140 matches found
CVE-2021-41093 Account takeover when having only access to a user's short lived token
Wire is an open source secure messenger. In affected versions if the an attacker gets an old but valid access token they can take over an account by changing the email. This issue has been resolved in version 3.86 which uses a new endpoint which additionally requires an authentication cookie. See...
PT-2021-23082 · Wire · Wire
Name of the Vulnerable Software and Affected Versions: Wire versions prior to 3.86 Description: The issue allows an attacker to take over an account by changing the email if they obtain an old but valid access token. This is possible due to insufficient security measures in place prior to the...
Design/Logic Flaw
DISPUTED Module/Settings/UserExport.php in Friendica through 2021.01 allows settings/userexport to be used by anonymous users, as demonstrated by an attempted access to an array offset on a value of type null, and excessive memory consumption. NOTE: the vendor states "the feature still requires a...
CVE-2021-30141
CVE-2021-30141 concerns Friendica versions through 2021.01. The issue is in Module/Settings/UserExport.php where the settings/userexport route can be accessed by anonymous users, potentially triggering an attempted access to an array offset on a null value and causing excessive memory consumption...
PT-2021-18628 · Friendica · Friendica
Name of the Vulnerable Software and Affected Versions: Friendica versions through 2021.01 Description: The issue allows the settings/userexport feature to be accessed by anonymous users, potentially leading to excessive memory consumption and attempted access to an array offset on a value of type...
CVE-2021-24148
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address...
Authentication flaw
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address...
CVE-2021-24148 MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple
A business logic issue in the MStore API WordPress plugin, versions before 3.2.0, had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address...
Wordpress MStore API 授权问题漏洞
Wordpress MStore API is Wordpress open source an application plugin . Provides a configuration for Mstore, FluxStore mobile devices and support RestAPI to connect to the application features . MStore API WordPress plugin version 3.2.0 before the existence of a security vulnerability that can be...
MStore API < 3.2.0 - Authentication Bypass With Sign In With Apple
The plugin had an authentication bypass with Sign In With Apple allowing unauthenticated users to recover an authentication cookie with only an email address. PoC The plugin must have a valid purchase code for the request to work curl -X GET --header 'Content-Type: application/json' --header...
Erlang Cookie - Remote Code Execution Exploit
Exploit Title: Erlang Cookie - Remote Code Execution Exploit Author: 1F98D Original Author: Milton Valencia wetw0rk Software Link: https://www.erlang.org/ Version: N/A Tested on: Debian 9.11 x64 References: https://insinuator.net/2017/10/erlang-distribution-rce-and-a-cookie-bruteforcer/ Erlang...
Erlang Cookie - Remote Code Execution
Exploit Title: Erlang Cookie - Remote Code Execution Date: 2020-05-04 Exploit Author: 1F98D Original Author: Milton Valencia wetw0rk Software Link: https://www.erlang.org/ Version: N/A Tested on: Debian 9.11 x64 References:...
Fujitsu Eternus Storage DX200 S4 Authorization Issues Vulnerability
The Fujitsu Fujitsu Eternus Storage DX200 S4 is a storage appliance for enterprise environments that provides storage support for server virtualization, email, databases, business applications, and centralized file services from Fujitsu Japan. The storage device features thin provisioning,...
h1-ctf: [H1-2006] CTF Writeup
H1-2006 CTF Writeup I am fairly new to CTFs - this is just my second CTF after H1-415 CTF, at which I didn't get far at all. I think the most valuable thing I can do for anyone who comes across this writeup, is to describe exactly what I was thinking at each step along the way, including all my...
CVE-2020-2033
When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing...
CVE-2020-2033 GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie
When the pre-logon feature is enabled, a missing certification validation in Palo Alto Networks GlobalProtect app can disclose the pre-logon authentication cookie to a man-in-the-middle attacker on the same local area network segment with the ability to manipulate ARP or to conduct ARP spoofing...
CVE-2019-13172
Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device...
CVE-2019-13172
Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device...
Buffer overflow
Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device...
CVE-2019-13172
Some Xerox printers such as the Phaser 3320 V53.006.16.000 were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device...