368 matches found
U.S. Dept Of Defense: Reflected cross site scripting in https://███████
It was observed that the application is vulnerable to cross-site scripting XSS. XSS is a type of attack that involves running a malicious scripts on a victim’s browser. request.txt attacked poc attached Impact Cookie Stealing - A malicious user can steal cookies and use them to gain access to the...
U.S. Dept Of Defense: Sensitive information disclosure [HtUS]
Sensitive information was disclosed through an open server status directory, which displayed server status and sensitive information by server. Attackers could potentially access sensitive information from the server logs...
U.S. Dept Of Defense: an internel important paths disclosure [HtUS]
Summary: i found CGI script environment variable disclosure an important paths Steps To Reproduce: 1. visit this link : https://███ 2. look at poc pic you should restrict this quickly Impact this is so dangerous because attacker now know an internal paths and this juicy information as u can see i...
U.S. Dept Of Defense: STORED XSS in █████████/nlc/login.aspx via "edit" GET parameter through markdown editor [HtUS]
While looking through the source code of https://████████/nlc/login.aspx,I noticed this line 204: Cancel ,which exposes the edit GET parameter. Upon accessing https://█████████/nlc/login.aspx?edit=true ,a hidden markdown editor will be revealed if you click around where the bottom text is,which...
U.S. Dept Of Defense: solr_log4j - http://██████████
Hi security team, i found a solr log4j vulnerability in your aplication Impact Logging untrusted or user controlled data with a vulnerable version of Log4J may result in Remote Code Execution RCE against your application. This includes untrusted data included in logged errors such as exception...
U.S. Dept Of Defense: IDOR Lead To VIEW & DELETE & Create api_key [HtUS]
Hi Dod & Hackerone Team i hope you are Doing Well Today : Explaining: i found That a User With a Member Permission in a Organization Can Create & View & DELETE APIKEYS Step To Reproduce: 1 First Create 2 Accounts From Here https://███ 2 Log in With The Victim User and Create New Group From Here...
U.S. Dept Of Defense: IDOR on ███████ [HtUS]
Hello, I have found an endpoint in ███ is vulnerable to IDOR which leads an attacker to brute-force an delete Companies Steps to reproduce: 1. Nevgaite to https://███████/████/Reception/Vendor and create account 2. Once you created an account go to https://████/████/Vendor/Companies 3. Regsiter a...
U.S. Dept Of Defense: RXSS on █████████
Description: the WhatSubmitted parameter not filtered, i can insert " character and execute code JS Impact Perform any action within the application that the user can perform. View any information that the user is able to view. Modify any information that the user is able to modify. Initiate...
U.S. Dept Of Defense: IDOR leading unauthenticated attacker to download documents discloses PII of users and soldiers via https://www.█████████/Download.aspx?id= [HtUS]
The API endpoint at https://www.█████████/Download.aspx?id= was found to be vulnerable to Insecure Direct Object Reference IDOR, allowing an unauthenticated attacker to download sensitive documents containing PII of users and soldiers...
U.S. Dept Of Defense: Broken access discloses users and PII at https://███████ [HtUS]
Good morning, I was able to register at https://████/ and get the list of users. 1- Go to https://██████████/OAHTML/ibeCAcpSSOReg.jsp and register. 2- Go to https://███/OAHTML/AppsLocalLogin.jsp with the created user and login. 3- On the homepage, click on vacations rules, create, and search user...
U.S. Dept Of Defense: [████████] RXSS via "CurrentFolder" parameter
A reflected cross-site scripting vulnerability was found on a website that allowed malicious scripts to be injected via the CurrentFolder parameter...
U.S. Dept Of Defense: [███████] Remote Code Execution at ██████ [CVE-2021-44529] [HtUS]
IP Address used to find vulnerability: ██████ Vulnerable Website URL or Application: https://████ pomcldsvr2.████ Proof of ownership: ███ Summary: The server at https://███ is running a vulnerable version of CSA. A code injection vulnerability in the Ivanti EPM Cloud Services Appliance CSA allows...
U.S. Dept Of Defense: LOGJ4 VUlnerability [HtUS]
Description: Hi team, log4 shell is recent 0-day exploit it's Java package vulnerable. █████ is vulnerable Impact RCE System Hosts ██████ Affected Products and Versions CVE Numbers CVE-2021-44228 Steps to Reproduce 1. Go to this url =...
U.S. Dept Of Defense: Found Origin IP's Lead To Access ████
Discovered that the ██████ site exposed its Non-Cloudflare IP which could allow bypassing of anti-DDoS mechanisms. Your origin servers are not blocking access from non-Cloudflare servers.This way crawlers can find your origin servers' IPs by checking random IPs until they found your origin server...
U.S. Dept Of Defense: RXSS on █████████
I found RXSS on https://███████/██████ Impact Perform any action within the application that the user can perform. View any information that the user is able to view. Modify any information that the user is able to modify. Initiate interactions with other application users, including malicious...
U.S. Dept Of Defense: [CVE-2020-3452] Unauthenticated file read in Cisco ASA
i found out that https://█████████/ was vulnerable to CVE-2020-3452 The IP has a SSL certificate pointing to █████████ curl -kv https://██████████/ Output Server certificate: subject: C=US; ████.mil Impact Anyone can read any file present on the server. System Hosts ███ Affected Products and...
U.S. Dept Of Defense: lfi in filePathDownload parameter via ███████
hi i found critcal lfi vulnerability poc: https://█████████/████████=/etc/passwd response: root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin...
U.S. Dept Of Defense: ███ vulnerable to CVE-2022-22954
I found that one of the targets belongs to DOD vulnerable to CVE-2022-22954 where an attacker may be able to execute any malicious code like escalating Remote code execution is also possible Technical Summary: CVE-2022-22954 is a server-side template injection vulnerability in the VMware Workspac...
U.S. Dept Of Defense: username and password leaked via pptx for █████████ website
Description: While performing my recon, I can accross this https://███/███████ which contain username and password for accessing your asset here █████ ████ References: ███████ Impact I tried accessing the ip but it is not working here, I f it can be accessed somewhere this will result in full...
U.S. Dept Of Defense: Authorization bypass -> IDOR -> PII Leakage
Hi team! During testing ████ I found javascript file containing administrative panel functionality. It is accessible at: https://████/█████████ In this file I found an end point responsible for returning data about applications of the website users to the website administrators. The returned data...