Last verified : 2016-06-09 11:02 WEST

Client Information:

  • Name: Anselmo 1910
    Address: http://www.anselmo1910.com/

Report:

  • No vulnerabilities were found in the code analysis.

CodeV is a static code analyzer that identifies possible vulnerabilities in source code. The types of vulnerabilities detected are:

- Database attacks; The analyzer finds fields that may enable the attacker to view, insert, modify or delete unintended data.

- Browser attacks; The analyzer detects fields that can be modified by an attacker to include arbitrary code in the webpage.

- File inclusion; One of the ways of attacking a server is sending it a file containing harmful code that will be included in the execution flow.

- Command injection; Taking advantage of fields used to execute system commands, an attacker could execute commands harmful to the server.

- Use of weak cyphers; Use cryptographic algorithms that are no longer secure is detetced by the analyzer.

- Code inclusion; Adding malicious third party code to a web application can compromise the security of all the site.

- User input validation; All information entered by the user should be considered insecure until it's validated.


The gold seal insures that no vulnerabilities were detected in the application's source code. Aditionally, network traffic is continously monitored and will be analyzed by a team of security auditors that will endeavour to detect possible attacks unreleated to the source code and coordinate their mitigation and response with Dognaedis' Incident Response Team.