U.S. Dept Of Defense: IDOR leads to view other user Biographical details (Possible PII LEAK)

The researcher discovered an Insecure Direct Object Reference IDOR vulnerability in the www.██████████ domain. The vulnerability allowed a user to access other users' biographical details, leading to a potential Personally Identifiable Information PII leak. The vulnerable endpoints were located i...

no spoofing protection on email domain (No Valid SPF Records.)

What Is SPF/TXT Records? An SPF record is a type of Domain Name Service DNS record that identifies which mail servers are permitted to send email on behalf of your domain. The purpose of an SPF record is to prevent spammers from sending messages with forged From addresses at your domain. Checking...

UPS VDP: Broken access control

Summary: hello ups team ,,, I've found broken access control vulnerability in your sites It allows me to access the admin panel of the support team, and I can view all requests within the site vulnerable domains:connectnb.ups.com Steps To Reproduce: add details for how we can reproduce the issue ...

CVE-2022-0989

An unprivileged user could use the functionality of the NS WooCommerce Watermark WordPress plugin through 2.11.3 to load images that hide malware for example from passing malicious domains to hide their trace, by making them pass through the vulnerable domain...

Vulnerability fixed in Samba

Ubuntu has fixed a vulnerability in Samba. The vulnerability potentially allows a malicious party to obtain domain administrator rights. The vulnerability with reference CVE-2020-1472 in Samba in that case should be exploited in conjunction with a vulnerable Microsoft domain controller to be...

Mail.ru: RCE Jira(CVE-2019–11581) [my-com.atlassian.net]

Hello, Summary i found the domain my-com.atlassian.net is vulnerable with RCE JiraCVE-2019–11581 via contact admin function POC - on page https://my-com.atlassian.net/secure/ContactAdministrators!default.jspa - use payload on Subject & Request details...

Slack: Real Time Error Logs Through Debug Information

Summary: During the assessment, I have found the debug URL on slackb.com which is disclosing the World Wide real time error logs of Slack users. The information leaked includes the following: 1. User Device Information 2. Redacted Token 3. Client IP Address 4. Description 5. Session ID 6. Team ID...

Hacking Guatemala’s DNS – Spying on Active Directory Users By Exploiting a TLD Misconfiguration

Guatemala City, ByRigostar Own work CC BY-SA 3.0, via Wikimedia Commons. UPDATE: Guatemala has now patched this issue after I reached out to their DNS administrator and with a super quick turnaround as well! In search of new interesting high-impact DNS vulnerabilities I decided to take a look at...

ok.ru: Same-Origin Policy Bypass #2

Hi, This is really similar issue to my previous report 102234 - exploitation mechanism is really same but other swf file is vulnerable. All conditions are met: - st.mycdn.me domain which is in ok.ru crossdomain.xml - Security.allowDomain'' - possibility to execute own SWF code provided by URL...

X (Formerly Twitter): Subdomain Expired

Vulnerable domain: mopub.com Vulnerable SUB-domain: http://tool.mopub.com your subdomain http://tool.mopub.com which is pointing to hosted-by.myinternetservices.com and service is expirted at myinternetservices.com Remove this entry otherwise attacker can use this one. thanks...