Latest Security News about attack

Contact US For API Security>

Google Chrome Marks ICICI Bank’s Banking site as Unsafe – Attack or False Positive?

Google chrome’s anti-phishing algorithms show false positives? While trying to login to the internet banking website of India’s No:1 Private Bank (icicibank.com). It stopped the browser showing the below page   The interesting thing is the URL shown on the screen is different universal-api-dot-icicibank-c4m.appspot.com. But that is having no relation with the target website which […]

Contact US For API Security>

Potential CRLF injection attacks in Zend_Mail

Overview : CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email. Affected Product(s) : Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x […]

Contact US For API Security>

SQL Injection attack in pimcore before 6.3.0

Overview : Pimcore data leakage Flaws through SQL Injection Affected Product(s) : pimcore/pimcore before 6.3.0 Vulnerability Details : CVE ID : CVE-2019-10763 pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attacker with limited privileges (classes permission) can achieve a SQL injection that can lead in data leakage. The vulnerability can be exploited via ‘id’, ‘storeId’, […]