WSV 2013 - International Workshop on Web Security Vulnerabilities

"No language can prevent insecure code, although there are language features which could aid or hinder a security-conscious developer." "-Chris Shiflett
For many organizations, web sites serve as mission critical systems That must operate smoothly to process millions of dollars in daily Online transactions. However, the actual value of a web site needs to Be appraised on a case-by-case basis for each organization. Tangible And intangible value of anything is difficult to measure in monetary Figures alone.
Web security vulnerabilities continually impact the risk of a web site. When any web security vulnerability is identified, performing the Attack requires using at least one of several application attacks Techniques. These techniques are commonly referred to as the class Of attack (the way security vulnerability is taken advantage of). Many of these types of attack have recognizable names such as Buffer Overflows, SQL Injection, and Cross-site Scripting. As a Baseline, the class of attack is the method the Web Security Threat Classification will use to explain and organize the threats to a web Site. So, in This Workshop we will discuss 4 common used Vulnerabilities to attack any website as follow:
Cross Site Scripting.
Form and Parameter Tampering.
SQL Injection.
Session/cookies stolen and poisoning.