EUVD-2020-17370

Malware in sbrugna...

CVE-2024-8606 Fix 2FA bypass via RestAPI

Bypass of two factor authentication in RestAPI in Checkmk 2.3.0p16 and 2.2.0p34 allows authenticated users to bypass two factor authentication...

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

CGA-WCH6-GG52-RPHJ

Bulletin has no description...

GitLab 1.0 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13297)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a...

GitLab 1.0 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13304)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to maintain access under certain...

GitLab Password Reset Account Takeover

This module exploits an account-take-over vulnerability that allows users to take control of a gitlab account without user interaction. The vulnerability lies in the password reset functionality. Its possible to provide 2 emails and the reset code will be sent to both. It is therefore possible to...

BIT-GITLAB-2020-13304

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to maintain access under certain conditions...

BIT-GITLAB-2020-13308

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authentication enabled could be prohibited from accessing GitLab by being invited into a project that had 2 factor authentication inheritance...

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

GitLab warns zero-click vulnerability could lead to account takeovers

GitLab has issued a warning about a critical vulnerability in GitLab Community Edition CE and Enterprise Edition EE. GitLab is an online DevOps platform that allows developers to collaborate on creating software. Organizations have a choice to install GitLab on their own servers or under GitLab’s...

Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab

CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...

Cross-site Scripting (XSS)

pimcore/admin-ui-classic-bundle is vulnerable to Cross-site Scripting XSS. The vulnerability exists if an admin user has not set up 2-factor authentication in twofactorsetup.html.twig , which allows an attacker to inject and execute malicious HTML or javascript through the /admin/login/2fa-setup...

GHSA-HQV9-6JQW-9G8M Pimcore admin UI vulnerable to Cross-site Scripting in 2 factor authentication setup page

Summary Unauthenticated HTML Injection / XSS Possible. Conditions: 2factor authentication must not set before Vulnerable Endpoint: /admin/login/2fa-setup Vulnerable Param: error= How it works, So basically any admin, who has not setup 2 factor authentication before is vulnerable for this attack,...

Pimcore admin UI vulnerable to Cross-site Scripting in 2 factor authentication setup page

Summary Unauthenticated HTML Injection / XSS Possible. Conditions: 2factor authentication must not set before Vulnerable Endpoint: /admin/login/2fa-setup Vulnerable Param: error= How it works, So basically any admin, who has not setup 2 factor authentication before is vulnerable for this attack,...

CVE-2023-36456

authentik is affected prior to versions 2023.4.3 and 2023.5.5 because it does not verify the origin of the X-Forwarded-For and X-Real-IP headers in both Python and Go code. This can allow spoofing of IPs in logs and in downstream flows that rely on IP checks, and may enable bypassing IP-based pol...

HTML Injection / Possible XSS

Description In pimcore I was able to identify a Unauthenticated HTML Injection / XSS Possible. Conditions: 2 factor authentication must not set before Vulnerable Endpoint: http://localhost/admin/login/2fa-setup Vulnerable Param: error= How it works, So basically any admin, who has not setup 2...

Cloudflare Public Bug Bounty: 2FA BYPASS

A vulnerability in Cloudflare's Dashboard allowed for the retrieval of recovery codes without completing the authentication process. The issue was resolved by disallowing requests to the vulnerable API endpoint until users were fully authenticated...

New EvilProxy Phishing Service Allowing Cybercriminals to Bypass 2-Factor Security

A new phishing-as-a-service PhaaS toolkit dubbed EvilProxy is being advertised on the criminal underground as a means for threat actors to bypass two-factor authentication 2FA protections employed against online services. "EvilProxy actors are using reverse proxy and cookie injection methods to...

Watch out for the email that says “You have a new voicemail!”

A phishing campaign is using voicemail notification messages to go after victims Office 365 credentials. According to researchers at ZScaler, the campaign uses spoofed emails with an HTML attachment that contains encoded javascript. The email claims that you have a new voicemail and that you can...