Lucene search
K

4 matches found

Huntr
Huntr
â€ĸadded 2021/07/03 2:52 a.m.â€ĸ6 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

âœī¸ Description Stored XSS in adding properties lead by adding owners first name and second name. đŸ•ĩī¸â€â™‚ī¸ Proof of Concept Video POC: https://drive.google.com/file/d/1QbdzPJPHmQPsNl-o43a-Slub4Z3hhNh/view?usp=sharing đŸ’Ĩ Impact This vulnerability is capable of Stored XSS...

0.4AI score
Exploits0
Kitploit
Kitploit
â€ĸadded 2020/10/07 11:30 a.m.â€ĸ111 views

GHunt - Investigate Google Accounts With Emai

GHunt is an OSINT tool to extract a lot of informations of someone's Google Account email. It can currently extract : Owner's name Last time the profile was edited Google ID If the account is an Hangouts Bot Activated Google services Youtube, Photos, Maps, News360, Hangouts, etc. Possible Youtube...

6.7AI score
Exploits0References1
Prion
Prion
â€ĸadded 2020/05/18 5:15 a.m.â€ĸ15 views

Design/Logic Flaw

COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them. This allows for re-identification of a device, and potentially identification of the owner's name...

5CVSS5.3AI score0.01016EPSS
Exploits0References2Affected Software1
Hacker One
Hacker One
â€ĸadded 2017/07/02 2:19 p.m.â€ĸ33 views

WakaTime: Bypassing Access control, changing owner's name in a private leaderboard

Hello, I would like to mention a bug here that is regarding changing the name of the owner of a leaderboard by a member that is first shown forbidden but when you again try to change owner's name you can see the changes to name made in the pop up that appears. Basically when I created a private...

0.8AI score
Exploits0
Rows per page
Query Builder