CVE-2024-6905

A vulnerability has been found in SourceCodester Record Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file viewinfouser.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been...

Holy Grail of Security: Answer to ‘Did X Work?’ – Podcast

Get a glass. Pour in one shot of VERIS, aka the Vocabulary for Event Recording and Incident Sharing engine that generates Verizon’s funny, well-written, incredibly useful, annual Database Investigations Report DBIR. Next, add a shot of MITRE ATT&CK: the curated knowledge repository of reported...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

veris-direct.de XSS vulnerability

Open Bug Bounty ID: OBB-239980 Description| Value ---|--- Affected Website:| veris-direct.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Veris: Reflected XSS in domain www.veris.in

Hi tream, veris.in is vulnerable reflected XSS that stems from an insecure URL sanitization process performed in the file flashmediaelement.swf PoC: === https://www.veris.in/wp-includes/js/mediaelement/flashmediaelement.swf?jsinitfunctio%gn=alert1 Fix: === Update to WordPress 4.5.2 regards, azios...

Veris: [Stored XSS] sandbox.veris.in

Hello I want to report you another xss... but it's stored Steps to reproduce it : 1 . First create a group . 2. Go to https://sandbox.veris.in/portal/members/ and add a member with name " . 3. Add this member in a group created in step 1 .. . 4. Go to https://sandbox.veris.in/portal/assets/ and...

Veris: [XSS] sandbox.veris.in

Hello I want to report a XSS in ,,Badge Types'' Steps to reproduce : 1. Create a badge with badge name " badge description " , select Organization press ,,Add New Badge Key '' in Key display name complete this with same payload " , complete all requirements but in ,,Input type'' select Text only'...

Veris: XSS in Asset name

Found one XSS iin asset name Steps To Reproduce 1. Create Any member at https://sandbox.veris.in/portal/members/ 2. Add that member in any group at https://sandbox.veris.in/portal/groups/ 3. Create an Asset named alert1; at https://sandbox.veris.in/portal/assets/ 4. Now go back to members...

Veris: Stored XSS in Access Rules

XSS trigger issue...

Veris: Complete Profile URL is not Random and not expiring

This issue refers to a token non expiry issue and vulnerable uri patterns for onboarding process. The On Boarding process of Veris was revamped after a few such similar reports...

Veris: Complete or Edit Another User's Profile

Hi, I've found an issue where verified users can complete and submit a profile on behalf of another user. I've attached two video POCs unlisted on YouTube. Completion - https://www.youtube.com/watch?v=erH7ShUpqso Editing - https://youtu.be/IQboAIHNpq4 Steps to reproduce: 1. Register a new user...

Veris: Insecure Direct Member Disclosure

The particular issue was related to Insecure Direct Object Reference vulnerability where a particular API was not included in the main permission sets. So the enumeration attacks could be executed...

Veris: Multiple Stored XSS on Sanbox.veris.in through Veris Frontdesk Android App

Hello Team, I have found multiple cross site scripting vulnerabilities on sanbox.veris.in due to the malicious input injected through veris frontdesk android app. Vulnerable App : Veris Frontdesk Android App Vulnerable Input Fields: 1 Who do you wish to meet? 2 Additional Information Payload used...

Veris: Critical IDOR - Make Rule for Any Group & Any Venue remotely

Hello Team, I have found a critical IDOR vulnerability using which an attacker can make/create a rule for any group and any venue remotely by just changing the groupid and venueid in the request. Proof of Concept: Please find the attached screenshots. Best Regards, Hely H. Shah...

Veris: Critical IDOR - Get Authentication Details of any Terminal/Gatekeeper

Hello Team, I have found a critical IDOR using which an attacker can get authentication details of any gatekeeper/terminal remotely by just changing the value of gatekeeper/terminal id. Proof of Concept: Please find it attached. Best Regards, Hely H. Shah...

Veris: Missing Server Side Validation of CSRF Middleware Token in Change Password Request

Hello Team, I have found that CSRF Middleware Token is not getting validated at server side in CHANGE PASSWORD request. This request even works without csrfmiddlewaretoken. Steps to Reproduce: 1. Login to your Veris View Account. 2. Go to Settings. 3. Change your password. 4. Submit the form. 5...

Veris: Critical IDOR - Delete any rule of any organization remotely

Hello Team, I have found a critical IDOR issue which escalates a user privilege and allows and attacker to delete any rule of any organization remotely through his own account by just changing the rule id in DELETE Request. This is again similar to previously reported critical IDORs to delete a...