U.S. Dept Of Defense: [██████] Reflected XSS via Keycloak on ██████

A cross-site scripting XSS vulnerability was discovered in Keycloak 8.0 and earlier versions. This vulnerability allowed an attacker to execute arbitrary script and potentially steal authentication credentials. The vulnerability was due to a lack of input validation, which allowed an attacker to...

Credit Lite 1.5.4 SQL Injection Vulnerability

Exploit Title: Credit Lite 1.5.4 - SQL Injection Exploit Author: CraCkEr Vendor: Hobby-Tech Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 Software Link: https://credit-lite.appshat.xyz/ Tested on: Windows 10 Pro Impact: Database Access CVE: CVE-2023-4407...

GitLab: Information Disclosure - Pvt Gitlab Issue Disclosing Through GitLab Unfiltered YouTube channel.

A private issue report containing sensitive information was inadvertently disclosed through a video on the GitLab Unfiltered YouTube channel. The video showcased specific URLs, code snippets, and vulnerability descriptions, posing a potential security risk. Immediate action was recommended to...

The project's reputation and user funds can be affected if a clear invariant is not met

Lines of code Vulnerability details Vulnerability details Impact The protocol may not work as expected in years that are not 365 days long, which could lead to a loss of confidence in the protocol. In fact, the next year is one of those years leap year. Furthermore, defining it as a constant in t...

Unauthorized Profile "Follow" Operation Bug

Lines of code Vulnerability details Description The contract's followWithSig function allows any user with a valid signature to execute "follow" operations on behalf of any profile without properly verifying the ownership of the profile or checking if the signer is an approved executor. This bug...

Attacker can create additional canonical token bridge

Lines of code Vulnerability details Impact Deployers of custom TokenManagers can subvert the limitation imposed in the documentation that allows only one Canonical Bridges for each existing ERC20 token: “deployers can deploy a Canonical Bridge for any token they want, this can be done only once p...

Carlisting 1.6 SQL Injection

Exploit Title: Carlisting 1.6 - SQL Injection Exploit Author: CraCkEr Date: 16/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/carlisting/ Tested on: Windows 10 Pro Impact: Database Access Description SQL injection attacks...

RecipePoint 1.9 SQL Injection

Exploit Title: RecipePoint 1.9 - SQL Injection Exploit Author: CraCkEr Date: 15/07/2023 Vendor: phpscriptpoint Vendor Homepage: https://phpscriptpoint.com/ Software Link: https://demo.phpscriptpoint.com/recipepoint/ Tested on: Windows 10 Pro Impact: Database Access Description SQL injection attac...

Super Store Finder 3.6 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

QuickJob 6.1 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Inout Blockchain FiatExchanger 3.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

Inout Blockchain EasyPayments 1.0.1 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...

The code uses arithmetic operations without explicitly checking for possible overflows or underflows

Lines of code Vulnerability details Impact The impact of the Integer Overflow/Underflow vulnerability can be summarized as follows: Data Inaccuracy: The vulnerability can lead to incorrect calculations and inaccurate data, potentially compromising the integrity of voting processes and other...

fief-server Server-Side Template Injection vulnerability

Server-Side Template Injection Overview of the Vulnerability Server-Side Template Injection SSTI is a vulnerability within application templating engines where user input is improperly handled and is embedded into the template, possibly leading code being executed. An attacker can use SSTI to...

GHSA-HJ8M-9FHF-V7JP fief-server Server-Side Template Injection vulnerability

Server-Side Template Injection Overview of the Vulnerability Server-Side Template Injection SSTI is a vulnerability within application templating engines where user input is improperly handled and is embedded into the template, possibly leading code being executed. An attacker can use SSTI to...

GetPoolByLptDenom function does not check if lptDenom string is valid

Lines of code Vulnerability details Impact To check if the lptDenom string is valid The GetPoolByLptDenom function in the keeper package do that job so that is the problem, So an attacker can pass in a malicious lptDenom string that would cause the function to return a non-existent liquidity pool...

How Ticket Scalping Impacts Asia’s Live Entertainment Industry

Asia’s booming live entertainment industry has recently been plagued by a growing problem of ticket scalping. The term refers to the act of purchasing live event tickets in bulk by individuals, often through the use of automation aka bots, to later resell them at exorbitant prices. The issue isn’...

Recipient address is not appropriately validated or sanitized in the BaseFeeVault contract (loss of funds)

Lines of code Vulnerability details Impact If the recipient address is not properly validated, an attacker could supply a malicious address as the recipient. This could result in the accumulated fees being sent to an unintended or unauthorized party. It could lead to financial loss or disruption ...

EVENT EMITTED WITHOUT ACTION

Lines of code Vulnerability details Impact A malicious validator can remain in the system after exceeding it's exit penalty threshold. This poses a risk to users and a possible reputation risk to the protocol. Proof of Concept In the updateTotalPenaltyAmount... function, when the validators...

Expert Job Portal Management System 1.0 SQL Injection

┌┌───────────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An...