English
Related papers

Related papers: Detection of Wordpress Content Injection Vulnerabi…

200 papers

There has been a long-standing hypothesis that a software's popularity is related to its security or insecurity in both research and popular discourse. There are also a few empirical studies that have examined the hypothesis, either…

Software Engineering · Computer Science 2025-06-12 Jukka Ruohonen , Qusai Ramadan

The increasing frequency of attacks on Android applications coupled with the recent popularity of large language models (LLMs) necessitates a comprehensive understanding of the capabilities of the latter in identifying potential…

Cryptography and Security · Computer Science 2025-03-18 Vasileios Kouliaridis , Georgios Karopoulos , Georgios Kambourakis

As a new format of mobile application, mini programs, which function within a larger app and are built with HTML, CSS, and JavaScript web technology, have become the way to do almost everything in China. This paper presents our research on…

Cryptography and Security · Computer Science 2022-05-31 Jianyi Zhang , Leixin Yang , Yuyang Han , Zhi Sun , Zixiao Xiang

In this work, we perform a comprehensive analysis of the security of text input fields in web browsers. We find that browsers' coarse-grained permission model violates two security design principles: least privilege and complete mediation.…

Cryptography and Security · Computer Science 2023-09-01 Asmit Nayak , Rishabh Khandelwal , Kassem Fawaz

Open Source Software (OSS) security and resilience are worldwide phenomena hampering economic and technological innovation. OSS vulnerabilities can cause unauthorized access, data breaches, network disruptions, and privacy violations,…

Software Engineering · Computer Science 2024-01-17 Nafis Tanveer Islam , Gonzalo De La Torre Parra , Dylan Manual , Murtuza Jadliwala , Peyman Najafirad

The year 2022 saw a significant increase in Microsoft vulnerabilities, reaching an all-time high in the past decade. With new vulnerabilities constantly emerging, there is an urgent need for proactive approaches to harden systems and…

Cryptography and Security · Computer Science 2023-12-27 Ashvini A Kulshrestha , Guanqun Song , Ting Zhu

Web applications are becoming more ubiquitous. All manner of physical devices are now connected and often have a variety of web applications and web-interfaces. This proliferation of web applications has been accompanied by an increase in…

Cryptography and Security · Computer Science 2022-09-19 Onyeka Ezenwoye , Yi Liu

The latest advancements in large language models (LLMs) have sparked interest in their potential for software vulnerability detection. However, there is currently a lack of research specifically focused on vulnerabilities in the PHP…

Cryptography and Security · Computer Science 2024-10-11 Di Cao , Yong Liao , Xiuwei Shang

WebAssembly (Wasm) is a binary instruction format designed for secure and efficient execution within sandboxed environments -- predominantly web apps and browsers -- to facilitate performance, security, and flexibility of web programming…

Software Engineering · Computer Science 2024-04-10 Muhammad Waseem , Teerath Das , Aakash Ahmad , Peng Liang , Tommi Mikkonen

Mini-programs, an emerging mobile application paradigm within super-apps, offer a seamless and installation-free experience. However, the adoption of the web-view component has disrupted their isolation mechanisms, exposing new attack…

Cryptography and Security · Computer Science 2025-10-29 Miao Zhang , Shenao Wang , Guilin Zheng , Yanjie Zhao , Haoyu Wang

A Webview embeds a full-fledged browser in a mobile application and allows the application to expose a custom interface to JavaScript code. This is a popular technique to build so-called hybrid applications, but it circumvents the usual…

Cryptography and Security · Computer Science 2019-05-08 Claudio Rizzo , Lorenzo Cavallaro , Johannes Kinder

Open-source software (OSS) has become increasingly more popular across different domains. However, this rapid development and widespread adoption come with a security cost. The growing complexity and openness of OSS ecosystems have led to…

Cryptography and Security · Computer Science 2025-06-17 Seyed Ali Akhavani , Behzad Ousat , Amin Kharraz

Intrusion Detection System (IDS) is one of the security measures being used as an additional defence mechanism to prevent the security breaches on web. It has been well known methodology for detecting network-based attacks but still…

Cryptography and Security · Computer Science 2018-08-14 Nancy Agarwal , Syed Zeeshan Hussain

Open-source software vulnerability patch detection is a critical component for maintaining software security and ensuring software supply chain integrity. Traditional manual detection methods face significant scalability challenges when…

Software Engineering · Computer Science 2025-09-30 Haoran Xu , Chen Zhi , Junxiao Han , Xinkui Zhao , Jianwei Yin , Shuiguang Deng

The growing number of Internet users and the prevalence of web applications make it necessary to deal with very complex software and applications in the network. This results in an increasing number of new vulnerabilities in the systems,…

Networking and Internet Architecture · Computer Science 2021-08-18 Mahdi Soltani , Mahdi Jafari Siavoshani , Amir Hossein Jahangir

Discovering vulnerabilities in applications of real-world complexity is a daunting task: a vulnerability may affect a single line of code, and yet it compromises the security of the entire application. Even worse, vulnerabilities may…

Cryptography and Security · Computer Science 2020-12-10 Gabriele Costa , Andrea Valenza

A cyber range is a realistic simulation of an organization's network infrastructure, commonly used for cyber security training purposes. It provides a safe environment to assess competencies in both offensive and defensive techniques. An…

Cryptography and Security · Computer Science 2024-07-18 Francesco Caturano , Nicola d'Ambrosio , Gaetano Perrone , Luigi Previdente , Simon Pietro Romano

Mobile crowdsourcing services (MCS), enable fast and economical data acquisition at scale and find applications in a variety of domains. Prior work has shown that Foursquare and Waze (a location-based and a navigation MCS) are vulnerable to…

Cryptography and Security · Computer Science 2021-10-20 Sojhal Ismail Khan , Dominika Woszczyk , Chengzeng You , Soteris Demetriou , Muhammad Naveed

Web applications are becoming truly pervasive in all kinds of business models and organizations. Today, most critical systems such as those related to health care, banking, or even emergency response, are relying on these applications. They…

Cryptography and Security · Computer Science 2009-06-01 Joaquin Garcia-Alfaro , Guillermo Navarro-Arribas

The prevalence of security vulnerabilities has prompted companies to adopt static application security testing (SAST) tools for vulnerability detection. Nevertheless, these tools frequently exhibit usability limitations, as their generic…