Lucene search
K
HuntrMost viewed

4072 matches found

Huntr
Huntr
β€’added 2021/08/13 2:39 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in ampache/ampache

✍️ Description This is a stored XSS in the mp3 management library. πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. Edit meta data with Audacity: 2. Create a new playlist that contains this file. 3. Open "Album" menu: πŸ’₯ Impact By uploading an mp3 with javascript code into meta tag could permit an attacker to execute...

1.1AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/09 10:1 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in microweber/microweber

✍️ Description Attacker able to delete all file forever from trash if knows the id parameter value of all files that exist in trash with CSRF attack. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Here after running PoC.html on Firefox or Safari and click on submit button also can be auto-submit you will see that the file...

1.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/05 3:11 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in tsolucio/corebos

✍️ Description Attacker able to change password with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP...

1AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/04 3:43 p.m.β€’11 views

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

✍️ Description Attacker is able to logout a user if a logged in user visits attacker website. πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check unintentionally you loged out history.pushState'', '', '/' document.forms0.submit; πŸ’₯ Impact This vulnerability...

0.9AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/04 3:38 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

✍️ Description Attacker is able to disable a user notification if a logged in user visits attacker website. πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check your notification is disabled history.pushState'', '', '/' document.forms0.submit; πŸ’₯ Impact This...

1.3AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/04 7:35 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system

✍️ Description csrf bug to create a backup πŸ•΅οΈβ€β™‚οΈ Proof of Concept Bellow request vulnerable to csrf bug which allow to create database backup GET /online-invoice/app/admin/pageBackupRestore.php?action=createbackup HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:90.0...

0.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/04 6:29 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system

πŸ’₯ BUG CSRF bug to ban a member πŸ’₯ IMPACT csrf bug allow to ban any user πŸ’₯ STEP TO REPRODUCE 1. First goto http://localhost/online-invoice/app/admin/pageViewMembers.php and lets assume there present a member with username test.\ Now any user send link...

1.4AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/30 5:36 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in sergix44/xbackbone

✍️ Description following endpoint vulnerable to CSRF: /omeka/user/2/delete Also there is not any different that you run The application in localhost or some real hosts, this is enough to login with a browser that used the browser for online web surfacing too. πŸ•΅οΈβ€β™‚οΈ Proof of Concept // PoC.html...

0.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/30 2:14 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in microweber/microweber

✍️ Description Attacker able to delete any Product in My shop section if attacker knows the ids parameter value. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Here after running PoC.html on Firefox or Safari and click on submit button also can be auto-submit you will see that the Product with id 9 has been deleted...

1.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/30 9:46 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in babybuddy/babybuddy

✍️ Description You don't check CSRF token in following endpoint /timers/1/restart/ with PoC.html attacker able to reset timer with id equal to 1. πŸ•΅οΈβ€β™‚οΈ Proof of Concept // PoC.html history.pushState'', '', '/' πŸ’₯ Impact This vulnerability is capable of reset any timer...

2.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/30 9:44 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in babybuddy/babybuddy

✍️ Description You don't check CSRF token in following endpoint /timers/1/stop/ with PoC.html attacker able to stop timer with id equal to 1. πŸ•΅οΈβ€β™‚οΈ Proof of Concept // PoC.html history.pushState'', '', '/' πŸ’₯ Impact This vulnerability is capable of stop any timer...

2.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/28 8:40 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis

✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...

0.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/28 8:40 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis

✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...

0.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/28 5:7 a.m.β€’10 views

in pimcore/pimcore

1Go to https://demo.pimcore.fun/en/account/register 2Enter the username and password 3Choose the password as 'a' and the account will be created...

0.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/24 8:43 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in ampache/ampache

✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...

1.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/24 8:29 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in ampache/ampache

✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...

0.6AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/23 1:51 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in kestasjk/webdiplomacy

✍️ Description CSRF bug when contacting team πŸ•΅οΈβ€β™‚οΈ Proof of Concept no csrf token contact .\ Bellow request is vulnerable to csrf attack POST /contactUsDirect.php HTTP/1.1 Host: webdiplomacy.net User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:88.0 Gecko/20100101 Firefox/88.0 Accept:...

0.4AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/23 10:31 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in kestasjk/webdiplomacy

✍️ Description csrf bug to change user profile πŸ•΅οΈβ€β™‚οΈ Proof of Concept I see there no csrf token checking when updating user-profile save bellow html code in html file and host this file . Now sent this file link to vicitm when victim open the link then his profile information will be changed...

