Malicious code in statsapi (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5c59dd2732ec529321670e500c8b732a5641b361029fd435277a6f110d4c5286 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Chaturbate: No rate limit in affiliate statsapi endpoint

Brute force at affiliate statsapi Steps To Reproduce: 1. The affiliate stats api link is vulnerable to brute force https:// chaturbate.com/affiliates/apistats/?username=hackeronetestchat&token=vulnerable I've used my profile and and my token to check brute force The correct token returned with 20...