username

Password brute-force via password change

Password brute-force via password change” is a technique in which an attacker uses a brute-force attack to log in to a user’s account by changing their password. Basically, the attacker has a list of many … Read more

Username enumeration via account lock

An attacker can perform username enumeration via account lock vulnerability by attempting multiple logins on a web application or website’s login page. During this process, the attacker repeatedly enters incorrect usernames. When they enter the … Read more

Search for:

Our Categories

Blogs
Cyber Security
Education
Internships
KaliLinux
Scholarship
Web Security

Our Recent Posts

Understanding Types of VPNs and Their Security Measures
Referer-based access control
Multi-step process with no access control on one step
Method-based access control can be circumvented
Insecure direct object references
URL-based access control can be circumvented
User ID controlled by request parameter with password disclosure
What is Web Security? Protecting Your Online Presence in 2023
Unprotected admin functionality
User role can be modified in user profile
Unprotected admin functionality with unpredictable URL
User role controlled by request parameter
User ID controlled by request parameter
User ID controlled by request parameter with unpredictable user IDs
User ID controlled by request parameter with data leakage in redirect
Weak Isolation On Dual-Use Endpoint
Insufficient Workflow Validation
Authentication Bypass Via Flawed State Machine
Inconsistent Handling of Exceptional Input
Low-Level Logic Flaw