25 matches found
PT-2023-25198 · WordPress · Getnet Argentina Para Woocommerce
Name of the Vulnerable Software and Affected Versions: Getnet Argentina para Woocommerce plugin for WordPress versions up to, and including, 0.0.4 Description: The issue is related to authorization bypass due to missing validation on the webhook function. This allows unauthenticated attackers to...
WordPress Getnet Argentina para Woocommerce Plugin 0.0.1-0.0.4 is vulnerable to Broken Access Control
Software Getnet Argentina para Woocommerce Type Plugin Vulnerable versions 0.0.1-0.0.4 Fixed in 0.0.5 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-3525 Patch priority Low CVSS severity Low 7.5 Developer Claim ownership PSID 026805019331 Credits Kijam...
Getnet Argentina para Woocommerce < 0.0.5 - Unauthenticated Authorization Bypass
The plugin does not perform adequate validation on the 'webhook' function, which can lead to an unauthenticated user changing their payment status to 'APPROVED' without making an actual payment...
getnet.com Improper Access Control vulnerability OBB-2424415
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Post-Exploitation Framework for Linux Written in Bash: Orc
Orc is a simple post-exploitation written in bash. I wrote this because I myself needed a more featureful post-exploitation toolkit for Linux. It’s part of a larger bundle of scripts and tools, but I’ll add those as I write and re-write them. It takes the form of an ENV script, so load orc into a...