin systems are a class of external programmes that provide users with a wide range of functionality, and while they enhance the user experience, their security is always a challenge. Especially due to the diversity and complexity of…

Cryptography and Security · Computer Science 2025-08-19 Ruomai Ren

We present WPSE, a browser-side security monitor for web protocols designed to ensure compliance with the intended protocol flow, as well as confidentiality and integrity properties of messages. We formally prove that WPSE is expressive…

Cryptography and Security · Computer Science 2018-06-26 Stefano Calzavara , Riccardo Focardi , Matteo Maffei , Clara Schneidewind , Marco Squarcina , Mauro Tempesta

Cross-site scripting (XSS) is one of the major threats menacing the privacy of data and the navigation of trusted web applications. Since its reveal in late 1999 by Microsoft security engineers, several techniques have been developed in the…

Cryptography and Security · Computer Science 2024-04-24 Abdelhakim Hannousse , Salima Yahiouche , Mohamed Cherif Nait-Hamoud

The growth in the adoption of the WebAssembly (WASM) standard has given rise to a rapidly increasing landscape of binary applications that are natively ported to the environment of websites. The flexibility of WASM has made it the preferred…

Cryptography and Security · Computer Science 2026-03-11 Lorenzo Corrias , Lorenzo Pisu , Davide Maiorca , Giorgio Giacinto

Blockchain has become particularly popular due to its promise to support business-critical services in very different domains (e.g., retail, supply chains, healthcare). Blockchain systems rely on complex middleware, like Ethereum or…

Software Engineering · Computer Science 2020-10-23 Ákos Hajdu , Naghmeh Ivaki , Imre Kocsis , Attila Klenik , László Gönczy , Nuno Laranjeiro , Henrique Madeira , András Pataricza

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Cryptocurrencies have become very popular in recent years. Thousands of new cryptocurrencies have emerged, proposing new and novel techniques that improve on Bitcoin's core innovation of the blockchain data structure and consensus…

Cryptography and Security · Computer Science 2020-10-29 Qingze Hum , Wei Jin Tan , Shi Ying Tey , Latasha Lenus , Ivan Homoliak , Yun Lin , Jun Sun

Breaking cybersecurity events are shared across a range of websites, including security blogs (FireEye, Kaspersky, etc.), in addition to social media platforms such as Facebook and Twitter. In this paper, we investigate methods to analyze…

Computation and Language · Computer Science 2019-05-06 Shi Zong , Alan Ritter , Graham Mueller , Evan Wright

Password updates are a critical account security measure and an essential part of the password lifecycle. Service providers and common security recommendations advise users to update their passwords in response to incidents or as a critical…

Cryptography and Security · Computer Science 2025-11-17 Alexander Krause , Jacques Suray , Lea Schmüser , Marten Oltrogge , Oliver Wiese , Maximilian Golla , Sascha Fahl

Software containers are widely adopted for developing and deploying software applications. Despite their popularity, major security concerns arise during container development and deployment. Software Engineering (SE) research literature…

Software Engineering · Computer Science 2025-12-16 Maha Sroor , Teerath Das , Rahul Mohanani , Tommi Mikkonen

HTML5-based mobile apps become more and more popular, mostly because they are much easier to be ported across different mobile platforms than native apps. HTML5-based apps are implemented using the standard web technologies, including…

Cryptography and Security · Computer Science 2014-10-29 Xing Jin , Tongbo Luo , Derek G. Tsui , Wenliang Du

JavaScript, a scripting language employed to augment the capabilities of web browsers within web pages or browser extensions, utilizes code segments termed JavaScript inclusions. While the security aspects of JavaScript inclusions in web…

Cryptography and Security · Computer Science 2025-05-27 Chong Guan

SQL injection (SQLi) attacks pose a significant threat to the security of web applications. Existing approaches do not support object-oriented programming that renders these approaches unable to protect the real-world web apps such as…

Cryptography and Security · Computer Science 2020-07-14 Rasoul Jahanshahi , Adam Doupé , Manuel Egele