Formal Analysis of Vulnerabilities of Web Applications Based on SQL Injection (Extended Version)

We present a formal approach that exploits attacks related to SQL Injection (SQLi) searching for security flaws in a web application. We give a formal representation of web applications and databases, and show that our formalization effectively exploits SQLi attacks. We implemented our approach in a prototype tool called SQLfast and we show its efficiency on real-world case studies, including the discovery of an attack on Joomla! that no other tool can find

A Formal and Automated Approach to Exploiting Multi-Stage Attacks of Web Applications

The complexity of modern web applications, due to the imple- mentation of new services, has rapidly increased the need of new automatic security analysis methods and tools. Today, the leading methodology for the security analysis of web applications is a combination of vulnerability assess- ment and penetration testing. Vulnerability assessment has received much attention and several tools have been proposed to identify vulnerabilities. On the other hand, penetration testing has been left to the experience of the security analyst. In this thesis, I address this problem by proposing a formal, model-based testing approach for the security analysis of web applications that can support the penetration testing phase. The approach I propose is based on the formal definition of web applications and their vulnerabilities which allow one to (i) reason about vulnerabilities of web applications and (ii) combine multiple vulnerabilities for the identification of complex, multi-stage attacks. I have developed WAFEx, an automated tool that implements my approach and I show its efficiency by applying it to real-world case studies. WAFEx was able to find previously unknown attacks, which are witness to the fact that WAFEx can generate, and exploit, attacks that, to the best of my knowledge, no other tool for the security analysis of web applications can find

Gentamicin-coated tibia nail in fractures and nonunion to reduce fracture-related infections: a systematic review

The incidence of a fracture-related infection (FRI) can reach 30% of open tibia fractures (OTF). The use of antibiotic-coated implants is one of the newest strategies to reduce the risk of infection in orthopedic surgery. The aim of this study was to investigate the efficacy and safety of a gentamicin-coated tibia nail in primary fracture fixation (FF) and revision surgery (RS) of nonunion cases in terms of FRI incidence. We conducted a systematic review according to the PRISMA checklist on Pub-Med, Cochrane, and EMBASE. Of the 32 studies, 8 were included, for a total of 203 patients treated: 114 were FF cases (63% open fractures) and 89 were RS cases, of which 43% were infected nonunion. In the FF group, four FRI were found (3.8%): three OTF (Gustilo-Anderson III) and one closed fracture; bone healing was achieved in 94% of these cases. There were four relapses of infection and one new onset in the RS group; bone healing occurred in 88% of these cases. No side effects were found. There were no significant differences in terms of FRI, nonunion, and healing between the two groups. Gentamicin-coated tibia nail is an effective therapeutic option in the prophylaxis of high-risk fracture infections and in complex nonunion cases

Does Pelvic Incidence Influence the Morphology of the Sacroiliac Joint?

Pelvic Incidence is defined as the angle between the perpendicular line to the upper plate of S1 at its midpoint and the line between this point and the center of bicoxofemoral line, it describes the position of femural heads in relation to sacrum. Recently some authors described a direct correlation between high values of PI and large AP pelvic axis (horizontal pelvis) and a wide pelvic ring [1]. Also the acetabular orientation is influenced by PI ; high values of PI means a more vertical acetabulum. Having regard to the relationship between PI and the main structures involved in the load transfer, to date no studies that correlate the morphology of the Sacroiliac Joint (SiJ) and PI were performed. The aim of this study is to evaluate the different morphology of the auricular surface of the sacrum comparing two groups of healthy young people with low (40°) PI. We retrospectively analysed 51 consecutive young (between 20 and 35 y.o.) people. After the evaluation of PI the sample was divided into two groups: 31 people belong to the group A (PI 40°). The following morphological parameters of the SiJ were analysed: length of long axis (LLA), length of short axis (LSA), length of oblique axis (LOA), ratio between long and short axis (RLSA), angle between axis (ABA) and surface; global shape of the joint was evaluated; two new parameters were introduced, SiJ Tilt (SiJT), defined as the angle between the vertical line and the long axis of the SiJ and SiJ Slope (SiJS), defined as the angle between the horizontal line and the short axis of the SiJ. We found a strong statistically significant correlations (p-value 0.05) between PI and RLSA, shape, ABA, SiJT and SiJS; a weaker correlations (p-value 0.10) between PI and LLA, LSA were observed; no statistically significant correlation between PI and LOA and surface were observed. The results underline that there is a strong correlation between pelvic morphology and SiJ anatomy. Further studies, about the different pattern of forces distribution among SiJ, will need to be performed to have a better knowledge that could help to understand the biomechanics and pathophysiology of normal and pathological SiJ