0.6AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/21 11:23 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to delete product variants πŸ•΅οΈβ€β™‚οΈ Proof of Concept Here it does not check token parameter for csrf .You can remove token paramater from url. bellow request is vulnerable to csrf attack when delete product variants ....

1.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/21 10:21 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description CSRF bug to remove linked file πŸ•΅οΈβ€β™‚οΈ Proof of Concept bellow request is vulnerable to csrf attack when removing linked file.\ https://demo.dolibarr.org/expensereport/card.php?id=202&action=removefile&file=%28PROV202%29%2F%28PROV202%29.pdf&entity=1 πŸ’₯ Impact csrf attack...

1.6AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/21 8:32 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description In Bank section the Bank | Cash part, you protect List entities to delete with CSRF attacks but if I set CSRF token to nothings then I able to delete arbitrary List entities only with knowing their ids. πŸ•΅οΈβ€β™‚οΈ Proof of Concept // PoC.html history.pushState'', '', '/' input...

2.9AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/20 3:4 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in microweber/microweber

✍️ Description microweber is vulnerable to Cross-site request forgery. The app is not checking the CSRF token when adding new products to the cart. πŸ•΅οΈβ€β™‚οΈ Proof of Concept HTML content: HTML setTimeout = form.submit; , 2000; 1. Save the above content into an HTML file. 2. Open the file on the...

0.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/19 11:9 a.m.β€’10 views

Cross-site Scripting (XSS) - Reflected in alovoa/alovoa

✍️ Description xss bug πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. Open url https://alovoa.com/profile?lang=es%22%3E%3Cscript%3Ealert1%3C/script%3E and see xss is executed .\ My previous xss and this xss has different attacking endpoint and thats why i submitted two report πŸ’₯ Impact xss...

0.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/18 6:52 p.m.β€’10 views

in cortezaproject/corteza-server

Passwords shorter than 8 characters are considered to be weak NIST SP800-63B. Maximum password length should not be set too low, as it will prevent users from creating passphrases. ... It is important to set a maximum password length to prevent long password Denial of Service attacks. STEPS FOR...

0.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/18 9:9 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in dolibarr/dolibarr

✍️ Description In this directory "https://demo.dolibarr.org/ecm/index.php?mainmenu=ecm&leftmenu=ecm&idmenu=167162" The attacker Can Perform a CSRF attack to Remove any folders. In this Directory application take a parameter named "token" and I set "token" parameter value to nothings like...

1.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/17 12:45 a.m.β€’10 views

Cross-Site Request Forgery (CSRF) in seriawei/zkeacms

✍️ Description ZKEACMS is vulnerable to Cross-site request forgery. The app has no mechanism against CSRF in all HTTP requests. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Sample: Add products to the shopping cart. HTML content: HTML setTimeout = form.submit , 2000; 1. Save the above content into an HTML file. 2. With...

1AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/15 7:20 p.m.β€’10 views

in emoncms/emoncms

✍️ Description In CSRF attack if attacker able to change the victim email then attacker can change email to own email and get password from password reset section and then the account take over happen here. πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1.you login in your account 2.you make a file contain the following...

0.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/15 7:5 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in emoncms/emoncms

✍️ Description In CSRF attack if your users going to attacker website and click the mallicouse link then they able to steal users cookie, submit unwanted date, .... πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1.you login in your account 2.you make a file contain the following html file. 3.open html as victim site...

0.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/05 2:29 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in leantime/leantime

✍️ Description Stored xss bug using a xss payload in the Milestone Title when adding a new milestone πŸ•΅οΈβ€β™‚οΈ Proof of Concept Goto http://localhost/tickets/roadmap and click on add Milestone and copy paste the following xss payload javascript " Click on safe and see the xss popup with the cookie. πŸ’₯...

7AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/05 6:27 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

✍️ Description I found a stored XSS in your project which is lead by adding anonymous group name. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Steps to reproduce: 1. Create a group. 2. Enter group"' in the group name. 3. Save and visit view groups. 4. Click on Anonymous group you just created. πŸ’₯ Impact This...

