NoTamper: Automatic, Blackbox Detection of Parameter Tampering Opportunities in Web Applications

To appear in 17th ACM Conference on Computer and Communications Security (CCS 2010)

Prithvi Bisht, Timothy Hinrichs, Nazari Skrupsky, Radoslaw Bobrowicz, V.N. Venkatakrishnan

This web page contains additional information for experiments conducted on various web applications.

Application Exploit Report Resolution Vendor reaction Exploit Snapshot
www.codemicro.com REPORT vulnerability confirmed and fixed REACTION 1 2
www.selfreliance.com REPORT vulnerability confirmed and fixed REACTION 1 2 3 4 5
Simple Machines Forum (SMF) REPORT vulnerability confirmed REACTION
Ezybiz REPORT vulnerability confirmed REACTION
OpenDB REPORT vulnerability confirmed REACTION
MyBloggie REPORT vulnerability confirmed REACTION
B2Evolution REPORT REACTION
phpNuke REPORT vulnerability confirmed REACTION
OpenIT REPORT vulnerability confirmed REACTION
LegalCase REPORT vulnerability confirmed REACTION
www.smi-online.co.uk REPORT REACTION
www.interscience.wiley.com REPORT REACTION
www.garena.com REPORT REACTION