326 matches found
Unikrn: [unikrn.com] Profile updated with error":true,"success":false"
Greetings, We noticed that even if the https://unikrn.com/apiv2/user/updateprofile gave an answer that the code is on error , the post is proceeded : PoC : -- curl 'https://unikrn.com/apiv2/user/updateprofile' -XPOST -H 'Referer: https://unikrn.com/profile' -H 'Content-Type: application/json' -H...
Email address is not validated when updating user profile
On the view profile page /secure/ViewProfile.jspa it's possible to update your user profile /secure/EditProfile!default.jspa?username=admin to an invalid email address. See attached screenshots. !Screen Shot 2017-09-28 at 2.49.48 PM.png|thumbnail! !Screen Shot 2017-09-28 at 2.49.58...
Email address is not validated when updating user profile
On the view profile page /secure/ViewProfile.jspa it's possible to update your user profile /secure/EditProfile!default.jspa?username=admin to an invalid email address. See attached screenshots. !Screen Shot 2017-09-28 at 2.49.48 PM.png|thumbnail! !Screen Shot 2017-09-28 at 2.49.58...
TicketPlus - Arbitrary File Upload
Exploit Title: TicketPlus - Support Ticket Management System - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/ticketplus-support-ticket-management-system/20221316 Demo: http://sportsgrand.com/demo/ticketplus/...
Uber: SMS Flood with Update Profile
SMS will send when user update the profile and keep updating the user profile will result in keep sending the SMS, Step to reproduce 1. Login to https://riders.uber.com 2. Go to https://riders.uber.com/profile 3. Update the Account Information, any field for Example FirstName 4. A SMS wil be...
change.org XSS vulnerability
Vulnerable URL: https://www.change.org/en-GB/profile/updateprofile Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 630 Google Pagerank| 7 VIP website status:| Yes Check change.org S...
ZeusCart 4.0 - CSRF 漏洞
No description provided by source. document.myform.submit;...
MyBB Xbox Live ID Cross Site Scripting
Exploit Title: Xbox Live ID MyBB Plugin Stored XSS Date: 13/12/2012 Exploit Author: limb0 Vendor Homepage: http://www.leveleando.com Software Link: http://mods.mybb.com/view/profile-xbox-live-id Version: 1.0 Category:Web Security Tested on: Linux...
Ubuntu: Security Advisory (USN-1165-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
TaskDriver 1.3 - Remote Change Admin Password
TaskDriver 1.3 - Remote Change Admin Password \n\n", $argv0; exit; list$script, $target, $pass = $argv; $xpl = curlinit; curlsetoptarray$xpl, array CURLOPTURL = "$target/profileedit.php", CURLOPTCOOKIE = "auth=fook!admin", CURLOPTRETURNTRANSFER = true, CURLOPTPOST = t...
Cross site scripting
Cross-site scripting XSS vulnerability in the profile update feature in Akiva WebBoard 8.0 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in the form field. NOTE: the provenance of this information is unknown; the details are obtained solely from...
CVE-2008-1941
CVE-2008-1941 describes a cross-site scripting (XSS) vulnerability in the profile update feature of Akiva WebBoard 8.0. The issue allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in the update form field, due to inadequate input handling. The affect...
CVE-2007-6237
cp.php in DeluxeBB 1.09 does not verify that the membercookie parameter corresponds to the authenticated member during a profile update, which allows remote authenticated users to change the e-mail addresses of arbitrary accounts via a modified membercookie parameter, a different vector than...
CVE-2007-6237
cp.php in DeluxeBB 1.09 fails to verify that the membercookie matches the authenticated member during profile updates, enabling remote authenticated users to change e-mails for arbitrary accounts via a modified membercookie parameter (a different vector than CVE-2006-4078). This can be leveraged ...
CVE-2007-6174
CVE-2007-6174 affects PHPDevShell prior to 0.7.0. The vuln allows remote authenticated users to escalate privileges by sending a crafted request to update a user profile, leading to complete confidentiality, integrity, and availability impact as per CVSS metrics (base score 8.5, HIGH). Root cause...
DeluxeBB <= 1.09 Remote Admin Email Change Exploit
Exploit for unknown platform in category web applications ================================================== DeluxeBB unbufferedquery"UPDATE ".$prefix."users SET email='$xemail', msn='$xmsn', icq='$xicq', ... WHERE username='$membercookie'"; So, editing cookie "membercookie" you can change remote...
CVE-2006-6820
myprofile.asp in Enthrallweb eCoupons does not properly validate the MMrecordId parameter during profile updates, which allows remote authenticated users to modify certain profile fields of another account by specifying that account's username in a modified MMrecordId parameter...
CVE-2006-6821
The CVE concerns Enthrallweb eNews: myprofile.asp fails to validate MM_recordId during profile updates, allowing remote authenticated users to change certain fields of another account by supplying that account’s username in MM_recordId. No remediation details are provided in the supplied documents.
Enthrallweb eNews 1.0 - Remote User Pass Change
User Id: PASSWORD: FIRST: LAST:...
CVE-2006-3135
Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the 1 newsid parameter in the a news module, 2 searchstring parameter in b the search module, 3 id parameter in c the webshop module, 4...