16 matches found
RelateIQ Mail Encoding Script Code Injection
Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1320 Video: http://www.vulnerability-lab.com/getcontent.php?id=1332 Release Date: ============= 2014-12-02 Vulnerabili...
RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability
Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1320 Video: http://www.vulnerability-lab.com/getcontent.php?id=1332 Release Date: ============= 2014-12-02 Vulnerabili...
RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability
Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1332 View: https://www.youtube.com/watch?v=ZxGbG6U45NE Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1320 Release Date:...
RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability
Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1332 View: https://www.youtube.com/watch?v=ZxGbG6U45NE Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1320 Release Date:...
RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability
Document Title: =============== RelateIQ Bug Bounty 1 - Persistent Signup Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1320 Video: http://www.vulnerability-lab.com/getcontent.php?id=1332 Release Date: ============= 2014-12-02 Vulnerabili...
RelateIQ: PoodleBleed
Hi, You are using vulnerable SSL which is vulnerable to poodlebleed more info on this attack. http://poodlebleed.com/ Vulnerable Domain: app.relateiq.com...
RelateIQ: Relateiq SSLv3 deprecated protocol vulnerability.
Relateiq Website service encrypts traffic using an old deprecated protocol with known weakness wich is obsolete and insecure, you should disable it. POC in the attachments. https://foundeo.com/products/iis-weak-ssl-ciphers/test.cfm?testdomain=www.relateiq.com...
RelateIQ: Cross-site Scripting in mailing (username)
There appears to be a Cross-site Scripting vulnerability related to my previous report in the newsletter mailing. See my attached screenshot. The steps to exploit and the impact are the same as in the previous report, but to exploit this specific XSS an attacker would have to register an account...
RelateIQ: Resubmitted with POC #18685 Password reset CSRF
Hey there I found out that an attacker can use the password reset link to forge requests because there is no CSRF token in that particular request to validate that request. You should always have a CSRF token in the password reset request...
RelateIQ: SSRF (Portscan) via Register Function (Custom Server)
Hi, the custom server option during registration allows performing portscans or "Server Side Request Forgery" from "relateiq" systems to external and potential internal systems. the following is a sample request used excluding cookies: POST /app/GWT.rpc HTTP/1.1 Host: app.relateiq.com User-Agent:...
RelateIQ: Failed Certificate Validation On Custom Server (Register)
Hi, in the register page a custom server can be used to define "where to connect to". Your system does not validate the SSL certificate of this host which makes it easy to tamper with the data your system do in behalf of the user. As only SSL links are allowed by the application the user could...
RelateIQ: Old Sessions remain valid after the password change.
Industry Standard Procedure When the password is changed or email address has been updated for any particular account,all the sessions which were active with the old password/email should be destroyed. Reason If somehow anybody hacked into your account and you understand that someone has trespass...
RelateIQ: Wildcard DNS in website
I found wildcard DNS enabled on your server. The domain 95624031154.relateiq.com is at the following IP 192.33.31.56. Such information should not be publicaly available...
RelateIQ: TRACE disclosure attack may be possible
I have tried to check if Cross Site Tracing is possible, fired up my command line and curl -X TRACE www.relateIQ.com. The response may not actually shows it is vulnerable, but it is not as well a message for properly configured " no " to Cross Site Tracing attack. Kindly check it sir. Thank you...
RelateIQ: RelateIQ GWT based application visible to unauthenticated users
When a legitimate user authenticates to the RelateIQ application, since it is a GWT based application, a request is sent to the URL https://app.relateiq.com/app/app.nocache.js. This detects the browser and then a corresponding request is sent to the URL...
RelateIQ: open redirect
go to https://www.relateiq.com/sign-up 2. Fill the form and click on signup free button. 3. Intercept the request using tamper data and change the 'retURL' parameter to any value like https://google.com any evil url and submit the request. 4. The web app redirect to any evil website...