Nadav Avital, Author at Blog | Imperva

Home
Blog
Articles by: Nadav Avital

Nadav Avital Technical Application Security Research, Imperva Defense Center

CVE-2017-9791-RCE-Struts-1-Plugin

CVE-2017-9791: Analysis of RCE in the Struts Showcase App in Struts 1 Plugin

On July 7th, a new security vulnerability was published in Apache Struts 2 CVE-2017-9791 (S2-048[1]). Struts 2.3.x users with Struts 1 plugin, which includes the Showcase app, are vulnerable. Once...

apache_struts_march2

CVE-2017-5638: New Remote Code Execution (RCE) Vulnerability in Apache Struts 2

On March 6th, a new remote code execution (RCE) vulnerability in Apache Struts 2 was made public. This recent vulnerability, CVE-2017-5638, allows a remote attacker to inject operating system commands...

wordpress_earlydisclosure_thwart_hackers

Early Vulnerability Disclosure Thwarts WordPress Hackers

In late January, WordPress was made aware of a new vulnerability in its code. Taking a proactive stance, the content management system (CMS) vendor immediately shared it with major web...

6a01156f8c7ad8970c01b7c8c860e8970b

Defend Against PHPMailer Vulnerability with 0day Protection

On December 25th 2016, a critical new vulnerability in PHPMailer was made public. The open source PHP library for email handling embeds email functionality in web applications. This recent vulnerability...

6a01156f8c7ad8970c01bb0964b817970d

The State of Web Applications’ Vulnerabilities in 2016

Part of our job on the Imperva web application security team is supplying inclusive mitigation to new security vulnerabilities in web applications as soon as they become public. Imperva continually...

6a01156f8c7ad8970c01b8d2432c51970c-320wi

Can the Phishing Menace be Reined in?

Phishing is the starting point for most data breaches. People are the weakest link to an organization’s security posture. Current approaches to controlling the proliferation of phishing have shown no...

Live Chat Agents Unavailable

You are now leaving Blog | Imperva

Subscribe or close this message and you will be redirected to

CANCEL