47 matches found
FetLife: Able to see highest poll result without voting or view result
Vulnerability description not provided...
Hyip Rio 2.1 - Arbitrary File Upload
Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 30/07/2023 Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Version: 2.1 Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE:...
Academy LMS 6.1 - Arbitrary File Upload
Exploit Title: Academy LMS 6.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 05/08/2023 Vendor: Creativeitem Vendor Homepage: https://academylms.net/ Software Link: https://demo.academylms.net/ Version: 6.1 Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CW...
HackerOne: IDOR - Delete all Licenses and certifications from users account using CreateOrUpdateHackerCertification GraphQL query
All licenses and certifications in HackerOne could be deleted by changing the ID number in the CreateOrUpdateHackerCertification GraphQL query...
Academy LMS 6.1 Cross Site Scripting / File Upload
Exploit Title: Academy LMS 6.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 05/08/2023 Vendor: Creativeitem Vendor Homepage: https://academylms.net/ Software Link: https://demo.academylms.net/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CWE: CWE-79 -...
Academy LMS 6.1 Cross Site Scripting / File Upload Vulnerabilities
Exploit Title: Academy LMS 6.1 - Arbitrary File Upload Exploit Author: CraCkEr Vendor: Creativeitem Vendor Homepage: https://academylms.net/ Software Link: https://demo.academylms.net/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CWE: CWE-79 - CWE-74 - CWE-707...
Hyip Rio 2.1 Cross Site Scripting / File Upload
Exploit Title: Hyip Rio 2.1 - Arbitrary File Upload Exploit Author: CraCkEr Date: 30/07/2023 Vendor: tdevs Vendor Homepage: https://tdevs.co/ Software Link: https://hyiprio-feature.tdevs.co/ Tested on: Windows 10 Pro Impact: Allows User to upload files to the web server CVE: CVE-2023-4382...
Foody Friend 1.0 Arbitrary File Upload / Cross Site Scripting
Exploit Title: Foody Friend 1.0 - Arbitrary File Upload Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/foody-friend-a-saas-based-web-app-food-ordering-bot-for-telegram-and-messenger/25 Tested on:...
Listplace Directory Listing Platform 3.0 File Upload / Cross Site Scripting
Exploit Title: Listplace Directory Listing Platform 3.0 - Arbitrary File Upload Exploit Author: CraCkEr Date: 12/07/2023 Vendor: Bug Finder Vendor Homepage: https://bugfinder.net/ Software Link: https://bugfinder.net/product/listplace-a-complete-directory-listing-platform/22 Tested on: Windows 10...
U.S. Dept Of Defense: Broken access control, can lead to legitimate user data loss
Hi team, During testing the security of ██████████ I found another possible attack vector: There are two reports preceding this one - https://hackerone.com/reports/1489470 and https://hackerone.com/reports/1489744 I will try to explain: When an user need access to that information system he fills...
Tokheim Profleet DiaLOG Fuel Management System 11.005.02 SQL Injection / Code Execution
Exploit Title: Tokheim Profleet DiaLOG Fuel Management System 11.005.02 - SQLi Unauthenticated Date: 02/9/2022 Exploit Author: golem445 Vendor Homepage: https://www.tsg-solutions.com Tested on: Kali Linux CVE: CVE-2021-34235 Description: FieldUserLogin parameter is vulnerable to crafted MySQL...
Tokheim Profleet DiaLOG Fuel Management System 11.005.02 SQLi / Code Execution Vulnerabilities
Tokheim Profleet DiaLOG Fuel Management System version 11.005.02 suffers from a remote SQL injection vulnerability that can allow for remote code execution. Exploit Title: Tokheim Profleet DiaLOG Fuel Management System 11.005.02 - SQLi Unauthenticated Exploit Author: golem445 Vendor Homepage:...
Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution
Exploit Title: Online Covid Vaccination Scheduler System 1.0 - Arbitrary File Upload to Remote Code Execution Unauthenticated Exploit Author: faisalfs10x Vendor Homepage: https://www.sourcecodester.com/ Software Link:...
Khan Academy: Unauthorised Account Detail Modification
Introduction ========= Hi 5kyw41k3r here, ==I found an Unauthorised Account Detail Modification in KA website==... Defination ========= It is a flaw which allows a malicious actor to modify the details of an account. I have included a video made by me for demonstration purposes using a test...
Adive Framework 2.0.7 - Privilege Escalation
Adive Framework 2.0.7 - Privilege Escalation Exploit Title: Adive Framework 2.0.7 - Privilege Escalation Date: 2019-08-02 Exploit Author: Pablo Santiago Vendor Homepage: https://www.adive.es/ Software Link: https://github.com/ferdinandmartin/adive-php7 Version: 2.0.7 Tested on: Windows 10 CVE :...
CVE-2019-15635
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana e.g., MySQL are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, th...
Automattic: [IDOR] Attacker user can Approve/Decline AFK on the behalf of other users
Summary: Hi team Hope you are good Missing proper authorization checks on the vulnerable request allows an attacker to approve/decline afk of users on the behalf of other user who is a member of other organization. This can be exploited simply by changing the responderuserid in the vulnerable...
CVE-2019-15635
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana e.g., MySQL are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, th...
CVE-2019-15635
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana e.g., MySQL are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, th...
Default credentials
An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana e.g., MySQL are not encrypted. An admin user can reveal passwords for any data source by pressing the "Save and test" button within a data source's settings menu. When watching the transaction with Burp Proxy, th...