Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrAhmedvienna59FE5037-B253-4B0F-BE69-1D2E4AF8B4A9
HistoryJul 13, 2023 - 8:47 p.m.

Business Logic Error - letting the Name Field blank

2023-07-1320:47:28
ahmedvienna
www.huntr.dev
5
business logic
username
bypass

0.0004 Low

EPSS

Percentile

13.3%

JSON

Hello,

I was able to bypass the restriction for setting an admin username and letting the username via spaces blank.

Let’s have a look.

As you can see the name is with a red star and therefore required to be filled.

Now we will add2 spaces and let the username blank and save.

As you can see all the names have been left blank.

Thank you for your time.

Related

osv 2
prion 1
cvelist 1
cve 1
veracode 1
github 1
nvd 1
hp 1
osv
osv
Froxlor vulnerable to business logic errors
2023-08-11 03:30:19
CVE-2023-4304
2023-08-11 01:15:09
prion
prion
Code injection
2023-08-11 01:15:00
cvelist
cvelist
CVE-2023-4304 Business Logic Errors in froxlor/froxlor
2023-08-11 00:00:20
cve
cve
CVE-2023-4304
2023-08-11 01:15:09
veracode
veracode
Business Logic Errors
2023-08-14 17:51:55
github
github
Froxlor vulnerable to business logic errors
2023-08-11 03:30:19
nvd
nvd
CVE-2023-4304
2023-08-11 01:15:09
hp
hp
HP Device Manager Security Updates
2023-10-20 00:00:00

0.0004 Low

EPSS

Percentile

13.3%

JSON
Related for 59FE5037-B253-4B0F-BE69-1D2E4AF8B4A9
osv2prion1cvelist1cve1veracode1github1nvd1hp1