CVE-2025-59139

CVE-2025-59139 affects the Hono web framework (pre-4.9.7). A flaw in the bodyLimit middleware allowed bypassing the configured request body size limit when conflicting headers were present, because Content-Length could be prioritized over Transfer-Encoding: chunked. The HTTP spec requires Transfe...

LinkedIn: A Unverified User Can Post Newsletter (Which Is Not Allowed Through Application UI)

A vulnerability was discovered in LinkedIn that allowed unverified users to create newsletters, even though this feature was not accessible to them through the application's user interface. By sending a specific request with the unverified user's cookie, the newsletter creation API could be...

ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Takeover

Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Takeover Date: 18/03/2022 Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 1. About -...

Laundry Booking Management System 1.0 SQL Injection

Exploit Title: Laundry Booking Management System 1.0 - 'Multiple' SQL Injection Date: 2021-08-19 Exploit Author: Azumah Foresight Xorlali Vendor Homepage: https://www.sourcecodester.com/php/14400/laundry-booking-management-system-php-source-code.html Software Link:...

RATES SYSTEM 1.0 SQL Injection

Exploit Title: RATES SYSTEM 1.0 - 'Multiple' SQL Injections Date: 11-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Software Link: https://www.sourcecodester.com/php/14904/rates-system.html Version: V1.0 Category: Webapps Tested on: Linux/Windows Description: PHP Dashboards is prone to an...

Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system

✍️ Description csrf bug to mass delete item price 🕵️‍♂️ Proof of Concept bellow request is vulnerable to csrf attack. here csrf token checking, no refferrer checking . There is nothing to prevent csrf attack . POST /online-invoicing-system/app/itempricesview.php HTTP/1.1 Host: localhost User-Agent:...

Cross-Site Request Forgery (CSRF) in kestasjk/webdiplomacy

✍️ Description CSRF bug when contacting team 🕵️‍♂️ Proof of Concept no csrf token contact .\ Bellow request is vulnerable to csrf attack POST /contactUsDirect.php HTTP/1.1 Host: webdiplomacy.net User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:88.0 Gecko/20100101 Firefox/88.0 Accept:...

Acronis: Attacker Can Access to any Ticket Support on https://www.devicelock.com/support/

Summary Hello team. I found A security issue on devicelock.com where the attacker can access to any Ticket support and real all the information that The users sent to the support. and this without user interaction. In other words: an attacker can have full access to users Ticket using Ticket id...

Reddit: [dubmash] Lack of authorization checks - Update Sound Titles

Summary: During the security testing, it has been observed that the UpdateSound api is vulnerable to IDOR. It allows an attacker to edit the victim's sound track titles. This vulnerability can be exploited using the sound track's uuid in the vulnerable request. This id is publicly known. Steps To...

Zomato: Improper Validation at Partners Login

Timeline | Timeline | Action | |---|---| | Thu, 24 Sep 2020, 12:10 IST | Researcher submitted the report on H1 with initial severity as High. | | Thu, 24 Sep 2020, 12:32 IST | First response - we asked for clarification via demonstration on attack scenarios. Parallelly, we began our own...

Savsoft Quiz 5 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Savsoft Quiz 5 - Persistent Cross-Site Scripting Exploit Author: Ogulcan Unverenth3d1gger Vendor Homepage: https://savsoftquiz.com/ Software Link: https://github.com/savsofts/savsoftquizv5.git Version: 5.0 Tested on: Kali Linux...

NeonLMS Learning Management System PHP Laravel Script 4.6 XSS Vulnerability

NeonLMS Learning Management System PHP Laravel Script version 4.6 suffers from a persistent cross site scripting vulnerability. Exploit Title: NeonLMS - Learning Management System PHP Laravel Script - 'Messages' Persistent Cross Site Scripting Exploit Author: th3d1gger Vendor Homepage:...

Zomato: [www.zomato.com] Blind SQL Injection in /php/geto2banner

Hi Team! Our team discovered a Blind SQL Injection by Abusing LocalParams resid in /php/geto2banner We are working to create a full PDF Report as an WriteUp ; Here is a Temporal Exploit based on the Vulnerable request: POST /php/geto2banner HTTP/1.1 Host: www.zomato.com Connection: close...

Automattic: [IDOR] Attacker user can Approve/Decline AFK on the behalf of other users

Summary: Hi team Hope you are good Missing proper authorization checks on the vulnerable request allows an attacker to approve/decline afk of users on the behalf of other user who is a member of other organization. This can be exploited simply by changing the responderuserid in the vulnerable...

192.168.0.172 (=4.6.1), 1campus_nodedsa (>=0.0.1 <=0.0.4) +10307 more potentially affected by CVE-2017-16026 via request (>=2.2.6 <=2.67.0)

request NPM version =2.2.6, =0.0.1, =0.1.1, =0.1.1, =1.0.0, =0.2.2, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.0.1, =0.0.3 and more Source cves: CVE-2017-16026 Source advisory: OSV:GHSA-7XFP-9C55-5VQJ...

Discourse: Account takeover at https://try.discourse.org due to no CSRF protection in connecting Yahoo account

Hi There is an option in https://try.discourse.org/u/testh1ay/preferences/account to connect our Yahoo account. I noticed Connect Yahoo account option have the workflow with GET method and there is lack of csrf protection on connecting yahoo account which can help attacker into inducing victim to...

HackerOne: User login page doesn't implement any form of rate limiting

Hi Team, Summary: As a best practice a login page should have a rate limitting just like hackerone.com Vulnerable Request POST /auth/postlogin HTTP/1.1 Host: ctf.hacker101.com User-Agent: Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: https://ctf.hacker101.com/...

Samsung SmartThings Hub video-core credentials Parsing SQL Injection Vulnerability(CVE-2018-3879)

Summary An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the...

LinkedIn: Can delete other user's post and company page post

Vulnerability description not provided...

Shopify: Access to Private Photos of Apps in App section(IDOR)

Bug location : https://MyShop.myshopify.com/admin/apps Description : Previewing the Photo In App section Request is vulnerable to IDOR attack where changing the ID leads to Disclose Link of Private photos. Also It discloses the Shop Domain details also. The request goes through...