Lucene search
K
HuntrMost viewed

4072 matches found

Huntr
Huntr
added 2021/09/29 10:42 a.m.13 views

Cross-Site Request Forgery (CSRF) in gunet/openeclass

Description Missing CSRF Token at all form POST action in on Application Proof of Concept // CSRF PoC history.pushState'', '', '/' Impact With CSRF attack, the attacker can perform operations to add, edit, and delete data on the application through the victim...

2.3AI score
Exploits0
Huntr
Huntr
added 2021/09/28 9:50 a.m.13 views

Open Redirect in blogifierdotnet/blogifier

Description Open redirect at login page due to unchecked "returnUrl" param Proof of Concept 1. Go to demo page link http://demo.blogifier.net/admin/login/?returnUrl=https://google.com 2. Login using demo account and see that you are redirected to google.com Impact This vulnerability is capable of...

0.6AI score
Exploits0References1
Huntr
Huntr
added 2021/09/27 5:4 a.m.13 views

in collectiveaccess/providence

Description Sensitive Data can be exposed even after logouting the application due to ui wrong action Proof of Concept 1 login to the application dashboard https://demo.collectiveaccess.org 2 Goto Any pages dashboard,administrations etc 3 Click logout 4 Click browser back button Impact Any other...

0.3AI score
Exploits0
Huntr
Huntr
added 2021/09/23 4:47 p.m.13 views

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

Description Attacker is able to change a torrents featured state to if a logged in user visits attacker website. Proof of Concept 1. When you logged in open this POC.html in a browser. 2. You can check the torrents state changed to featured. history.pushState'', '', '/' document.forms0.submit;...

0.8AI score
Exploits0
Huntr
Huntr
added 2021/09/14 5:36 a.m.13 views

Path Traversal in dmpop/mejiro

Description A path traversal attack also known as directory traversal aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash ../” sequences and its variations or by using absolute file paths, it may be...

1.5AI score
Exploits0References2
Huntr
Huntr
added 2021/09/14 5:5 a.m.13 views

in dmpop/mejiro

Description Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. Using a file upload helps the attacker accomplish this...

0.6AI score
Exploits0References2
Huntr
Huntr
added 2021/09/13 6:59 a.m.13 views

Cross-Site Request Forgery (CSRF) in e107inc/e107

✍️ Description Attacker or malicious user is able to change search setting “specific for one area such comments" if a logged in user visits attacker website. because lack of CSRF token 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally some...

0.8AI score
Exploits0References1
Huntr
Huntr
added 2021/09/12 6:16 a.m.13 views

Code Injection in jerrod-lankford/google-voice-desktop-app

✍️ Description Attackers can execute malicious code on users computers using Google Voice Desktop App provided that users click on a malicious hyperlink in the app itself 🕵️‍♂️ Proof of Concept 1. Host the following index.html on a web server require'childprocess'.exec'calc'; 2. Users who click on...

2.8AI score
Exploits0
Huntr
Huntr
added 2021/09/11 1:9 p.m.13 views

Inefficient Regular Expression Complexity in cdr/code-server

✍️ Description The code-server package is vulnerable to ReDoS regular expression denial of service. An attacker that is able to provide crafted input to the ansiRegex functionality may cause an application to consume an excessive amount of CPU. Below pinned line using vulnerable regex. The ReDOS i...

7.8CVSS0.6AI score0.01222EPSS
Exploits1
Huntr
Huntr
added 2021/09/11 5:32 a.m.13 views

Cross-site Scripting (XSS) - Stored in alanaktion/phproject

✍️ Description stored xss via svg file upload 🕵️‍♂️ Proof of Concept Here i uses demo site https://demo.phproject.org .\ 1. First goto any project and upload a svg file https://github.com/ranjit-git/poc/blob/master/evilsvgfile.svg .\ 2. Now open this svg file using url like...

7.4AI score
Exploits0
Huntr
Huntr
added 2021/09/09 7:8 a.m.13 views

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

✍️ Description Cross-site Scripting XSS refers to client-side code injection attack wherein an attacker can execute malicious scripts into a legitimate website or web application. XSS occurs when a web application makes use of unvalidated or unencoded user input within the output it generates. The...

