Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3

Press Releases

January 18, 2019 |

WhiteHat Security Identifies Top 10 Application Vulnerabilities for 2018

Threat report details how malicious actors exploit weaknesses to breach systems and offers prevention tips for the new year

WhiteHat Security, the leading application security provider committed to securing digital business, released new threat research titled†Top 10 Application Security Vulnerabilities of 2018, detailing the most common web exploits used by malicious attackers during the past 12 months. This research will educate the market on avoiding hacks, like those that affected British Airways, Ticketmaster, the United States Postal Service (USPS) and more, due to these vulnerabilities and includes valuable prevention tips for enterprises to implement in the new year.

Examples of Top Application Vulnerabilities for 2018:

1.†jQuery File Upload RCE – CVE-2018-9206

jQuery File Upload is a popular open source package that allows users to upload files to a website – however, it can be abused by creating a shell that is uploaded to run commands on the server. This vulnerability can be traced back to 2015, and all versions prior to 9.22.1 are vulnerable.


Although not a common vulnerability and exposure (CVE), Magecart is a card-skimming attack that cannot be overlooked. It originated from a black hat group in 2018, and companies like Ticketmaster, British Airways, Feedify, ABS-CBN and Newegg were among the victims of this attack. Magecart breaches systems and replaces the JavaScript that handles payments with malicious code to send payment details to the hackers completely unbeknownst to the end user.

3.†WordPress DoS – CVE-2018-6989

In WordPress, unauthenticated users can perform a Denial of Service (DoS) attack by abusing the functionality of the load-scripts.php file to request a large number of JavaScript files via a single request. This allows each request to quickly consume the resources of the server, leading to a DoS.

In 2018, WhiteHat analyzed and validated several million attack vectors across multiple market sectors. The WhiteHat Security platform is powered by a combination of automation, artificial and human intelligence to ensure that only actionable security threats are reported to its customers.

The†Top 10 Application Security Vulnerabilities of 2018†reflect a combination of observed trends from the WhiteHat Security vulnerability data lake and the active customer feedback on the threats across its enterprise application portfolio.

Editor’s Choice

Broadcom-VMware Shakeout: How the Channel Has Been Affected By the Big Industry Acquisition

April 11, 2024 |

Industry experts weigh in on the “messy breakup” that MSPs were left with after Broadcom’s acquisition of VMWare.

Selling Cybersecurity: How MSPs Can Become Crucial Partners in Managing Risk

March 27, 2024 | David Powell

MSPs should try to bring an end customer into the cybersecurity fold. Here are some ways to help drive that.

3 Questions with Ingram Micro’s Sanjib Sahoo on Integrating AI into Managed Services

March 25, 2024 |

Ingram Micro’s EVP and chief digital officer shares some insights on how MSPs can effectively integrate artificial intelligence into their business operations.

Related News

Growing the MSP

Explore ChannelPro


Reach Our Audience