What Is Broken Authentication? How It Works, And What Steps You Can Take To Prevent It?
Broken authentication is a common security vulnerability that occurs when an attacker is able to compromise the authentication process used
What Is SQL Injection Attack?
What is SQL Injection? SQL injection is a type of cyber attack that targets web applications that use Structured Query
What Is Sensitive Data Exposure Vulnerability & How To Prevent It?
All About Sensitive Data Exposure Sensitive data exposure is a critical issue that affects individuals and organizations around the world.
Securing 3rd party API Integrations
Prophaze offers a wide range of cybersecurity solutions, including securing third-party API integrations. Helps to identify and mitigate potential security
Prophaze Hybrid WAF 3.0
Web Application Firewalls (WAF) have existed for quite some time to safeguard web applications by inspecting HTTP traffic. Traditionally, on-premises WAFs
Introducing WAF 3.0
The conventional Model is WAF 1.0 Hardware-driven, not scalable, typically rule-based architecture which came into existence in the early 2000s.
Injection Prevention
Home Injection Prevention PROPHAZE APPSEC PLATFORM What is Prophaze WAF? How Prophaze WAF Works? System Requirements Performance SSL Termination Modes
OWASP TOP 10
OWASP TOP 10 OWASP Top 10 Web Application Vulnerabilities’ Mitigation using Prophaze WAF Prophaze web application firewall (WAF) that protects
Vulnerabilities Discovered in CIPAce Enterprise Platform
Overview : A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP
FiberHome HG2201T Pre-Auth RCE
Overview : FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. Affected Product(s) : FiberHome HG2201T Vulnerability
SugarCRM security issues released
Overview : CVE-2019-17292 SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin
Cisco announces vulnerabilities
Overview : Cisco Firepower Management Center Remote Code Execution Vulnerability CWE-20 / CVE-2019-12689 A vulnerability in the web-based management interface
Latest Security vulnerabilities in Cisco products
Overview : Cisco IOS XE Software NAT Session Initiation Protocol Application Layer Gateway Denial of Service Vulnerability CWE-399/ CVE-2019-12646 A
CVE-2024-39171 : PHPVIBE 11.0.46 INCOMPLETE BLACKLIST
Description Directory Travel in PHPVibe v11.0.46 due to incomplete blacklist checksums and directory checks, which can lead to code execution
CVE-2024-5980 : LIGHTNING-AI PYTORCH-LIGHTNING UP TO 2.2.4 API ENDPOINT /V1/RUNS UNRESTRICTED UPLOAD
Description A vulnerability in the /v1/runs API endpoint of lightning-ai/pytorch-lightning v2.2.4 allows attackers to exploit path traversal when extracting tar.gz
SANs Top 25
The SANS Institute designs numerous programs for the purpose of security professionals around the globe. This exceptional organization collectively brings
LogicalDoc before 8.3.3 allows SQL Injection
Overview : LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This
Cisco Security issues released
Overview : Cisco Aironet Access Points Unauthorized Access Vulnerability CWE-284 / CVE-2019-15260 A vulnerability in Cisco Aironet Access Points (APs) Software could
Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center
Overview : The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before version
A 14 year old undetected bug found in WinRAR
CheckPoint infosec eggheads have claimed to have found out a Windows archiving security flaw that seems to have been present