2.1AI score
Exploits0References1
Huntr
Huntr
added 2021/09/06 1:20 p.m.13 views

Cross-site Scripting (XSS) - Reflected in btcpayserver/btcpayserver

✍️ Description XSS payload is triggered during editing and saving text included near the payment button. 🕵️‍♂️ Proof of Concept " In the app, settings try editing already included product. drop the payload in the Buy Button Text and save it hence the payload will be triggered. 💥 Impact Execution of...

4.3CVSS0.3AI score0.0077EPSS
Exploits1
Huntr
Huntr
added 2021/09/06 9:26 a.m.13 views

Cross-Site Request Forgery (CSRF) in neorazorx/facturascripts

✍️ Description Attacker able to delete any number of Warehouse Products with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your...

1.8AI score
Exploits0
Huntr
Huntr
added 2021/09/05 6:28 a.m.13 views

Path Traversal in alanaktion/mchostpanel

✍️ Description A Path Traversal vulnerability was identified in Minecraft server control panel which allows an attacker to access arbitrary user resources. 🕵️‍♂️ Proof of Concept console POST /ajax.php HTTP/1.1 Host: localhost:8080 User-Agent: curl/7.47.0 Accept: / Content-Length: 45 Content-Type:...

3.9AI score
Exploits0
Huntr
Huntr
added 2021/08/28 11:3 p.m.13 views

Cross-site Scripting (XSS) - Stored in namelessmc/nameless

✍️ Description Stored XSS in google analytics. 🕵️‍♂️ Proof of Concept 1. goto 'http://localhost/Nameless/index.php?route=/panel/core/seo/' logged in as admin. 2. enter "G-XXXXXXXX'; javascript:alert1; alert1; instead will cause any admin who visits the SEO page to have the java script activated on...

1.3AI score
Exploits0
Huntr
Huntr
added 2021/08/28 10:34 a.m.13 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to delete any disk with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.7AI score
Exploits0
Huntr
Huntr
added 2021/08/27 6:25 a.m.13 views

Cross-site Scripting (XSS) - Stored in pimcore/pimcore

✍️ Description pimcore is a Open Source Data & Experience Management Platform PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce this package is vulnerable for Stored XSS custom meta data 🕵️‍♂️ Proof of Concept 💥 Impact This vulnerability is capable of Stored XSS...

1.5AI score
Exploits0
Huntr
Huntr
added 2021/08/25 7:21 p.m.13 views

Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

✍️ Description Stored xss via generalsettings 🕵️‍♂️ Proof of Concept 1. gotohttps://demo.livehelperchat.com/siteadmin/chatbox/configuration and update a General settings with xss payload xss"'' and save it . 2. now try to edit this Chatbox settings using url like...

0.1AI score
Exploits0
Huntr
Huntr
added 2021/08/25 12:12 p.m.13 views

in zoujingli/thinkadmin

✍️ Description The application implements a cross-origin resource sharing CORS policy for requests that allows access from any domain. 🕵️‍♂️ Proof of Concept Request GET /data/shop.goods/index.html HTTP/2 Host: testdomain11.com Cookie: lang=zh-cn; PHPSESSID=45780759c5ea6ae0be9cfc95fde04bc9...

0.4AI score
Exploits0References1
Huntr
Huntr
added 2021/08/23 7:25 p.m.13 views

Cross-Site Request Forgery (CSRF) in neorazorx/facturascripts

✍️ Description Attacker able to delete any number of Accounting Subaccounts with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your...

1.7AI score
Exploits0
Huntr
Huntr
added 2021/08/23 8:28 a.m.13 views

Cross-Site Request Forgery (CSRF) in erikdubbelboer/phpredisadmin

✍️ Description The Add Key functionality in the Application is vulnerable to CSRF attack. 🕵️‍♂️ Proof of Concept history.pushState'', '', '/' 💥 Impact This vulnerability can let an attacker add data to the database without the knowledge/interaction of the user. 📍 Location index.phpL1 📝 References...

2.8AI score
Exploits0References1
Huntr
Huntr
added 2021/08/17 8:14 p.m.13 views

Cross-Site Request Forgery (CSRF) in admidio/admidio

✍️ Description Attacker able to delete any photo of a user with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/08/17 6:33 p.m.13 views

Cross-Site Request Forgery (CSRF) in leantime/leantime

✍️ Description CSRF on deleting a user. There is no token or anti csrf implemented. 🕵️‍♂️ Proof of Concept Create a .html file poc.html for example and copy paste the following code in it. Change localhost to ur domain or ip address. javascript CSRF PoC send this file to a admin when he opens the...

