OWOX, Inc.: Session is not expire after logout

Reproduction: step no 1:Open URL:https://www.owox.com/products/ or open your user account step no 2: copy URL or paste another tab step no 3:Go back again first tab or logout your account step no 4: And check the copied URL section is working properly Reference From :244875 Reference From :263873...

OWOX, Inc.: Server-side cache poisoning leads to the http://my.dev.owox.com inaccessibility

By using single specially crafted URL, it was possible to cause service inaccessibility for all users who will visit the site, as result of infinite redirect loop. I discovered an issue, when by using single specially crafted URL, it was possible to cause service inaccessibility for all users who...

OWOX, Inc.: Access to Grafana Dashboard

Hi, I was looking at the office.owox.com on port 3000 Grafana webapp. I'm not sure if it is for demo purposes, but I can access the main dashboard and view all graphs. I am also able to sign in and create my own organizations, dashboards etc. I searched on the net for any reference to this web...

OWOX, Inc.: Subdomain Takeover on OWOX.RU

Subdomain http://www.owox.ru/ was preserved from being taken over by an attacker: https://kiosk.owox.ru/ https://blog.owox.ru/...

OWOX, Inc.: Subdomain Takeover on http://blog.owox.com/

Subdomain Takeover via http://blog.owox.com Subdomain Takeover via http://blog.owox.com...

OWOX, Inc.: ClickJacking

hi there ! i have found clickjacking vulnerability in your website you should set the frames to fix the issue...

OWOX, Inc.: Subdomain Takeover on http://kiosk.owox.com/

Subdomain http://kiosk.owox.com/ was preserved from being taken over by an attacker...

OWOX, Inc.: HTTP Response Splitting(CRLF injection) in bi.owox.com

Hello, I found a CRLF injection vulnerability in bi.owox.com More about HTTP response splitting https://www.owasp.org/index.php/TestingforHTTPSplitting/SmugglingOTG-INPVAL-016 POC Burp Adding a new header with %0d%0a F122461 Regards, Florin...