Pterodactyl 跨站请求伪造漏洞

Pterodactyl is an open source game server administration panel built using PHP, Nodejs and Go. A cross-site request forgery vulnerability exists in versions of Pterodactyl prior to 1.6.3, which stems from a malicious user being able to trigger a user logout when a logged-in user accesses a...

Cross-Site Request Forgery (CSRF) in pterodactyl/panel

Description Attacker is able to logout a user if a logged in user visits attacker website. Impact This vulnerability is capable of forging user to unintentional logout. Test Tested on Firefox, Chrome and Safari. Fix You use POST instead of GET. To expand: One way ANY could be abused here is that ...

jetty: SessionListener can prevent a session from being invalidated breaking logout

A flaw was discovered in the jetty-server, where if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts, this could result in a session not being...

Session Fixation in tsolucio/corebos

Description I created a user with username test then I log in with test in the same time on another session I delete the user test as an admin. but the user test that already logged in before that admin delete it is able to do anything that he could do before. you should kick out the users after...

in robotichead/nearbeach

Description Sensitive data on the application can be exposed after the user logout Proof of Concept 1 Login to the application https://demo.nearbeach.app/ 2 Goto page like My Account , or Any other page 3 Click logout 4 Click browser back button Impact When a user logs out without closing the...

Juniper Networks Junos OS 安全漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS that arises from the fact that in broadband...

IceHrm Session Management Vulnerability

IceHrm is a human resource management Hrm system. The system includes features such as employee management, leave management and payroll management. A security vulnerability exists in IceHrm 30.0.0 OS, which stems from the fact that logging out from an administrator account does not invalidate an...

CVE-2021-20473

IBM Sterling File Gateway User Interface 2.2.0.0 through 6.1.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 196944...

IBM Sterling File Gateway 代码问题漏洞

IBM Sterling File Gateway is an application for transferring files between internal and external partners, allowing you to more securely and reliably transfer files with trading partners. IBM Sterling File Gateway versions 2.2.0.0-5.2.6.53, 6.0.0.0-6.0.3.4, 6.1 A security vulnerability exists in...

in livehelperchat/livehelperchat

Description Sensitive data on the application can be exposed after the user logout Proof of Concept 1 Login to the application demo.livehelperchat.com/siteadmin/ 2 Go to page like My Account , or Any other page 3 Click logout 4 Click browser back button Impact When a user logs out without closing...

in snipe/snipe-it

Description Sensitive data on the application can be exposed after the user logout Proof of Concept 1 Login to the application https://demo.snipeitapp.com/ 2 Goto page like My Account , or Any other page 3 Click logout 4 Click browser back button Impact When a user logs out without closing the...

IceHrm 代码问题漏洞

IceHrm is a human resource management Hrm system. The system includes features such as employee management, leave management and payroll management. A security vulnerability exists in IceHrm 30.0.0 OS, which stems from the fact that logging out from an administrator account does not invalidate an...

jetty: SessionListener can prevent a session from being invalidated breaking logout

A flaw was discovered in the jetty-server, where if an exception is thrown from the SessionListenersessionDestroyed method, then the session ID is not invalidated in the session ID manager. On deployments with clustered sessions and multiple contexts, this could result in a session not being...

in kcal-app/kcal

Description Sensitive Data can be exposed even after logouting the application due to ui wrong action Proof of Concept 1 login to the application dashboard http://demo.kcal.cooking/ 2 Goto Any pages recipes,foods 3 Click logout 4 Click browser back button Application structure exposed we can stil...

in flarum/framework

Description Sensitive Data can be exposed even after logouting the application due to ui wrong action Proof of Concept 1 login to the application dashboard as admin https://demo.flarum.site/admin/ 2 Goto Any pages dashboard,permissions etc 3 Click logout 4 Click browser back button 5 Will Re-ente...

in collectiveaccess/providence

Description Sensitive Data can be exposed even after logouting the application due to ui wrong action Proof of Concept 1 login to the application dashboard https://demo.collectiveaccess.org 2 Goto Any pages dashboard,administrations etc 3 Click logout 4 Click browser back button Impact Any other...

EulerOS 2.0 SP5 : mod_auth_mellon (EulerOS-SA-2021-2511)

According to the versions of the modauthmellon package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate...

in zikula/core

Description Sensitive Data can be exposed even after logouting the application Proof of Concept Tested url :: https://demo.ziku.la/ Tested on :: Firefox 1 Login to the application 2 Got my account 3 Click logout button 4 Press browser back button 5 Now the we can re-enter to the dashboard Impact...

EyouCMS Open Redirect Vulnerability

EyouCms is a free and open source enterprise content management system based on the TP5.0 framework that focuses on the needs of enterprise website users. An attacker can exploit this vulnerability to redirect users to malicious URLs via the logout feature...

Ubuntu 21.04 : mod-auth-mellon vulnerability (USN-5069-2)

The remote Ubuntu 21.04 host has a package installed that is affected by a vulnerability as referenced in the USN-5069-2 advisory. USN-5069-1 fixed a vulnerability in mod-auth-mellon. This update provides the corresponding updates for Ubuntu 21.04. Tenable has extracted the preceding description...