Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

ThreatPost
ThreatPostadded 2022/06/14 1:7 p.m.18 views

What the New OWASP Top 10 Changes Mean to You?

The Open Web Application Security Project OWASP recently updated its top 10 list of the most critical security risks to web applications after 4 years. It represents the most radical shake up since the list was introduced in 2003. The changes will undoubtedly have a big impact on how businesses...

10CVSS9AI score0.39296EPSS
Exploits0References2
Hacker One
Hacker Oneadded 2019/07/14 8:39 a.m.22 views

Kartpay: Application Design issue for Phone Number field in Registration.

The current system only works for India so ISD Code of India i.e +91 is mandatory for Registration. During the Registration system was accepting any country ISD code due to Request was not validated by the system instead whatever sent through client-side modification is accepted. So the Strict...

3AI score
Exploits0
CNVD
CNVDadded 2017/09/25 12:0 a.m.2 views

PCG Travel Android App Has Logic Design Flaws

PCG Travel Android APP is a B2B2C travel service platform. PCG Travel Android APP has a logical design vulnerability. After registering, an attacker can reset any account password by grabbing packets to bypass the CAPTCHA through the forgot password function...

7.1AI score
Exploits0
Check Point Advisories
Check Point Advisoriesadded 2009/10/04 12:0 a.m.5 views

Apache Struts Classes Directory Traversal (CVE-2008-6505)

Apache Struts is a Java-based web application development framework. Unlike JSP and Servelets, Struts encourage good application design by enforcing MVC Model-View-Controller architecture for separation of concerns like business logic Model from web-page design View and navigational code...

5CVSS6.9AI score0.83102EPSS
Exploits0
myhack58
myhack58added 2009/05/23 12:0 a.m.11 views

A real sense of Session hijacking-vulnerability warning-the black bar safety net

Author: jianxin 80sec EMail: jianxin80sec.com Site: http://www.80sec.com Date: 2008-12-24 From: http://www.80sec.com/release/session-hijacking.txt Directory 0×0 0 application certification design background 0×0 1 a conventional attack ideas and defects 0×0 2 The use of application programming...

6.6AI score
Exploits0
exploitpack
exploitpackadded 2000/05/25 12:0 a.m.18 views

Omnis Studio 2.4 - Weak Database Field Encryption

Omnis Studio 2.4 - Weak Database Field Encryption source: https://www.securityfocus.com/bid/1255/info Omnis Studio 2.4 is a development tool for creating database applications. The tool gives developers the option to encrypt database entries. However, the encryption scheme used is weak and easily...

7.4AI score
Exploits0
Rows per page
Query Builder