Lucene search
K

62 matches found

Prion
Prion
added 2021/07/09 2:15 p.m.21 views

Design/Logic Flaw

Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user...

5CVSS7.7AI score0.05701EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2021/07/09 1:22 p.m.24 views

CVE-2021-30120 2FA bypass in Kaseya VSA <= v9.5.6

Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user...

9.9CVSS9.7AI score0.05701EPSS
Exploits0References3
Hacker One
Hacker One
added 2020/12/24 9:12 p.m.2210 views

h1-ctf: Hacky Holidays CTF Writeup

Intro: 12 days of challenges - some more challenging than others! This holiday CTF had all 12 challenges hosted on the website https://hackyholidays.h1ctf.com/ F1129112 Challenge 1: I started by significantly overthinking all of the early challenges in this competition. When this CTF started the...

7.9AI score
Exploits0
Exploit DB
Exploit DB
added 2020/11/06 12:0 a.m.345 views

BlogEngine 3.3.8 - &#039;Content&#039; Stored XSS

Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS Date: 11/2020 Exploit Author: Andrey Stoykov Vendor Homepage: https://blogengine.io/ Software Link: https://github.com/BlogEngine/BlogEngine.NET/releases/download/v3.3.8.0/3380.zip Version: 3.3.8 Tested on: Windows Server 2016 Exploit and...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2020/11/06 12:0 a.m.376 views

BlogEngine 3.3.8 Cross Site Scripting

Exploit Title: BlogEngine 3.3.8 - 'Content' Stored XSS Date: 11/2020 Exploit Author: Andrey Stoykov Vendor Homepage: https://blogengine.io/ Software Link: https://github.com/BlogEngine/BlogEngine.NET/releases/download/v3.3.8.0/3380.zip Version: 3.3.8 Tested on: Windows Server 2016 Exploit and...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2019/09/11 2:11 p.m.21 views

U.S. Dept Of Defense: Followup - SQL Injection - https://██████████/██████/MSI.portal

Summary: Time based blind sql injection for parameter MSIadditionalFilterType1, at the following URL: https://███/███/MSI.portal?nfpb=true&pageLabel=msiportalpage61 Description: This is a follow up to a previous report I submitted: https://hackerone.com/reports/674838 The following page has a for...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2019/08/16 5:23 a.m.26 views

U.S. Dept Of Defense: SQL Injection - https://███/█████████/MSI.portal

Summary: https://███████/███████/MSI.portal has a form page which is vulnerable to SQL injection. Description: URL: https://████/██████/MSI.portal?nfpb=true&pageLabel=msiportalpage61query The above url has a form where the field MSIqueryType is vulnerable to time based blind SQL injection. I...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2019/06/26 6:30 p.m.33 views

ZEIT: Access control bypass leads to domain information disclosure

Summary: By leveraging the domain verification endpoint I can obtain sensitive information about the user who registered the domain within the zeit UI including username, email address, userId, and customerId. In addition, some high level information about the domain is included as well such as...

Exploits0
Hacker One
Hacker One
added 2018/09/06 7:11 p.m.95 views

HackerOne: Self DOM-Based XSS in www.hackerone.com

Summary: There is a 'self' DOM-based cross-site scripting vulnerability in the contact form available on the www.hackerone.com website. This could allow an attacker to perform cross-site scripting, or other client-side attacks, against users of the application. However, the risk presented by this...

5.7AI score
Exploits0
Hacker One
Hacker One
added 2017/12/28 12:31 a.m.15 views

New Relic: User to Admin privilege escalation in Infrastructure Conditions - /v2/accounts/1835740/alerts/conditions

Details The endpoints POST /v2/accounts/:accountid/alerts/conditions create new and PUT /v2/accounts/:accountid/alerts/conditions/:conditionid update existing on infrastructure-alert.service.newrelic.com are vulnerable to privilege escalation. As per the screenshot below, an account with regular...

0.2AI score
Exploits0
n0where
n0where
added 2017/08/08 7:45 p.m.156 views

A WebSocket Manipulation Proxy: WSSiP

Short for “WebSocket/Socket.io Proxy”, this tool, written in Node.js, provides a user interface to capture, intercept, send custom messages and view all WebSocket and Socket.IO communications between the client and server. Upstream proxy support also means you can forward HTTP/HTTPS traffic to an...

