9 matches found
AEGON LIFE 1.0 Remote Code Execution
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...
AEGON LIFE v1.0 Life Insurance Management System - Remote Code Execution Vulnerability
Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/ Version: AEGON LIFE...
CasaOS Username Enumeration
Summary The Casa OS Login page has disclosed the username enumeration vulnerability in the login page. Details It is observed that the attacker can enumerate the CasaOS username using the application response. If the username is incorrect application gives the error "User does not exist", If the...
UPchieve: User enumeration through forget password
Vulnerability:- -User enumeration is possible through forgot password feature. steps to reproduce:- -Go to the above selected domain and go to forgot password. -submit random email and then intercept request by burp suit -in response you will get HTTP/1.1 500 Internal Server Error with "err":"No...
Open-AudIT Community 2.2.0 - Cross-Site Scripting
Exploit Title: Open-AudIT Community - 2.2.0 – Cross-Site Scripting Exploit Author: Tejesh Kolisetty Vendor Homepage: https://opmantek.com/ Software Link: https://opmantek.com/network-tools-download/ Affected Version: 2.2.0 Category: WebApps Tested on: Win7 Professional CVE : CVE-2018-10314 1...
Open-AudIT Community 2.2.0 - Cross-Site Scripting
Open-AudIT Community 2.2.0 - Cross-Site Scripting Exploit Title: Open-AudIT Community - 2.2.0 – Cross-Site Scripting Exploit Author: Tejesh Kolisetty Vendor Homepage: https://opmantek.com/ Software Link: https://opmantek.com/network-tools-download/ Affected Version: 2.2.0 Category: WebApps Tested...
Gratipay: self cross site scripting
Vulnerability Exploited : cross site scripting using csrf Vulnerable URL:https://gratipay.com/search Vulnerability Explanation :The application is vulnerable with Reflected Cross Site Scripting. Here application fails to validate user supplied inputs due to which an attacker can inject his own...
Mindoktor: XSS at endpoint clinic.mindoktor.se in flash cookie
Issue : XSS found at endpoint clinic.mindoktor.se/user/login Endpoint :clinic.mindoktor.se/user/login Steps of reproduction 1 . Go to above Endoint 2. enter random email and password 3. Intercept the request with a sniffer Like Burp Suit 4. Change the email parameter to...