151 matches found
CVE-2022-24414
CVE-2022-24414 affects Dell EMC CloudLink 7.1.3 and earlier. The authentication token is exposed in GET request parameters, which can be logged by reverse proxies and servers, potentially allowing attackers to access the CloudLink server. The underlying issue is insecure token usage in URLs. Expe...
CVE-2022-24414
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attac...
PT-2022-13879 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.6 through 14.8.5 GitLab versions 14.9 through 14.9.3 GitLab versions 14.10 through 14.10.0 Description: An issue has been discovered in GitLab where the platform was not correctly authenticating a user who had a certain...
Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager
CVE-2022-1388 POC for CVE-2022-1388 affecting multiple F5 prod...
CVE-2022-24414
Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. These request parameters can get logged in reverse proxies and server logs. Attackers may potentially use these tokens to access CloudLink server. Tokens should not be used in request URL to avoid such attac...
Security Bulletin: IBM i2 Analyze and i2 Analyst's Notebook Premium has session handling vulnerability (CVE-2021-20431)
Summary i2 Analyze is subject to an auth token expiration vulnerability. Vulnerability Details CVEID: CVE-2021-20431 DESCRIPTION: IBM i2 Analyst's Notebook Premium does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. CVSS Base...
CVE-2021-34807
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any U...
Open redirect
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any U...
CVE-2021-34807
An open redirect vulnerability exists in the /preauth Servlet in Zimbra Collaboration Suite through 9.0. To exploit the vulnerability, an attacker would need to have obtained a valid zimbra auth token or a valid preauth token. Once the token is obtained, an attacker could redirect a user to any U...
PT-2021-20870 · Unknown · Noobaa-Operator
Name of the Vulnerable Software and Affected Versions: noobaa-operator versions prior to 5.7.0 Description: A flaw was found in noobaa-operator where internal RPC AuthTokens between the noobaa operator and the noobaa core are leaked into log files. An attacker with access to the log files could u...
Cross-site Request Forgery (CSRF)
Overview Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. The /login and /change endpoints can return the authenticated user's authentication token in response to a GET request. Since GET requests aren't protected with a CSRF token, this could lead to a malicio...
DLINK DWL-2600 Authenticated Remote Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'DLINK DWL-2600 Authenticated Remote Command Injection', 'Description' = %q Some DLINK Access Points are vulnerable to an authenticated OS command...
Nextcloud: nextcloud-snap CircleCI project has vulnerable configuration which can lead to exposing secrets
Summary: CircleCI allows projects to configure whether builds will run as a result of a pull request from a fork, and also whether these fork PRs have access to the secrets stored in the parent repo's CircleCI settings. When both settings are enabled, and the repo associated with the project allo...
CAMALEON CMS 2.4 Cross Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: CAMALEON CMS 2.4 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: http://camaleon.tuzitio.com/ Software Link : https://github.com/owen2345/camaleon-cms Software : CAMALEON CMS Version : 2.4 Vulernability...
Chaturbate: Stats Token doesn't expire after deactivating account
The hacker found that the stats token, that a user can use to access their own account information, does not expire when an account is deactivated. This was resolved so the view could not be used after deactivation. Application has a feature Authorize your 3rd party stats that provides users a wa...
meg+ - Automated Reconnaissance Wrapper
This wrapper will automate numerous tasks and help you during your reconnaissance process. The script finds common issues, low hanging fruit, and assists you when approaching a target. meg+ also allows you to scan all your in-scope targets on HackerOne in one go — it simply retrieves them using a...
The vulnerability of the BIGIPAuthCookie service in the iControl REST interface of the BIG-IP product line allows a attacker to gain access to the interface.
The vulnerability of the BIGIPAuthCookie service in the iControl REST interface of the BIG-IP product line is related to an incorrect session expiration time. Exploiting this vulnerability allows a malicious actor to gain access to the iControl REST interface by converting outdated cookie files...
Authentication Bypass
swauth is vulnerable to authentication bypass. Attackers can use a request token from the log file, to use in the X-Auth-Token header of a new request. The tokens are present in the logs because they are being saved unhashed as a part of a GET URI...
PYSEC-2017-84
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving unhashed tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allow...
Authentication flaw
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving unhashed tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allow...