Prescription appropriateness of anti-diabetes drugs in elderly patients hospitalized in a clinical setting: evidence from the REPOSI Register

Diabetes is an increasing global health burden with the highest prevalence (24.0%) observed in elderly people. Older diabetic adults have a greater risk of hospitalization and several geriatric syndromes than older nondiabetic adults. For these conditions, special care is required in prescribing therapies including anti- diabetes drugs. Aim of this study was to evaluate the appropriateness and the adherence to safety recommendations in the prescriptions of glucose-lowering drugs in hospitalized elderly patients with diabetes. Data for this cross-sectional study were obtained from the REgistro POliterapie-Società Italiana Medicina Interna (REPOSI) that collected clinical information on patients aged ≥ 65 years acutely admitted to Italian internal medicine and geriatric non-intensive care units (ICU) from 2010 up to 2019. Prescription appropriateness was assessed according to the 2019 AGS Beers Criteria and anti-diabetes drug data sheets.Among 5349 patients, 1624 (30.3%) had diagnosis of type 2 diabetes. At admission, 37.7% of diabetic patients received treatment with metformin, 37.3% insulin therapy, 16.4% sulfonylureas, and 11.4% glinides. Surprisingly, only 3.1% of diabetic patients were treated with new classes of anti- diabetes drugs. According to prescription criteria, at admission 15.4% of patients treated with metformin and 2.6% with sulfonylureas received inappropriately these treatments. At discharge, the inappropriateness of metformin therapy decreased (10.2%, P < 0.0001). According to Beers criteria, the inappropriate prescriptions of sulfonylureas raised to 29% both at admission and at discharge. This study shows a poor adherence to current guidelines on diabetes management in hospitalized elderly people with a high prevalence of inappropriate use of sulfonylureas according to the Beers criteria

Antidiabetic Drug Prescription Pattern in Hospitalized Older Patients with Diabetes

Objective: To describe the prescription pattern of antidiabetic and cardiovascular drugs in a cohort of hospitalized older patients with diabetes. Methods: Patients with diabetes aged 65 years or older hospitalized in internal medicine and/or geriatric wards throughout Italy and enrolled in the REPOSI (REgistro POliterapuie SIMI—Società Italiana di Medicina Interna) registry from 2010 to 2019 and discharged alive were included. Results: Among 1703 patients with diabetes, 1433 (84.2%) were on treatment with at least one antidiabetic drug at hospital admission, mainly prescribed as monotherapy with insulin (28.3%) or metformin (19.2%). The proportion of treated patients decreased at discharge (N = 1309, 76.9%), with a significant reduction over time. Among those prescribed, the proportion of those with insulin alone increased over time (p = 0.0066), while the proportion of those prescribed sulfonylureas decreased (p < 0.0001). Among patients receiving antidiabetic therapy at discharge, 1063 (81.2%) were also prescribed cardiovascular drugs, mainly with an antihypertensive drug alone or in combination (N = 777, 73.1%). Conclusion: The management of older patients with diabetes in a hospital setting is often sub-optimal, as shown by the increasing trend in insulin at discharge, even if an overall improvement has been highlighted by the prevalent decrease in sulfonylureas prescription

The “Diabetes Comorbidome”: A Different Way for Health Professionals to Approach the Comorbidity Burden of Diabetes

