4 matches found
Broken Access Control on "http://localhost/api/user" endpoint
Description Able to create an Admin account from normal User account. Steps 1.Navigate to https://localhost/. 2.Then click on login and then register, fill the form and click Register. 3.Now login with a newly created user account with intercepting the traffics in burp. 4.Turn on the burp interce...
An user can delete other user's post
Description As the title, an attacker can delete other user's post via post id can be bruteforce Here is video poc: https://drive.google.com/file/d/18QucWYwkpO9kVPMqNzSQ-ptwrZGk-UP9/view?usp=sharelink Proof of Concept DELETE /api/memo/$1026$ HTTP/2 Host: demo.usememos.com Cookie:...
U.S. Dept Of Defense: IDOR to Account Takeover on https://████/index.html
Hello Team! Summary: I found when you wish to update your profile on https://███████/ after your login through https://██████████/signIn/signIn.html website due to an IDOR. This IDOR gives you the opportunity to change the origin email for the registered account by changing the ID parameter on th...
Dup Scout Enterprise 9.9.14 - 'Input Directory' Local Buffer Overflow
!/usr/bin/python Exploit Title : Dup Scout Enterprise v9.9.14 - 'Input Directory' Local Buffer Overflow Date : 04 Sept, 2017 Exploit Author : Touhid M.Shaikh - www.touhidshaikh.com Contact : https://github.com/touhidshaikh Vendor Homepage: http://www.dupscout.com/ Version : v9.9.14 Software Link ...