The present invention relates to web applications in client-server architecture models, and specifically to systems and methods for automatically detecting security vulnerabilities in web applications.