CVE-2024-41276

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanis...

CVE-2024-39211

Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a useremail field only if the user account exists...

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks

Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten aka Tsunami variant called CAPSAICIN. "These botnets are frequently spread through documented D-Link...

CVE-2024-41276

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanis...

Kaiten 安全漏洞

Kaiten is an employee management platform from Kaiten Inc. A security vulnerability exists in Kaiten version 57.131.12 and prior versions, which stems from a vulnerability that allows an attacker to bypass the PIN authentication mechanism, enabling the attacker to perform a brute force attack to...

CVE-2024-41276

CVE-2024-41276 affects Kaiten up to version 57.131.12. The issue allows bypassing the 6-digit PIN authentication sent by email by exploiting a bypassed request-limiting mechanism, enabling brute-force attempts to guess the PIN and gain unauthorized access. Red Hat and other sources corroborate th...

CVE-2024-41276

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanis...

CVE-2024-41276

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanis...

CVE-2024-39211

Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a useremail field only if the user account exists...

Exploit for CVE-2024-39211

CVE-2024-39211 Kaiten User Enumeration Kaitenhttps://kait...

CVE-2024-39211

Kaiten 57.128.8 (workflow management system) is affected by CVE-2024-39211. A crafted POST request to the login endpoint can cause information leakage because the login response reveals a user_email field only when the target user exists, enabling remote attackers to enumerate user accounts. This...

CVE-2024-39211

Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a useremail field only if the user account exists...

Kaiten Security Breach

Kaiten is an employee management platform from Kaiten Inc. A security vulnerability exists in Kaiten version 57.128.8, which originates from a remote attacker who can enumerate user accounts via a crafted POST request...

PT-2024-28392 · Kaiten · Kaiten

Name of the Vulnerable Software and Affected Versions: Kaiten version 57.128.8 Description: The issue allows remote attackers to enumerate user accounts via a crafted POST request. This is possible because a login response contains a user email field only if the user account exists...

CVE-2024-39211

Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, because a login response contains a useremail field only if the user account exists...

CVE-2020-15505

A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 and earlier, and 9.8.0; and Monitor and Reporting Database RDB version 2.0.0.1 and earlier that...

Hacker Distributes Backdoored IoT Vulnerability Scanning Script to Hack Script Kiddies

Nothing is free in this world. If you are searching for free hacking tools on the Internet, then beware—most freely available tools, claiming to be the swiss army knife for hackers, are nothing but a scam. For example, Cobian RAT and a Facebook hacking tool that we previously reported on The Hack...

Malware exploit: Kaiten

Type: Remote Code Execution Author: shipcod3 / Jay Turla This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule Msf::Exploit::Remote Rank = ExcellentRanking include...

ziggystartux

ziggystartux A Kaiten rewrite, with much new functionality, an...

ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion

------------------------------------------------------------------------------ ArticleBeach Script = 2.0 page Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a Bithedz Date Found : October, 22th 2006...