Bypass IP detection lead to perform brute-force attack

Description In login function, by default, the IP address will be blocked when the user tries to login incorrectly more than 3 times but we can bypass this mechanism by abuse X-Forwarded-For header to bypass IP dectection and perform password brute-force. Proof of Concept POST...

WordPress GetYourGuide Ticketing 1.0.1 Cross Site Scripting Vulnerability

Exploit Title: WordPress Plugin ‘GetYourGuide Ticketing’ - Stored Cross-Site Scripting Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/search/GetYourGuide+Ticketing/ Version: 1.0.1 Tested on: Firefox Contact me: email protected Vulnerable code: " POC: ...

Insecure redirect when submit invalid form

Description When submit invalid form, the server will redirect to url which obtain via Referrer header. Proof of Concept POST /create-shelf HTTP/2 Host: book.dansmonorage.blue Cookie: csrftoken=ZpIuGbCcxOyhta5bki4N46N7vknEAcpaG3881kcMAfWKBEYKEiLEeSc3Sr4lUTVa; djangolanguage=en-us;...

WordPress W-DALIL 2.0 Cross Site Scripting

Exploit Title: WordPress Plugin W-DALIL - Stored Cross Site Scripting Date: 27-06-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/w-dalil/ Version: 2.0 Tested on: Firefox Contact me: [email protected] Vulnerable Code: " value="" / Steps To...

WordPress WP Event Manager 3.1.27 Cross Site Scripting

Exploit Title: WordPress Plugin WP Event Manager - Stored Cross Site Scripting Date: 15-05-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/wp-event-manager/ Version: 3.1.27 Tested on: Firefox Contact me: [email protected] Steps To Reproduce...

Cross-site scripting - Stored via upload ".msg" file

Description When user upload file with .msg extension in white-list, but when access this file, server not reponse with Content-type header, so this file can execute javascript code as Content-type: text/html Proof of Concept POST /microweber/plupload HTTP/1.1 Host: localhost User-Agent:...

WordPress ScrollReveal.js Effects 1.1.1 Cross Site Scripting

Exploit Title: WordPress Plugin ScrollReveal.js Effects - Stored Cross Site Scripting Date: 25-04-2022 Exploit Author: Mariam Tariq - Hunt3rsherlock Vendor Homepage: https://wordpress.org/plugins/scrollrevealjs-effects/ Version: 1.1.1 Tested on: Firefox Contact me: [email protected]...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 checking CVE-2021-3156 vulnerability & patchi...

Slack: Stored XSS on team.slack.com using new Markdown editor of posts inside the Editing mode and using javascript-URIs

Hi, I noticed while looking at an old article I made a while ago that some links were actually inserted as javascript:-links. Doing some modifications to these actually revealed that inside editing mode, no protection is added for getting arbitrary scripts to run. This means that by catching the...

PHPMyRecipes 1.2.2 - browse.php?category SQL Injection

PHPMyRecipes 1.2.2 - browse.php?category SQL Injection Exploit Title : phpMyRecipes 1.2.2 SQL injectionpage browse.php, parameter category Author : Manish Kishan Tanwar Download Link : http://prdownloads.sourceforge.net/php-myrecipes/phpMyRecipes-1.2.2.tar.gz?download Date : 23/12/2014 Discovered...

Openkm Document Management System 6.4.17 Cross Site Scripting

Openkm Document Management System Suffers From Cross Site Scripting Attack http://khalil-shreateh.com/khalil.shtml/images/articles/websites/vulnerabili ties/openkm.jpg Version Khalil Shreateh Auther Website: http://khalil-shreateh.com Status : Reported . Report Link :...