application-vulnerabilities
Safeguard articles tagged "application-vulnerabilities" — guides, analysis, and best practices for software supply chain and application security.
4 articles
PHP Vulnerability Classes and Common Fixes
The recurring php vulnerability classes — SQL injection, file inclusion, deserialization, and type-juggling bugs — and the specific fixes that close each one.
XXE Examples: Annotated Payloads and Fixes
Concrete xxe examples showing how a malicious external entity reference reads local files or reaches internal services through an XML parser, and the config change that closes it.
A CSRF Example: Full Attack Walkthrough
A concrete csrf example — a bank transfer form with no anti-forgery token — showing exactly how a forged request rides in on a victim's session and what stops it.
Application Vulnerabilities: The Common Classes Explained
Injection, broken access control, and misconfiguration account for most real-world breaches. Here's a plain map of the classes that matter and how each one is actually exploited.