Lucene search
K

685 matches found

Hacker One
Hacker One
added 2017/04/24 11:7 a.m.7 views

Weblate: Directory Listing

Proof Of Concept Navigate this domain: https://hg.weblate.org Some information Disclosure: https://hg.weblate.org/sumwars/Changelog.txt https://hg.weblate.org/kallithea-stable/Apache-License-2.0.txt Some software verison Thanks,...

6.9AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 10:45 a.m.11 views

Weblate: You can simply just use passwords that simply are as 123456

This may not be a issue but is a flaw for many websites because passwords should contain letters and characters like - and much more. Uppercase, lowcase. as it makes it much more secure it will be acceptable. this might scare your customers away feeling unsecure...

2.2AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 10:33 a.m.23 views

Weblate: CSRF - Changing the full name / adding a secondary email identity of an account via a GET request

SUMMARY ---------- Hello, I have found a CSRF request via the activation email that will change the full name of the targeted account. This vulnerability exists if the attacker registers a new account and then gives his activation link to someone else. If the victim uses the received activation...

1.4AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 10:25 a.m.18 views

Weblate: Improper Password Reset Policy on https://hosted.weblate.org/

Application should not allow the user to set the last 3-5 password in terms of secure design principles. It should give a warning or provide such avoidance while user is using repetitive usage of passwords. Repro: 1. Try to set same old password via Password Reset link. Fix: Application should...

7.1AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 10:9 a.m.29 views

Weblate: Insecure Account Removal

Hi Team, The removal of account is one of the sensitive part of a web application that needs to protect, therefor removing an account should validate the authenticity of the legitimate user, however i have found that when removing an account, the system did not require the user to input the accou...

2.1AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 9:49 a.m.29 views

Weblate: CSRF : Lock and Unlock Translation

Description : Attacker can force to victim for Lock and Unlock Translation. That HTTP Request : GET /lock/aptoide-uploader/strings/ka/ HTTP/1.1 Host: hosted.weblate.org Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10123 AppleWebKit/537.36 KHTML,...

Exploits0
Hacker One
Hacker One
added 2017/04/24 9:43 a.m.19 views

Weblate: CSV Injection with the CSV export feature

Step to reproduce : 1.go to https://hosted.weblate.org/dictionaries/aptoide-uploader/bn/add 2.add "=1+1" to Source and Translation filed F178723 3.now do CSV export 4.you can see all the cell is displayed as "2" which means the code is executed. Best Regad's, Jay Patel...

7.3AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 9:42 a.m.13 views

Weblate: Already Registered Email Disclosure

Hello, In the registration at https://hosted.weblate.org/accounts/register/ , I found that trying an already used email would inform the register that you are trying used one, so with a dictionary of emails a hacker can determine the emails of all users in database and use that in phishing. Note:...

Exploits0
Hacker One
Hacker One
added 2017/04/24 9:27 a.m.17 views

Weblate: Activation tokens are not expiring

Hi Team, Domain: demo.weblate.org In this bug, maybe it is low risk but i have found a way to login any person to the attackers account, therefor when any user login to attackers account, the attacker can see the users activity on attackers account. The issue relies on the password reset. Stes to...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 9:20 a.m.33 views

Weblate: CSRF : Reset API

Description : Attacker can force to victim for reset his API. That HTTP Request : GET /accounts/reset-api-key/ HTTP/1.1 Host: hosted.weblate.org Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Mozilla/5.0 Macintosh; Intel Mac OS X 10123 AppleWebKit/537.36 KHTML, like Gecko...

7.2AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 9:16 a.m.9 views

Weblate: [demo.weblate.org] Stored Self-XSS via Editor Link in Profile

Hi, Input validation and/or sanitisation is not currently applied to the "Editor Link" in the user's Preferences. Consequently, it is possible to store a JavaScript payload which is stored and executes in the Weblate instance context. F178717 Steps to reproduce 1. Visit the above Preferences page...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 9:5 a.m.17 views

Weblate: No expiration of session ID after Password change

If an user changes his password, the session persists and new session ID won't be created. POC - 1. Make any request and capture it using any proxy burp 2. Go to account settings and change the password. 3. Replay the captured request by changing any parameterusername or fullname 4. You get a...

1.2AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 9:2 a.m.15 views

Weblate: Open Redirect via "next" parameter in third-party authentication

Hi, It is currently possible to execute an open redirection attack via the next parameter with the inclusion of a triple-slash prefix. Proof of Concept Redirect URL https://demo.weblate.org/accounts/login/github/?next=///google.com After authenticating, the user will be immediately redirected to...

1.6AI score
Exploits0
Hacker One
Hacker One
added 2017/04/24 8:57 a.m.22 views

Weblate: Registration captcha bypass

Hello, I've found that it is possible to bypass captcha during registration. Attacker can automatize registration process and create multiple accounts. Here are steps to reproduce: 1. Go to registration page. Type information and catch request in proxy. 2. Get correct answer for captcha and captc...

0.7AI score
Exploits0
OpenVAS
OpenVAS
added 2017/03/17 12:0 a.m.20 views

Weblate < 2.10.1 Information Disclosure Vulnerability

Weblate is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:weblate:weblate"; if...

5.3CVSS5.4AI score0.02287EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/03/17 12:0 a.m.9 views

Weblate Detection (HTTP)

HTTP based detection of Weblate. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.106667";...

5.8AI score
Exploits0References1
Prion
Prion
added 2017/03/15 3:59 p.m.11 views

Design/Logic Flaw

The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests...

5CVSS5.3AI score0.02287EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added 2017/03/15 3:59 p.m.7 views

PYSEC-2017-42

The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests...

5.3CVSS7AI score0.02287EPSS
Exploits0References7Affected Software1
NVD
NVD
added 2017/03/15 3:59 p.m.15 views

CVE-2017-5537

The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests...

5.3CVSS5.3AI score0.02287EPSS
Exploits0References6
OSV
OSV
added 2017/03/15 3:59 p.m.23 views

PYSEC-2017-42

The password reset form in Weblate before 2.10.1 provides different error messages depending on whether the email address is associated with an account, which allows remote attackers to enumerate user accounts via a series of requests...

5.3CVSS5.5AI score0.02287EPSS
Exploits0References7
Rows per page
Query Builder