7.2AI score
Exploits0
Huntr
Huntr
added 2021/08/17 2:46 p.m.13 views

Cross-Site Request Forgery (CSRF) in aces/loris

✍️ Description Attacker able to delete any user with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.4AI score
Exploits0
Huntr
Huntr
added 2021/08/17 2:31 p.m.13 views

Cross-Site Request Forgery (CSRF) in aces/loris

✍️ Description Attacker able to create admin user with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/08/13 3:16 p.m.13 views

Cross-site Scripting (XSS) - Stored in ampache/ampache

✍️ Description This is a stored XSS in the mp3 management library. 🕵️‍♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Open "Artists" 1 under "Search" menu and then on the cover icon: 💥 Impact By uploading an mp3 with javascript code into...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/08/13 2:59 p.m.13 views

Cross-site Scripting (XSS) - Stored in ampache/ampache

✍️ Description This is a stored XSS in the mp3 management library. 🕵️‍♂️ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Open "Artists" 1 under "Search" menu and then "Search" 2: 💥 Impact By uploading an mp3 with javascript code into meta tag...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/08/08 3:28 a.m.13 views

Denial of Service in cortezaproject/corteza-server

You can put a very long login email text until you get the last user to put and aries or DoS. Normally emails have 64 to 225 digits. Summary There is no limit to the number of characters in the login email, which allows a DoS attack. The DoS attack affects both server-side and client-side. NOTE:...

1.5AI score
Exploits0
Huntr
Huntr
added 2021/08/05 6:16 p.m.13 views

in francoisjacquet/rosariosis

Clickjacking is a portmanteau of two words ‘click’ and ‘hijacking’. It refers to hijacking user’s click for malicious intent. In it, an attacker embeds the vulnerable site in an transparent iframe in attacker’s own website and overlays it with objects such as button using CSS skills. This tricks...

1.4AI score
Exploits0
Huntr
Huntr
added 2021/08/05 3:13 p.m.13 views

Cross-Site Request Forgery (CSRF) in tsolucio/corebos

✍️ Description Attacker able to delete any Invoice with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the I...

1.5AI score
Exploits0
Huntr
Huntr
added 2021/08/04 10:39 a.m.13 views

in postfixadmin/postfixadmin

✍️ Description clickjacking attack 🕵️‍♂️ Proof of Concept i see there is no X-Frame-Options reseponse header present which allow to load entire website in iframe . And using this clickjacking attack can be performed . 💥 Impact clickjacking attack...

1.7AI score
Exploits0
Huntr
Huntr
added 2021/08/04 9:53 a.m.13 views

Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin

✍️ Description Attacker able to add any rule with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it is...

0.9AI score
Exploits0
Huntr
Huntr
added 2021/07/31 9:51 p.m.13 views

Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager

✍️ Description Attacker able to change users password if users visit attacker site. 🕵️‍♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check that password changed to admin0 // PoC.html history.pushState'', '', '/' document.forms0.submit; 💥 Impact This vulnerability is...

2.5AI score
Exploits0
Huntr
Huntr
added 2021/07/28 8:40 p.m.13 views

Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis

✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...

0.8AI score
Exploits0
Huntr
Huntr
added 2021/07/25 5:9 p.m.13 views

Cross-site Scripting (XSS) - Reflected in dolibarr/dolibarr

Description Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off of a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious...

0.5AI score
Exploits0
Huntr
Huntr
added 2021/07/22 6:13 p.m.13 views

in emoncms/dashboard

💥 BUG account takeover via host-header injection It allow attacker to change url of account-verification link and verify any email-address . 💥 STEP TO REPRODUCE 1. First as attacker create a account with email [email protected]. You dont own that email-address .\ You cant login untill you verify that...

0.8AI score
Exploits0
Huntr
Huntr
added 2021/07/22 6:7 p.m.13 views

Cross-Site Request Forgery (CSRF) in emoncms/dashboard

💥 BUG csrf bug to change email 💥 STEP TO REPRODUCE 1. First login into your account and open the link http://localhost/emoncms/user/changeemail.json?&email=admin%40localhost.combm and your email will be changed. 💥 IMPACT Any attacker can send those link to vicitm and when vicitm open the link the...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/07/21 7:36 p.m.13 views

in janeczku/calibre-web

✍️ Description The app does not expire the user's session after the logout. It is possible to continue using the session even when the user has logged out. 🕵️‍♂️ Proof of Concept 1. Login as a user at /login. 2. Select logout, intercepting and copying the user's cookie. 3. After this logout, send a...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/07/21 12:10 p.m.13 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to close a project 🕵️‍♂️ Proof of Concept Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when closing a project ....

