CVE-2024-52528 Auth Token can be passed dummy or wrong the middleware response is 200 OK

Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens, which allows attackers to bypass intended restrictions. This vulnerability is fixed in 1.5.2...

Clario: No rate Limit on Licenses Activation

Introduction A little bit about Rate Limit A rate-limiting algorithm is used to check if the user session or IP-address has to be limited based on the information in the session cache. In case a client made too many requests within a given time-frame, HTTP-Servers can respond with status code 429...

Smule: No Rate Limiting On Phone Number Login Leads to Login Bypass

Hey Team, Introduction: A rate limiting algorithm is used to check if the user session has to be limited based on the information in the session cache. In case a client made too many requests within a given time frame. Description: I was able to Bypass Authentication of any user by enumerating th...

SharePoint Workflows XOML Injection

This module exploits a vulnerability within SharePoint and its .NET backend that allows an attacker to execute commands using specially crafted XOML data sent to SharePoint via the Workflows functionality. This module requires Metasploit: https://metasploit.com/download Current source:...

Ticketly 1.0 - 'name' SQL Injection

Exploit Title: Ticketly 1.0 – 'name' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-11-19 Google Dork: N/A Vendor: Abisoft https://abisoftgt.net Software Link: https://abisoftgt.net/software/6/sistema-de-tickets-y-soporte-con-php-y-mysql Affected Version: 1...

Sentrifugo HRMS 3.2 - 'deptid' SQL Injection

Exploit Title: Sentrifugo HRMS 3.2 - 'deptid' SQL Injection Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2018-08-26 Google Dork: N/A Vendor: http://www.sapplica.com Software Link: http://www.sentrifugo.com/download Affected Version: 3.2 and possibly before Patched Version:...

PCViewer vt1000 - Directory Traversal Vulnerability

Exploit for windows platform in category web applications Exploit Title: PCViewer vt1000 - Directory Traversal Exploit Author: Berk Dusunur Vendor Homepage: N/A Software Link: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml Affected Version: vt1000 Tested on: Parrot OS CVE : N...

Veris: Unauthenticated CSRF(User can input any value for CSRF Token)

Hello Veris, I believe you have implemented CSRF token on the registration for a reason. In my research, I found that a user supplied CSRF Token would be accepted and even saved in the browser cookie and will be the set token on subsequent request. This report is limited to the Register and Login...

SDP Downloader 2.3.0 - http_response Remote Buffer Overflow

SDP Downloader 2.3.0 - httpresponse Remote Buffer Overflow !/usr/bin/python Bug : SDP Downloader httpresponse Remote Buffer Overflow Exploit by: sup3r Tested on : Xp sp3 http://sdp.ppona.com/ from socket import win32exec - EXITFUNC=process CMD=calc Size=160 Encoder=PexFnstenvSub...

Wiki Web Help 0.2.7 Shell Upload

------------------------------------------------------------------------ Software................Wiki Web Help 0.2.7 Vulnerability...........Arbitrary Upload Download................http://sourceforge.net/projects/wwh/ Release Date............7/1/2010 Tested On...............Windows Vista + XAMPP...