Application Security

RIPS Scanner v-0.54 - Local File Include (LFI)

Hi there, For those using the RIPS scanner [1] to help the analysis of vulnerabilities on PHP code, pay attention not to leave it running on your network or available to the internet, where anyone can access it.  In a very brief static code analysis of RIPS we found two “Local File Include” (LFI) vulnerabilities as listed below: 1. LFI at “rips/windows/code.php” &#8211…
Read more

4 tips for those who want to invest in a career in Application Security

"Forgot your password?" - The problem with security questions