Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Web Application Vulnerability Categorization
Apr 01 2014 02:09AM
m@d m0nk (th3madm0nk gmail com)
I have a web app with a password recovery option. There is a secret
question and if the user enters the correct answer to the secret
question, the username and password is provided to the user.
If the password recover page / module allows multiple tries
(brute-force and ...
[ more ]
Copyright 2010, SecurityFocus