Exploit for Code Injection in Gitlab

GitLab-CVE-2021-22205-scanner Usage $ python3 GitLab...

HackerOne: HackerOne Staging uses Production data for testing

Summary: Today I received an email related to smart rewards from HackerOne. This included staging environment details, such as: sender: [email protected] Privacy / Terms links pointing to domain: https://www.enorekcah.com/... This basically tells us that HackerOne is using hacker dat...

Exploit for Code Injection in Exiftool_Project Exiftool

Gitlab-Exiftool-RCE Original repos : https://github.com/CsEnox...

HackerOne: Attachment references in markdown don't warn before downloading

Summary: By default if any link of report is clicked, There will be a popup to user that you're visiting a third-party website please proceed at your own risk etc. However, when a user views the report all links are non clickable and file URI is appended. I have Found out that I can bypass this...

File Traversal affecting SVG files on Nextcloud Server

None...

File path disclosure of shared files in Richdocuments application

None...

Bypass of image blocking in Nextcloud Mail

None...

HackerOne: HTML injection in email at https://www.hackerone.com/

HTML injection was possible in emails sent via the HackerOne platform by filling the first name and last name fields with HTML tags on the pentest community application form. This could allow an attacker to send malicious emails and inject HTML into them...

8x8: Information Disclosure of metrics fax.wavecell.com/metrics

The fax.wavecell.com/metrics endpoint was found to disclose sensitive information. The information disclosure vulnerability was discovered and reported on the HackerOne platform...

GHSA-M6J4-8R7P-WPP3 BuddyPress privilege escalation via REST API

Impact It's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the BuddyPress REST API members endpoint. Patches The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitiga...

BuddyPress privilege escalation via REST API

Impact It's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the BuddyPress REST API members endpoint. Patches The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitiga...

Acronis Offers up to $5,000 to users who spot bugs in its cyber protection products

Acronis, the Swiss-Singaporean cyber protection company, has recently opened its long-standing bug bounty program to the public at large – now able to process twice as many reports. Users who discover vulnerabilities in Acronis’ software can earn up to $5,000, as well as additional perks. Through...

TikTok, GitHub, Facebook Join Open-Source Bug Bounty

Tech giants want hackers to take their money, in exchange for rooting out critical vulnerabilities lurking in the open-source code they use. As more businesses rely on open-source software for mission-critical infrastructure, HackerOne, along with sponsors including Elastic, Facebook, Figma,...

CVE-2021-39201

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Impact The issue allows an authenticated but low-privileged user like contributor/author to execute XSS in the editor. This bypasses the restrictions imposed on users who do n...

Double free

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Impact The issue allows an authenticated but low-privileged user like contributor/author to execute XSS in the editor. This bypasses the restrictions imposed on users who do n...

CVE-2021-39201 Authenticated cross-site scripting (XSS) in WordPress editor

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Impact The issue allows an authenticated but low-privileged user like contributor/author to execute XSS in the editor. This bypasses the restrictions imposed on users who do n...

CVE-2021-39201

WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Impact The issue allows an authenticated but low-privileged user like contributor/author to execute XSS in the editor. This bypasses the restrictions imposed on users who do n...

ImpressCMS: Stored XSS on 1.4.0

Summary: The hacker AppleBois on Jun 19, 2020 has raise this Stored Stored Cross Site Scripting on GitHub and it has fixed on Jul 7, 2020. The hacker now raise the issue to Hackerone. Furthermore, this issue can now tracked under CVE-2020-17551. ImpressCMS branch : 1.4.0 Steps To Reproduce: 1...

Preview generation used third-party library not suited for user-generated content

None...

Bypass of Two Factor Authentication

None...