GHSA-X3F4-V83F-7WP2 Authorizer: Password reset token theft and full auth token redirect via unvalidated redirect_uri

Hi, I found that 6 endpoints in Authorizer accept a user-controlled redirecturi and append sensitive tokens to it without validating the URL against AllowedOrigins. The OAuth /app handler validates redirecturi at httphandlers/app.go:46, but the GraphQL mutations and verifyemail handler skip...

GHSA-36RG-GFQ2-3H56 Better Auth Open Redirect Vulnerability in originCheck Middleware Affects Multiple Routes

Summary An open redirect has been found in the originCheck middleware function, which affects the following routes: /verify-email, /reset-password/:token, /delete-user/callback, /magic-link/verify, /oauth-proxy-callback. Details In the matchesPattern function, url.startsWith can be deceived with ...

CVE-2025-53535 Better Auth has an Open Redirect Vulnerability in originCheck Middleware Affecting Multiple Routes

Better Auth is an authentication and authorization library for TypeScript. An open redirect has been found in the originCheck middleware function, which affects the following routes: /verify-email, /reset-password/:token, /delete-user/callback, /magic-link/verify, /oauth-proxy-callback. This...

PT-2024-37047 · Unknown · Better Auth

Name of the Vulnerable Software and Affected Versions: Better Auth versions prior to v1.1.6 Description: An open redirect vulnerability has been identified in the verify email endpoint of Better Auth, potentially allowing attackers to redirect users to malicious websites. This issue affects users...

CVE-2023-6152

An authentication bypass vulnerability was found in the verifyemailenabled feature of Grafana. Even when enabled, this configuration option does not fully enforce email verification. This issue could allow a remote attacker that has authenticated with basic credentials to change the email address...

Use of a Broken or Risky Cryptographic Algorithm in anonaddy/anonaddy

Description MD5 and SHA-1 are popular cryptographic hash algorithms often used to verify the integrity of messages and other data. Recent advances in cryptanalysis have discovered weaknesses in both algorithms. Consequently, MD5 and SHA-1 should no longer be relied upon to verify the authenticity...

Savsoft Quiz 5 - Persistent Cross-Site Scripting

Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Date: 2020-07-09 Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux ---Vulnerable Source Code---- functio...

GHSA-H4MF-75HF-67W4 Information disclosure in parse-server

you can fetch all the users' objects, by using regex in the NoSQL query. Using the NoSQL, you can use a regex on sessionToken "SessionToken":"$regex":"r:027f" and find valid accounts this way. Using this method, it's possible to retrieve accounts without interaction from the users. GET...

PT-2020-18345 · Parse · Parse Server

Name of the Vulnerable Software and Affected Versions: parser-server versions prior to 4.1.0 Description: The issue allows fetching all user objects by utilizing regex in the NoSQL query, specifically targeting the sessionToken. This can be achieved through the API endpoint "/parse/users/me" by...

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection

No description provided by source. Title: vBulletin Verify Email Before Registration Plugin - SQL Injection Date: September 19 2014 Version: Any vBulletin 4.. version which has the plugin installed. Plugin: http://www.vbulletin.org/forum/showthread.php?t=294164 Author: Dave FW/FG The vulnerabilit...

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Vulnerability

Exploit for php platform in category web applications Title: vBulletin Verify Email Before Registration Plugin - SQL Injection Date: September 19 2014 Version: Any vBulletin 4.. version which has the plugin installed. Plugin: http://www.vbulletin.org/forum/showthread.php?t=294164 Author: Dave FW/...

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection

vBulletin 4.x Verify Email Before Registration Plugin - SQL Injection Title: vBulletin Verify Email Before Registration Plugin - SQL Injection Date: September 19 2014 Version: Any vBulletin 4.. version which has the plugin installed. Plugin: http://www.vbulletin.org/forum/showthread.php?t=294164...

ShaadiClone 2.0 Add Administrator

ShaadiClone v2.0 addadminmembercode.php Add Admin function validateform ifform.name.value == "" || !isNaNform.username.value alert"Please enter your name correctly."; form.username.focus; return false; ifform.name.value == "" || !isNaNform.fname.value alert"Please enter your name correctly.";...