Denial Of Service (DoS)

nc-lib-gui is vulnerable to denial of service. The vulnerability exists because of allowing large characters to be inserted in the input field New Project which allows an attacker to cause an application crash via a malicious input...

CVE-2022-1718

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service...

Allows large characters in password filling

Description The commafeedapplication allows large characters to insert in the input field "password" which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request. Proof of Concept 1. Register a new account. 2. Fill a normal email, fill the "Password" and "Password agian"...

Allows large characters in change password filling

Description The titra application allows large characters to insert in the input field "password" at password change feature which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request. Proof of Concept 1. Login and go to profile or https://app.titra.io/profile 2. Using...

The publify application allows large characters to insert in the input field "First name and Last name" on the profile field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in publify / publify

Description The publify application allows large characters to insert in the input field "First name and Last name" which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request Proof of Concept 1 - go to your profile https://demo-publify.herokuapp.com/admin/profiles 2 -...

The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request

POC: 1. go to signup form: http://127.0.0.1:8118/signup 2. Fill the Full Name input field with huge charactersmore than lakhs or crores 3. After created the account, check the admin panel: http://127.0.0.1:8118/accounts, go to Accounts -- customers 4. The admin panel will be flooded with our...

The grav application allows large characters to insert in the input field "Full Name" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request

Proof of Concept: 1. Go to http://site/admin/accounts/users/testuser 2. There will a Full name input field 3. Add more than 1 lakhs+ characters to the Full name field 4. You will see the application accepts large characters and if we will increase the characters then it can lead to Dos. POC Image...

Integer Overflow or Wraparound

Description The microweber application allows large characters to insert in the input field like "Town, ZIP, State, Address, and Additional Info field" which can allow attackers to cause a Denial of Service DoS via a crafted HTTP request. Proof of Concept 1.Buy a product and in the Shipping metho...

in microweber/microweber

Description There is no input field length in update username where any user can able to add large number of characters like imagine we can add more 5000+ character on to the update name field . Steps to Reproduce Visit the particular URL Vulnerable-link Where there is a functionality to update o...