[Owasp-singapore] RESEND: ways to exploit internal web applications

spawn of soul calibur ruel555 at hotmail.com
Mon Aug 31 23:59:01 EDT 2009


note: apologies for missing the subject line


Hi Guys,

A novice-question again. 

What are the ways to
exploit internal web application? I know web applications which are
external facing can be exploited by XSS, SQL injection etc. But if
attackers cant even see the web application because its only available
internally, then how can they be exploited?

Basically, I am trying to justify the need to review our web application development practices. Thanks!

Regards,
Ruel
_________________________________________________________________
More than messages–check out the rest of the Windows Live™.
http://www.microsoft.com/windows/windowslive/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20090901/31460d8f/attachment.html 


More information about the Owasp-singapore mailing list