(1) Background: The disease burden related to diabetes is increasing greatly, particularly in older subjects. A more comprehensive approach towards the assessment and management of diabetes’ comorbidities is necessary. The aim of this study was to implement our previous data identifying and representing the prevalence of the comorbidities, their association with mortality, and the strength of their relationship in hospitalized elderly patients with diabetes, developing, at the same time, a new graphic representation model of the comorbidome called “Diabetes Comorbidome”. (2) Methods: Data were collected from the RePoSi register. Comorbidities, socio-demographic data, severity and comorbidity indexes (Cumulative Illness rating Scale CIRS-SI and CIRS-CI), and functional status (Barthel Index), were recorded. Mortality rates were assessed in hospital and 3 and 12 months after discharge. (3) Results: Of the 4714 hospitalized elderly patients, 1378 had diabetes. The comorbidities distribution showed that arterial hypertension (57.1%), ischemic heart disease (31.4%), chronic renal failure (28.8%), atrial fibrillation (25.6%), and COPD (22.7%), were the more frequent in subjects with diabetes. The graphic comorbidome showed that the strongest predictors of death at in hospital and at the 3-month follow-up were dementia and cancer. At the 1-year follow-up, cancer was the first comorbidity independently associated with mortality. (4) Conclusions: The “Diabetes Comorbidome” represents the perfect instrument for determining the prevalence of comorbidities and the strength of their relationship with risk of death, as well as the need for an effective treatment for improving clinical outcomes

Clinical features and outcomes of elderly hospitalised patients with chronic obstructive pulmonary disease, heart failure or both

Background and objective: Chronic obstructive pulmonary disease (COPD) and heart failure (HF) mutually increase the risk of being present in the same patient, especially if older. Whether or not this coexistence may be associated with a worse prognosis is debated. Therefore, employing data derived from the REPOSI register, we evaluated the clinical features and outcomes in a population of elderly patients admitted to internal medicine wards and having COPD, HF or COPD + HF. Methods: We measured socio-demographic and anthropometric characteristics, severity and prevalence of comorbidities, clinical and laboratory features during hospitalization, mood disorders, functional independence, drug prescriptions and discharge destination. The primary study outcome was the risk of death. Results: We considered 2,343 elderly hospitalized patients (median age 81 years), of whom 1,154 (49%) had COPD, 813 (35%) HF, and 376 (16%) COPD + HF. Patients with COPD + HF had different characteristics than those with COPD or HF, such as a higher prevalence of previous hospitalizations, comorbidities (especially chronic kidney disease), higher respiratory rate at admission and number of prescribed drugs. Patients with COPD + HF (hazard ratio HR 1.74, 95% confidence intervals CI 1.16-2.61) and patients with dementia (HR 1.75, 95% CI 1.06-2.90) had a higher risk of death at one year. The Kaplan-Meier curves showed a higher mortality risk in the group of patients with COPD + HF for all causes (p = 0.010), respiratory causes (p = 0.006), cardiovascular causes (p = 0.046) and respiratory plus cardiovascular causes (p = 0.009). Conclusion: In this real-life cohort of hospitalized elderly patients, the coexistence of COPD and HF significantly worsened prognosis at one year. This finding may help to better define the care needs of this population

An embedding technique to determine ττ backgrounds in proton-proton collision data

An embedding technique is presented to estimate standard model tau tau backgrounds from data with minimal simulation input. In the data, the muons are removed from reconstructed mu mu events and replaced with simulated tau leptons with the same kinematic properties. In this way, a set of hybrid events is obtained that does not rely on simulation except for the decay of the tau leptons. The challenges in describing the underlying event or the production of associated jets in the simulation are avoided. The technique described in this paper was developed for CMS. Its validation and the inherent uncertainties are also discussed. The demonstration of the performance of the technique is based on a sample of proton-proton collisions collected by CMS in 2017 at root s = 13 TeV corresponding to an integrated luminosity of 41.5 fb(-1).Peer reviewe

Measurement of t(t)over-bar normalised multi-differential cross sections in pp collisions at root s=13 TeV, and simultaneous determination of the strong coupling strength, top quark pole mass, and parton distribution functions

Peer reviewe