0.4AI score
Exploits0References1
n0where
n0where
added 2017/03/30 3:14 p.m.29 views

Web Application Vulnerability Testing: ZAProxy

Web Application Vulnerability Testing The OWASP Zed Attack Proxy ZAP is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are...

0.3AI score
Exploits0References37
Kitploit
Kitploit
added 2017/02/15 2:30 p.m.61 views

wafpass - WAF Security Benchmark

██╗ ██╗ █████╗ ███████╗██████╗ █████╗ ███████╗███████╗ ██║ ██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔════╝██╔════╝ ██║ █╗ ██║███████║█████╗ ██████╔╝███████║███████╗███████╗ ██║███╗██║██╔══██║██╔══╝ ██╔═══╝ ██╔══██║╚════██║╚════██║ ╚███╔███╔╝██║ ██║██║ ██║ ██║ ██║███████║███████║ ╚══╝╚══╝ ╚═╝ ╚═╝╚═╝ ╚...

7.1AI score
Exploits0References1
n0where
n0where
added 2017/02/13 8:0 p.m.25 views

WAF Security Benchmark: WAFPASS

WAF Security Benchmark WAFPASS Analysing parameters with all payloads’ bypass methods, aiming at benchmarking security solutions like WAF. Today a great number of website owners around the globe use “Web Application Firewalls” to improve their security. However, these security applications suffer...

7AI score
Exploits0References1
Hacker One
Hacker One
added 2016/11/24 2:57 a.m.16 views

Slack: Eavesdropping on private Slack calls

A vulnerability exists in Slack's call functionality that allows a team member to eavesdrop on private ongoing Slack calls by inviting themselves into the conversation without the permission from either participant. By doing so they can eavesdrop on co-workers' private conversations as well as...

0.7AI score
Exploits0
n0where
n0where
added 2016/09/06 4:55 p.m.31 views

Intercepting Proxy for Performing Web Application Security Testing: The Pappy Proxy

Intercepting Proxy for Performing Web application security testing The Pappy P roxy A ttack P roxy P rox Y Proxy is an intercepting proxy for performing web application security testing. Its features are often similar, or straight up rippoffs from Burp Suite . However, Burp Suite is neither open...

7.2AI score
Exploits0References2
Exploit DB
Exploit DB
added 2015/09/02 12:0 a.m.44 views

Mantis Bug Tracker 1.2.19 - Host Header

Exploit Title: MantisBT 1.2.19 - Host header attack vulnerability Date: 07-09-2015 Exploit Author: Pier-Luc Maltais Centre opérationnel de sécurité informatique gouvernemental COSIG Vendor Homepage: https://www.mantisbt.org/ Software Link:...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2015/07/03 8:54 p.m.33 views

Udemy: Extremely high Course rating values could be set in order to make really high Average rating of the course. Negative values could be set to.

Authenticated user can register for some course paid or free. After registering and taking couple of lectures "Rate course" functional becomes active. Malicious user can fill the rating form and submit it. By intercepting request to the server's API by using intercepting proxy tool and modify...

6.8AI score
Exploits0
Hacker One
Hacker One
added 2015/06/09 8:56 p.m.19 views

Slack: Link vulnerability leads to phishing attacks

Hello Guys, Hope you are doing great. I'm sending this email to let you know about a vulnerability i stumbled upon while using slack it's a great app!. While copy-pasting a link from a pdf to slack desktop/web, i noticed that the resulting links looked a bit messed up 1.png Firing up burp and...

7AI score
Exploits0
Hacker One
Hacker One
added 2015/01/13 9:59 p.m.28 views

Vimeo: Adding profile picture to anyone on Vimeo

Hi! Brief The profile picture upload feature at https://vimeo.com/settings/profile contains a bug where an access control is missing for uploading a profile picture to a profile ID. This leads to the possibility of uploading a profile picture to any account on Vimeo. Furthermore, since the upload...

Exploits0
Rows per page
Query Builder