EUVD-2023-32023

Malicious code in bioql PyPI...

CVE-2023-28316

A security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled...

CVE-2023-6751

The Hostinger plugin for WordPress is vulnerable to unauthorized plugin settings update due to a missing capability check on the function publishwebsite in all versions up to, and including, 1.9.7. This makes it possible for unauthenticated attackers to enable and disable maintenance mode...

Session Fixation

uptime-kuma is vulnerable to Session Fixation. The vulnerability is caused by a lack of session token invalidation in the server.js authentication middleware. This allows attackers with a token to maintain access even after the user's password changed...

Mantra: A Browser based Security Framework !

Mantra is a dream that came true for the author. It is a collection of free and open source tools integrated into a web browser – Firefox, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and...