What should a hacker know about WebDav?
ORM2Pwn: Exploiting injections in Hibernate ORM
New methods for exploiting ORM injections in Java applications
Entity provider selection confusion attacks in JAX-RS applications
Neat tricks to bypass CSRF-protection
Unsafe JAX-RS: Breaking REST API