Vulnerabilities

This blog is a guide that provides best practices and techniques for preventing SQL Injection, which is a common web application vulnerability where an attacker can manipulate SQL queries in order to gain unauthorized access to a database. Learn more about SQL Injection.

Exploring the recent zero-day vulnerabilities in Ivanti Connect Secure and Policy Secure, and the recommended mitigations for affected organizations.

Clickjacking ( UI redressing) is a type of attack where a malicious website tricks a user into clicking on something different from what they intended

Directory Traversal vulnerability allows an attacker to access sensitive files or execute commands on the application server.

Server-side template injection (SSTI) is a vulnerability that can allow attackers to execute arbitrary code on the server.

This blog will help developers to understand XSS, its types, how to discover and prevent it. XSS stands for Cross-Site Scripting, a type of vulnerability

XXE is a vulnerability in XML processing that attackers exploit to access sensitive data. Learn all about XML External Entity attack and how to prevent it.

This blog is about the CVE-2022-23529: RCE vulnerability discovered in JsonWebToken (JWT) library (Revoked).