1.1AI score
Exploits0
Huntr
Huntr
added 2021/07/21 11:40 a.m.13 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to validate inventory 🕵️‍♂️ Proof of Concept Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when validate inventory ....

1.6AI score
Exploits0
Huntr
Huntr
added 2021/07/21 11:12 a.m.13 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to delete customer price 🕵️‍♂️ Proof of Concept Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when delete customer price ....

1AI score
Exploits0
Huntr
Huntr
added 2021/07/20 2:52 a.m.13 views

Business Logic Errors in microweber/microweber

✍️ Description microweber is vulnerable to Business Logic error through negative product price. 🕵️‍♂️ Proof of Concept HTML content: HTML 1. Save the above content into an HTML file. 2. Access the app localhost and add a product to the cart. 3. Open the HTML file and click on submit button to take...

0.5AI score
Exploits0
Huntr
Huntr
added 2021/07/10 12:13 a.m.13 views

Use of a Broken or Risky Cryptographic Algorithm in mautic/mautic

✍️ Description The function mtrand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are...

0.2AI score
Exploits0References2
Huntr
Huntr
added 2021/07/09 4:15 p.m.13 views

Heap-based Buffer Overflow in squell/id3

✍️ Description Hello! We compiled id3 from commit 857ac8 with Clang-13 + ASan, and we discovered a crafted file which triggers a heap-buffer-overflow, WRITE of size 1. This and the previous bug were discovered with the help of honggfuzz. 🕵️‍♂️ Proof of Concept echo...

7AI score
Exploits0
Huntr
Huntr
added 2021/07/04 6:12 p.m.13 views

Cross-site Scripting (XSS) - Stored in munafio/chatify

✍️ Description A Laravel package helps you add a complete real-time messaging system to your new / existing application with only one command this package is vulnerable for xss 🕵️‍♂️ Proof of Concept 💥 Impact This vulnerability is capable of admin ac takeover...

1AI score
Exploits0
Huntr
Huntr
added 2021/07/04 1:27 a.m.13 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

✍️ Description In the repo online rental property manager where i found a stored xss which gets exploited on member profile view which is lead by group name. 🕵️‍♂️ Proof of Concept Video POC: https://drive.google.com/file/d/1oQUZmQfFwaiRUkGYVkJoXxedeSENDbwQ/view?usp=sharing Steps to reproduce: 1...

6.6AI score
Exploits0
Huntr
Huntr
added 2021/07/03 3:30 p.m.13 views

in beestat/app

✍️ Description The random number generator implemented by mtrand cannot withstand a cryptographic attack. In this case the function that generates weak random numbers is mtrand in user.php at line 58. 🕵️‍♂️ Proof of Concept Vulnerable Code / Create an anonymous user so we can log in and have access...

0.8AI score
Exploits0References1
Huntr
Huntr
added 2021/07/03 12:24 p.m.13 views

Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager

✍️ Description The app/admin/pageDeleteGroup.php?groupID= does not have a CSRF protection. This could be used by attackers to trick the admin to delete a group from their system. 🕵️‍♂️ Proof of Concept /online-rental-property-manager-6.8/app/admin/pageDeleteGroup.php?groupID=6"Click Here ! When an...

2.1AI score
Exploits0References1
Huntr
Huntr
added 2021/07/02 6:53 p.m.13 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

💥 BUG xss via groupname 💥 VERSION TESTED latest version as of 1/7/21 💥 IMPACT xss allow to execute arbitary javascript in vicitm account 💥 STEP TO REPRODUCE 1. first goto http://localhost/online-invoice2/app/admin/pageEditGroup.php and add a new group and put bellow xss payload in group-name....

1AI score
Exploits0
Huntr
Huntr
added 2021/06/27 2:30 p.m.13 views

Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system

✍️ Description The app/admin/pageDeleteGroup.php?groupID= does not have a CSRF protection. This could be used by attackers to trick the admin to delete a group from their invoice system. 🕵️‍♂️ Proof of Concept For this attack to work, a logged in admin, should visit the POC page...

1.6AI score
Exploits0References1
Total number of security vulnerabilities4072