Smule: No Rate Limiting On Phone Number Login Leads to Login Bypass

Hey Team, Introduction: A rate limiting algorithm is used to check if the user session has to be limited based on the information in the session cache. In case a client made too many requests within a given time frame. Description: I was able to Bypass Authentication of any user by enumerating th...

SharePoint Workflows XOML Injection

This module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality. This module requires Metasploit: https://metasploit.com/download Current source:...

Veris: Unauthenticated CSRF(User can input any value for CSRF Token)

Hello Veris, I believe you have implemented CSRF token on the registration for a reason. In my research, I found that a user supplied CSRF Token would be accepted and even saved in the browser cookie and will be the set token on subsequent request. This report is limited to the Register and Login...

Heap overflow

Heap-based buffer overflow in popcorn.exe in Ultrafunk Popcorn 1.87 allows remote POP3 servers to cause a denial of service application crash via a long string in a +OK response. NOTE: some of these details are obtained from third party information...