CVE-2024-37871 : ITSOURCECODE ONLINE DISCUSSION FORUM 1.0 LOGIN.PHP EMAIL SQL INJECTION
Description SQL injection vulnerability in login.php in Itsourcecode Online Discussion Forum Project in PHP with Source Code 1.0 allows remote
CVE-2024-6471 : SOURCECODESTER ONLINE TOURS & TRAVELS MANAGEMENT 1.0 SMS_SETTING.PHP UNAME SQL INJECTION
Description A vulnerability classified as critical has been found in SourceCodester Online Tours & Travels Management 1.0. This affects an
CVE-2024-37298 : GORILLA SCHEMA UP TO 1.4.0 SESSION_ID ALLOCATION OF RESOURCES
Description gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has
CVE-2024-38368 : COCOAPODS EXPOSURE OF RESOURCE
Description trunk.cocoapods.org is the authentication server for the CoacoaPods dependency manager. A vulnerability affected older pods which migrated from the
CVE-2024-6417 : SOURCECODESTER SIMPLE ONLINE BIDDING SYSTEM 1.0 AJAX.PHP ID SQL INJECTION
Description A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been rated as critical. Affected by
CVE-2024-5469 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.10.5/16.11.2 KAS RESOURCE CONSUMPTION
Description DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3
CVE-2024-36454 : FSAS TECHNOLOGIES IPCOM EX2/IPCOM VE2 UP TO V01L07NF0201 PACKET UNINITIALIZED RESOURCE
Description Use of uninitialized resource issue exists in IPCOM EX2 Series (V01L0x Series) V01L07NF0201 and earlier, and IPCOM VE2 Series
CVE-2024-22144 : ELI SCHEETZ ANTI-MALWARE SECURITY AND BRUTE-FORCE FIREWALL PLUGIN CODE INJECTION
Description Improper Control of Generation of Code (‘Code Injection’) vulnerability in Eli Scheetz Anti-Malware Security and Brute-Force Firewall gotmls allows
CVE-2024-2912 : BENTOML FRAMEWORK UP TO 1.2.4 POST REQUEST INSECURE DEFAULT INITIALIZATION OF RESOURCE
Description An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution (RCE) by sending a specially crafted
CVE-2024-0610 : PIRAEUS BANK WOOCOMMERCE PAYMENT GATEWAY UP TO 1.6.5.1 ON WORDPRESS SQL INJECTION
Description The Piraeus Bank WooCommerce Payment Gateway plugin for WordPress is vulnerable to time-based blind SQL Injection via the ‘MerchantReference’
CVE-2024-0182 : SOURCECODESTER ENGINEERS ONLINE PORTAL 1.0 ADMIN LOGIN /ADMIN/ USERNAME/PASSWORD SQL INJECTION
Description A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is
CVE-2023-39325 : GOOGLE GO HTTP/2 RESET RESOURCE CONSUMPTION
Description A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While
Securing Seamless Traffic Distribution On E-commerce Websites
Securing Seamless Traffic Distribution on E-commerce Websites In today’s digital landscape, e-commerce websites are essential to connecting businesses with consumers.
What Is The Lack Of Resources And Rate Limiting?
Lack of resources and rate limiting are security vulnerabilities that occur when an API does not have enough resources to
Resource library
Resource Library Battling Bot Attacks & Fraud On APIs With Prophaze WAF Attacks on Application Programming Interfaces (APIs) have become
CVE-2023-4180 : SOURCECODESTER FREE HOSPITAL MANAGEMENT SYSTEM FOR SMALL PRACTICES /VM/LOGIN.PHP SQL INJECTION
Description A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by
CVE-2023-3364 : GITLAB COMMUNITY EDITION/ENTERPRISE EDITION UP TO 16.2.1 PAYLOADS CE/EE PREVIEW_MARKDOWN RESOURCE CONSUMPTION
Description An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16.0.8, all versions starting
CVE-2023-36542 : APACHE NIFI UP TO 1.22.0 REMOTE RESOURCE CODE INJECTION
Description Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which
CVE-2023-3987 : SOURCECODESTER SIMPLE ONLINE MENS SALON MANAGEMENT SYSTEM 1.0 ID SQL INJECTION
Description A vulnerability was found in SourceCodester Simple Online Mens Salon Management System 1.0. It has been classified as critical.
What Is A Brute Force Attack? What Are The Measures To Prevent Brute-force Attacks?
A brute-force attack is a method of guessing a password or other authentication credential by trying multiple combinations until the
CVE-2023-0750 : YELLOBRIK PEC-1864 CLIENT-SIDE ENFORCEMENT OF SERVER-SIDE SECURITY
Description Yellobrik PEC-1864 implements authentication checks via javascript in the frontend interface. When the device can be accessed over the
CVE-2023-24998 : APACHE COMMONS FILEUPLOAD UP TO 1.4 REQUEST PART ALLOCATION OF RESOURCES
Description Apache Commons FileUpload before 1.5 does not limit the number of request parts to be processed resulting in the
CVE-2022-27518 : CITRIX ADC/GATEWAY RESOURCE CONTROL
Description Unauthenticated remote arbitrary code execution. References https://support.citrix.com/article/CTX474995 For More Information MITRE
CVE-2022-45359 : YITH WOOCOMMERCE GIFT CARDS PREMIUM PLUGIN UP TO 3.19.0 ON WORDPRESS UNRESTRICTED UPLOAD
Description Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin