payload set

Username enumeration via account lock

An attacker can perform username enumeration via account lock vulnerability by attempting multiple logins on a web application or website’s login page. During this process, the attacker repeatedly enters incorrect usernames. When they enter the … Read more

Search for:

Our Categories

Blogs
Cyber Security
Education
Internships
KaliLinux
Scholarship
Web Security

Our Recent Posts

User ID controlled by request parameter with password disclosure
What is Web Security? Protecting Your Online Presence in 2023
Unprotected admin functionality
User role can be modified in user profile
Unprotected admin functionality with unpredictable URL
User role controlled by request parameter
User ID controlled by request parameter
User ID controlled by request parameter with unpredictable user IDs
User ID controlled by request parameter with data leakage in redirect
Weak Isolation On Dual-Use Endpoint
Insufficient Workflow Validation
Authentication Bypass Via Flawed State Machine
Inconsistent Handling of Exceptional Input
Low-Level Logic Flaw
High-Level Logic Vulnerability
Flawed Enforcement of Business Rules
Excessive trust in client-side controls
Business Logic Vulnerabilities Basic to Advanced
Exploiting XXE To Retrieve Data By Repurposing A Local DTD
Exploiting XXE Via Image File Upload