70 matches found
Localize: No Cross-Site Request Forgery protection at multiple locations
The Localize application does not provide protection against CSRF attacks at various locations. For example, the following actions/pages are vulnerable: POST /pages/createproject POST /pages/settings POST /addphrase/$var/languages/$var See...
Localize: Server header - information disclosure
X-Powered-By: PleskLin HTTP/1.1 200 OK Date: Thu, 17 Apr 2014 19:52:33 GMT Server: Apache Pragma: no-cache Expires: Mon, 24 Mar 2008 00:00:00 GMT Cache-Control: no-cache X-Powered-By: PleskLin Vary: Accept-Encoding Keep-Alive: timeout=15, max=100 Connection: Keep-Alive Content-Type: text/html;...
Localize: HTML/Javascript possible in "Discussion" section of reviews
It's possible to enter HTML code and/or execute javascript code in the "Discussion" section for review. To reproduce: - Enter a new phrase in a project. - Login as a different user and provide a new translation for the phrase. - Switch back to the user that created the project and check the revie...
Localize: Full path disclosure
I signed up for localize with [email protected], and localize sent me a verification link which was: http://www.localize.io/verify/e6be646b24pdd3w6d5c27ppa9a267ee7 When I visited that link I found it was showing the following error: Fatal error: Call to a member function...
Localize: Unexpected array leaks information about the system
By changing a string parameter on the /pages/settings page to an array see example.png and submitting the form, the page shows an error message leaking information about the server and functions used see error.png. This works on multiple POST parameters. Warning: trim expects parameter 1 to be...
Localize: XSS in invite approval
If a translator's name is set as ā and requests to join a project, and the project admin clicks on the review to accept it, it results in an xss. Screen: attacker/translator: http://prntscr.com/3ax1ca contributor/admin: http://prntscr.com/3ax1ix...
Localize: XSS in main page
If a project name is saved with a XSS string such as: ā!-- and a translator visits it, it'll result in the xss executing in the main page, due to the fact that it shows your recent visits. Screen: http://prntscr.com/3awwuv...
Localize: Change user settings through CSRF
Hello, it's trivial to change the user settings. Just use this HTML code: In addition with some Javascript code that submits the form automatically, making the user visit the snipped of code above will change their user settings. If their e-mail address is altered too, and the adversary gets a...
Localize: XSS in Groups
Visit the following link after logging in: http://www.localize.io/pages/createproject/3D Add a new group with an XSS string as group name and you will see the XSS execting. String used: ? Thanks, Ben...
Localize: ClickJacking
It allows remote attackers to do some clickjacking which can be used for adding arbitrary tasks . Why? Almost all of your page has missing X-FRAME-OPTIONS header. Websites are at risk of a clickjacking attack when they allow content to be embedded within a frame. An attacker may use this risk to...