Lucene search
K

33 matches found

Hacker One
Hacker One
added 2017/10/27 3:1 p.m.34 views

Infogram: Password Reset Token Not Expired

Hello Team, Here in this scenario, I've found that the there's a kind of server side invalidation of Password Reset tokens. Like if I've requested for password reset token token1 and I don't use it, after I will make another request for password reset token token2. This time I'll use the token2...

6.9AI score
Exploits0
Kitploit
Kitploit
added 2017/05/04 2:30 p.m.76 views

mimipenguin - A Tool To Dump The Login Password From The Current Linux User

A tool to dump the login password from the current linux desktop user. Adapted from the idea behind the popular Windows tool mimikatz. Details Takes advantage of cleartext credentials in memory by dumping the process and extracting lines that have a high probability of containing cleartext...

7.4AI score
Exploits0References1
Hacker One
Hacker One
added 2017/04/11 11:51 a.m.38 views

Skyliner: Password reset Token not expiring

Hello Team, Here in this scenario, I've found that the there's a kind of server side side invalidation of Password Reset tokens. Like if I've requested for password reset token token1 and I don't use it, after I will make another request for password reset token token2. This time I'll use the...

7.2AI score
Exploits0
Hacker One
Hacker One
added 2016/05/16 8:31 p.m.13 views

Bumble: Ability to collect users' ids that have visited a specific web page with malicious code

Hey , Regarding this report 130453 , I'm pretty sure that there's a little misunderstanding of the issue , so please let me clarify the issue a bit more . The issue is not about the disclosure of user's id , that wouldn't be considered an issue at all because every website puts user's id in the...

6.6AI score
Exploits0
Hacker One
Hacker One
added 2016/03/20 10:3 a.m.50 views

HackerOne: External links should use rel="noopener" or use the redirect service

This is a rather low severity one and a successful exploitation relies on unlikely user interaction as well as the ability to control the HTML output of an remote host. Furthermore it is a kinda new hardening features in some browsers. Though one can work around this using "noreferrer" which is...

7AI score
Exploits0
Hacker One
Hacker One
added 2014/08/19 1:15 a.m.146 views

Greenhouse.io: SMTP protection not used (please read carefully )

Details: Companies like Coinbase, Yahoo,Google,Facebook and even hackerone implemented a strict email security policy combining SPF, DKIM, and DMARC but I don't see taht from mailgreenhouse.ioru , You should apply strict SMPT policy to stop spoofed email sending from your domain. POC is attached...

7AI score
Exploits0
Hacker One
Hacker One
added 2014/07/22 7:40 p.m.10 views

HackerOne: Account Hijacking (Only rare case scenario)

Hi, This is a logical flaw in the application which may allow any arbitrary user to obtain account access of another user. Below is the exploit scenario which may lead to potential account takeover in certain circumstances: User changes email while he is logged in his own account Some wrong email...

1.3AI score
Exploits0
ThreatPost
ThreatPost
added 2013/10/29 8:2 a.m.9 views

Facebook Android Flaws Enable Any App to Get User's Access Tokens

A researcher has discovered serious vulnerabilities in the main Facebook and Facebook Messenger apps for Android that enable any other app on a device to access the user’s Facebook access token and take over her account. The same researcher also discovered a separate, similar flaw in the Facebook...

0.8AI score
Exploits0References3
Atlassian
Atlassian
added 2011/07/22 4:46 a.m.23 views

Enable X-FRAME-Options header to implement clickjacking protection

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-25143. panel TLDR: Add X-FRAME-Options: SAMEORIGIN to all HTTPS pages server config, and test that nothing breaks. --- Description: Current...

0.5AI score
Exploits0Affected Software1
exploitpack
exploitpack
added 2010/11/09 12:0 a.m.10 views

IBM OmniFind - Cross-Site Request Forgery

IBM OmniFind - Cross-Site Request Forgery The forms in the administrator interface are not protected against XSRF. The attacker can do any action in the context of the victim. An example attack scenario could be: The attacker creates a malicious website with a prepared form to add a new user, whi...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2009/01/19 12:0 a.m.67 views

Ninja Blog 4.8 Remote Information Disclosure Vulnerability

No description provided by source. Vendor: http://ninjadesigns.co.uk Versions: Ninja Blog 4.8 May also affect earlier versions Credit: Danny Moules Critical: Yes See PUSH 55 Advisory at http://www.push55.co.uk/index.php?s=ad&id=6 ---- Due to insufficient validation of client-side data, we can alt...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2004/11/22 12:0 a.m.26 views

[Full-Disclosure] sacred (pcgame) server flaw

Program: Sacred pc game http://sacred-game.com type: simple DoS, no client-auth affected version: 1.0.6.2 note: -fixed in later versions 1.0.7.0 dated:31.08.2004 -this security-lag exits for nearly half a year. although ascaron was informed at the date of release 02.03.2004, nothing happens long...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/06/14 12:0 a.m.123 views

Microsoft RASAPI32.DLL

NGSSoftware Insight Security Research Advisory Name: Buffer Overflow in Microsoft Rasapi32.dll Systems Affected: WinNT, Win2K, XP, Microsoft Routing And Remote Access Server "Steelhead" Severity: High Category: Buffer Overrun / Privilege Escalation Vendor URL: http://www.microsoft.com/ Author: Ma...

7.8AI score
Exploits0
Rows per page
Query Builder