CVE-2023-31862

jizhicms v2.4.6 is vulnerable to Cross Site Scripting XSS. The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the reque...

CVE-2023-31862

jizhicms v2.4.6 is vulnerable to Cross Site Scripting XSS. The content of the article published in the front end is only filtered in the front end, without being filtered in the background, which allows attackers to publish an article containing malicious JavaScript scripts by modifying the reque...

CVE-2023-25934

DELL ECS prior to 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request...

Cross-site Scripting (XSS) - Stored in tsolucio/corebos

Description There is a taint path can store payload into the database. visit http://127.0.0.1/corebos-master/index.php?action=PickList&module=PickList and click Add Item, the Add new entries here: can be tainted. Although there has a front limitation, but we can bypass it by modifying the request...

PT-2023-22191 · Sap · Sap Crm

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions S4FND 102, 103, 104, 105, 106, 107, WEBCUIF, 700, 701, 731, 730, 746, 747, 748, 800, 801 Description: The issue allows an authenticated attacker to modify HTTP verbs used in requests to the web server. This...

Garage Management System 1.0 Cross Site Scripting

Exploit Title: Garage Management System 1.0 - 'categoriesName' - Stored XSS Date: 18-09-2022 Exploit Author: Sam Wallace Software Link: https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html Version: 1.0 Tested on: Debian CVE : CVE-2022-41358 Summary:...

MTN Group: Authentication Bypass Leads To Complete Account TakeveOver on ██████████

The application's backend logic placed too much trust on the login information submitted by the user, which allowed a remote attacker to bypass authentication and perform account takeover...

GHSA-P487-39H9-HM84 Jenkins Google Login Plugin 1.0 and 1.1 allows anonymous users to authenticate through client-side request modification

The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...

Jenkins Google Login Plugin 1.0 and 1.1 allows anonymous users to authenticate through client-side request modification

The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...

CVE-2015-5298

The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...

Design/Logic Flaw

The Google Login Plugin versions 1.0 and 1.1 allows malicious anonymous users to authenticate successfully against Jenkins instances that are supposed to be locked down to a particular Google Apps domain through client-side request modification...

CVE-2022-30562

If the user enables the https function on the device, an attacker can modify the user’s request data packet through a man-in-the-middle attack ,Injection of a malicious URL in the Host: header of the HTTP Request results in a 302 redirect to an attacker-controlled page...

Moodle Users could elevate their role when accessing the LTI tool on a provider site

A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site...

CVE-2022-22434

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with physical access to create an API request modified to create additional objects. IBM X-Force ID: 224159...

envoyproxy/envoy: denial of service when using extensions that modify request or response sizes

An out-of-bounds memory read vulnerability was found in envoyproxy/envoy. When using one of the following envoy extensions, it is possible to modify and increase the request or response body size of the following: the decompressor, json-transcoder, grpc-web, or other proprietary extensions. This...

CVE-2021-21390 MITM modification of request bodies in MinIO

MinIO is an open-source high performance object storage service and it is API compatible with Amazon S3 cloud storage service. In MinIO before version RELEASE.2021-03-17T02-33-02Z, there is a vulnerability which enables MITM modification of request bodies that are meant to have integrity guarante...

InnoGames: Cache Poisoning via uppercase letters in invalid path

Summary of the issue Cache poisoning vulnerability appears in the request to innogames.com. The issue arises when language path parameter from the url gets processed on the backend to become lowercase. Then if a path provided in X-Forwarded-Host does not exist on the server, 301 response is...

GHSA-Q257-VV4P-FG92 Header Forgery in http-signature

Affected versions of http-signature contain a vulnerability which can allow an attacker in a privileged network position to modify header names and change the meaning of the request, without requiring an updated signature. This problem occurs because vulnerable versions of http-signature sign the...

HackerOne: Can read features from any user

Summary: An attacker can read feature notifications from any user. Just need to change me to userusername:"filedescriptor" in your request to get the features. Steps To Reproduce POST /graphql HTTP/1.1 Host: hackerone.com "query":"query Newfeature \n query \n id,\n ...F0\n \n\nfragment F0 on Quer...

Authorization Bypass

TeamPass is vulnerable to authorization bypass. The application does not properly check if a user has the proper permissions to access an item, allowing a malicious user to modify or delete multiple attributes of an item by modifying requests sent to the application...