Proceedings of the 28th Annual ACM Symposium on Applied Computing 2013
DOI: 10.1145/2480362.2480699
|View full text |Cite
|
Sign up to set email alerts
|

EARs in the wild

Pierre Payet
1
,
Adam Doupé
2
,
Christopher Kruegel
3
et al.

Abstract: Execution After Redirect vulnerabilities-logic flaws in web applications where unintended code is executed after a redirect-have received little attention from the research community. In fact, we found a research paper that incorrectly modeled the redirect semantics, causing their static analysis to miss EAR vulnerabilities.To understand the breadth and scope of EARs in the real world, we performed a large-scale analysis to determine the prevalence of EARs on the Internet. We crawled 8,097,283 URLs from 255,95… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

0
0
0

Year Published

2014
2014
2018
2018

Publication Types

Select...
4
1

Relationship

0
5

Authors

Journals

citations
Cited by 5 publications
references
References 18 publications
(12 reference statements)
0
0
0
Order By: Relevance

Uses and Abuses of Server-Side Requests

Pellegrino
1
,
Catakoglu
2
,
Balzarotti
3
et al. 2016
Lecture Notes in Computer Science
10
0
7
0
View full textAdd to dashboardCite

Uses and Abuses of Server-Side Requests

Pellegrino
1
,
Catakoglu
2
,
Balzarotti
3
et al. 2016
Lecture Notes in Computer Science
10
0
7
0
View full textAdd to dashboardCite

Toward Exploiting Access Control Vulnerabilities within MongoDB Backend Web Applications

Wen
1
,
Xu
2
,
Yang
3
et al. 2016
2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC)
9
0
4
0
View full textAdd to dashboardCite

Static detection of execution after redirect vulnerabilities in PHP applications

Chai1,
Yan2,
Wang3
et al. 2016
2016 7th IEEE International Conference on Software Engineering and Service Science (ICSESS)
0
0
0
0
View full textAdd to dashboardCite
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.