54 matches found
Authorization Bypass
parse-server is vulnerable to authorization bypass. The vulnerability exists in the GraphQL viewer where an authenticated user can bypass the read security restrictions, and all objects linked through relation, placed on his User object...
CVE-2020-15126
In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object...
CVE-2020-15126
In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object...
Design/Logic Flaw
In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object...
CVE-2020-15126
In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object...
GHSA-236H-RQV8-8Q73 GraphQL: Security breach on Viewer query
Impact An authenticated user using the viewer GraphQL query can bypass all read security on his User object and can also bypass all objects linked via relation or Pointer on his User object. Patches This vulnerability has been patched in Parse Server 4.3.0. Workarounds No References See commit...
GraphQL: Security breach on Viewer query
Impact An authenticated user using the viewer GraphQL query can bypass all read security on his User object and can also bypass all objects linked via relation or Pointer on his User object. Patches This vulnerability has been patched in Parse Server 4.3.0. Workarounds No References See commit...
HackerOne: User object in GraphQL exposes number of trial reports for External Programs that also have a Private Program
Summary: For this vulnerability to work, it is necessary that you should be Admin/member of atleast one sandbox team and running a GraphQL node can tell you if the external programs exist on directory page running a private program on hackerone or not...
Open-Xchange: IDOR - setAttribute action of user object in API
Note. I selected sandbox.open-xchange.com as the asset in Hackerone but this was tested on a local installation . Hello, There appears to be a possible IDOR vulnerability in the following API endpoint for setting custom attributes:...
GitLab 任意用户 authentication tokens 泄漏导致远程代码执行漏洞
漏洞分析参考: http://paper.seebug.org/104/ The project export feature serializes the user objects of team members and stores it in the project.json file. This object contains the authenticationtoken for every user, meaning that an attacker can simply go ahead and create a project on GitLab.com, add one...
Apache Rave 0.11 - 0.20 - User Information Disclosure Vulnerability
Exploit for multiple platform in category web applications CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via...
Apache Rave 0.11 < 0.20 - User Information Disclosure
CVE-2013-1814: Apache Rave exposes User over API Severity: Important Vendor: The Apache Software Foundation Versions Affected: Rave 0.11 to 0.20 Description: Rave returns the full user object, including the salted and hashed password, via the User RPC API. This endpoint is only available to...
CVE-2010-5276
The issue CVE-2010-5276 affects the Memcache module for Drupal 5.x and 6.x. Specifically, versions 5.x prior to 5.x-1.10 and 6.x prior to 6.x-1.6 mishandle the $user object in memcache_admin, which can cause a user’s role change to not be recognized until the user logs in again. The Drupal SA adv...
SA-CONTRIB-2010-061 - AddonChat - Multiple Vulnerabilities
The AddonChat module provides Drupal integration with the AddonChat Java chat room. Due to unsafe handling of the global $user object, failed authentication at the custom addonchatauth.php script will log in an attacker as the chosen user. Additionally, several configuration variables are not...