API - API Security Blog

Authorization bypass in Flower

Flower, a web UI for the Celery Python RPC framework, all versions as of 05-02-2022 is vulnerable to an OAuth authentication bypass. An attacker could then access the Flower API to discover and invoke ...

05 июня, 2022

Exploit for Unrestricted Upload of File with Dangerous Type in Wso2 Api Manager

# Better CVE-2022-29464 Certain WSO2 products allow unrestricte...Read More ...

04 июня, 2022

RST Threat feed. IOC: https://58.218.215.134:443/api/v1

Found **https://58[.]218.215.134:443/api/v1** in [RST Threat Fee...Read More ...

04 июня, 2022

RST Threat feed. IOC: https://kyc-services.co/api/metamask/login/verify.html

Found **https://kyc-services[.]co/api/metamask/login/veri...Read More ...

04 июня, 2022

RST Threat feed. IOC: https://metamarkkyc.net/api/metamask/login/verify.html

Found **https://metamarkkyc[.]net/api/metamask/login/veri...Read More ...

04 июня, 2022

RST Threat feed. IOC: https://124.221.217.149/api/x

Found **https://124[.]221.217.149/api/x** in [RST Threat Feed...Read More ...

04 июня, 2022

RST Threat feed. IOC: https://121.29.38.230:443/api/v1

Found **https://121[.]29.38.230:443/api/v1** in [RST Threat Feed...Read More ...

04 июня, 2022

RST Threat feed. IOC: https://hpmusic.cloud/api/routes/web.php

Found **https://hpmusic[.]cloud/api/routes/web.php** in [RST Thr...Read More ...

04 июня, 2022