Skyliner: Password reset Token not expiring

Hello Team, Here in this scenario, I've found that the there's a kind of server side side invalidation of Password Reset tokens. Like if I've requested for password reset token token1 and I don't use it, after I will make another request for password reset token token2. This time I'll use the...

Harvest: CSRF bypass on Submit Time sheet for Approval

Hi Team, Description : There is a Authentication token is provided for submitting Time sheet for approval. Also there is a Referral given in header. But both are not validating on server side which leads to successful CSRF attack. HTML POC : Let me know if you need any other details regarding thi...

Gratipay: prevent null bytes in email field

Hi, Zawad here. Description I recently visited gratipay.com and logged in. I found that invalid characters eg. null bytes were accepted in email field, which is obviously not an expected behavior. Steps to Reproduce 1. Go to https://gratipay.com/username/emails/ 2. Enter [email protected]\0 or...

TestLink 1.9.14 - Cross-Site Request Forgery

Information ================================= Name: CSRF Vulnerability in TestLink 1.9.14 Affected Software: TestLink Affected Versions: 1.9.14 and possibly below Vendor Homepage: http://testlink.org/ Severity: High Status: Fixed Vulnerability Type: ================================= Cross Site...

Snapchat: Captcha Bypass in Snapchat's Geofilter Submission Process

Hi, Overview: Snapchat provides a form in which users can submit "Geofilters". These are filters which get applied to users snaps when they are in specific geolocations. The form https://www.snapchat.com/geofilters/submit.html allows for the submission of these "Geofilters" as an anonymous user...

Komodia SDK for Komodia Redirector with SSL Digestor Encryption Issue Vulnerability

Komodia SDK for Komodia Redirector with SSL Digestor is a suite of redirection platform tools for executing data using SSL encryption and dynamic SSL decryption from Komodia, Israel. The Komodia SDK for Komodia Redirector with SSL Digestor suffers from a cryptographic issue vulnerability that...

Sixnet Sixview 2.4.1 - Web Console Directory Traversal

No description provided by source. Exploit Title: Sixnet sixview web console directory traversal Date: 2014-04-21 Exploit Author: daniel svartman Vendor Homepage: www.sixnet.com Software Link: Not available, hardware piece - appliance Version: 2.4.1 Tested on: Sixnet Sixview web console Linux bas...

Cisco Services Portal File Download Vulnerability

A vulnerability in the ''Files Available for Download'' window of Cisco Intelligent Automation for Cloud could allow an authenticated, remote attacker to download arbitrary files from the system. The vulnerability is due to a failure to perform sufficient server-side validation of user-supplied...

Innovation CMS uploadImageFile_do. jsp page file upload vulnerability-vulnerability warning-the black bar safety net

Brief description: Innovation CMS any upload JSP executable script file vulnerability, affecting a large number of office, municipal government website. Detailed description: Before the vulnerability is reported in a cnvd, it should be cnvd requirements to the vulnerability reported to the tick. ...

Cisco WebEx Social Client-Side Restriction Bypass Attribute Change Vulnerability

A vulnerability in the user management page of WebEx Social could allow an authenticated, remote attacker to inject arbitrary values into the Screen Name, Email Address, First Name, Middle Name, Last Name, and Job Title fields. The vulnerability is due to insufficient server-side validation of...

Cyberoam Unified Threat Management: OS Command Execution

Hi, Please find below the details of a vulnerability I discovered in Cyberoam UTM device. The Vendor was notified, however I did not receive any response from Vendor despite repeated email reminders. SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 bui...

Cyberoam UTM Multiiple Vulnerabilities

Exploit for hardware platform in category web applications Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and...

Cyberoam UTM - Multiple Vulnerabilities

Cyberoam UTM - Multiple Vulnerabilities SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured...

Cyberoam UTM - Multiple Vulnerabilities

SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and productivity to...

Cyberoam UTM Command Execution

SECURITY ADVISORY: cyberoam-utm-command-executaion Affected Software: Cyberoam CR50ia 10.01.0 build 678 Vulnerability: OS Command Execution Severity: High Release Date: Unreleased I. Background "Cyberoam Unified Threat Management appliances offer assured security, connectivity and productivity to...

CVE-2006-3914

Cross-site scripting XSS vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before bein...