0.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/04 2:14 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

✍️ Description In the repo online invoicing system i found a stored xss which gets exploited on unpaid invoice view which is lead by client name. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Video POC: https://drive.google.com/file/d/1emTPPkSgGXM6XllelCrsdTYhhXMGCGb/view?usp=sharing Steps to reproduce: 1. Add a client...

0.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/03 9:23 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

✍️ Description stored xss via residenceandrentalhistoryview πŸ•΅οΈβ€β™‚οΈ Proof of Concept check this 1 minute video to reproduce the bug https://drive.google.com/file/d/1BdPQ-89AXURe8wCGAlwuz8wL1Xge0cmJ/view?usp=sharing...

0.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/03 9:6 a.m.β€’10 views

in bigprof-software/online-rental-property-manager

πŸ’₯ BUG privilege escalation bug to add employmentandincomehistory to a applicant . πŸ’₯ IMPACT unprivileged user can add employmentandincomehistory to a applicant πŸ’₯ STEP TO REPRODUCE 1. From admin account goto http://localhost/online-rental/app/admin/pageViewMembers.php and add new user called user-B...

0.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/03 2:36 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

✍️ Description Stored xss in membership profile. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Steps to Reproduce: 1. Create a member account. 2. Login into the member account. 3. Enter the s"' payload in the city field. 4. Update the profile and You will see an alert. πŸ’₯ Impact This vulnerability is capable of Stored xss...

1.4AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/03 1:59 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

✍️ Description Stored xss in profile City field.\ There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the State name field as tested on the latest release. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user...

0.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/03 1:39 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

πŸ’₯ BUG Stored xss via group name πŸ’₯ TESTED VERSION latest version as of 01/07/21 πŸ’₯ STEP TO REPRODUCE 1. create a group with bellow xss payload in name.\ group1"'.\ 2. Now add a new user called user-B to the above group .\ 3. Finally visit...

1.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/03 1:23 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager

πŸ’₯ BUG xss via landlord comment πŸ’₯ VERSION TESTED latest version as of 1/7/21 πŸ’₯ IMPACT xss allow to execute arbitary javascript in vicitm account πŸ’₯ STEP TO REPRODUCE 1. first goto http://localhost/online-rental/app/rentalownersview.php and add a new landlord .\ During creation put bellow xss payloa...

2.6AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/02 7:8 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

πŸ’₯ BUG xss via groupname in item πŸ’₯ VERSION TESTED latest version as of 1/7/21 πŸ’₯ IMPACT xss allow to execute arbitary javascript in vicitm account πŸ’₯ STEP TO REPRODUCE 1. first goto http://localhost/online-invoice2/app/admin/pageEditGroup.php and add a new group and put bellow xss payload in...

2AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/02 6:37 p.m.β€’10 views

Improper Privilege Management in bigprof-software/online-invoicing-system

πŸ’₯ BUG privilege escalation bug to add item to a price-history πŸ’₯ IMPACT unprivileged user can add item to a price-history πŸ’₯ STEP TO REPRODUCE 1. From admin account goto http://localhost/online-invoice2/app/admin/pageViewMembers.php and add new user called user-B .\ Now revoke all acccess from item...

0.9AI score
Exploits0
Huntr
Huntr
β€’added 2021/07/02 12:44 p.m.β€’10 views

in projectsend/projectsend

πŸ’₯ BUG privilege escalation bug to update admin email-address and company name etc . πŸ’₯ IMPACT unprivileged user can update admin email-address and company name etc πŸ’₯ STEP TO REPRODUCE 1. From admin account goto http://localhost/projectsend2/users.php and add new user called user-B with uploader...

Exploits0
Huntr
Huntr
β€’added 2021/07/02 1:7 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

✍️ Description There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the City field as tested on the latest release. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user account. 3. Enter the s"' payload in the City...

1AI score
Exploits0
Huntr
Huntr
β€’added 2021/06/30 12:34 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in combodo/itop

πŸ’₯ BUG stored xss via file upload πŸ’₯ STEP TO REPRODUCE here in this case i uploaded a html file with xss payload inside.\ Plz check this 1 minute video to reproduce https://drive.google.com/file/d/1xKqYFgrsFUfp9Ufe4XiATQcAL-Q6Mr9G/view?usp=sharing πŸ’₯ Impact I see there is many different type of role...

7AI score
Exploits0
Huntr
Huntr
β€’added 2021/06/30 9:11 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system

✍️ Description There is a Stored XSS in the online invoicing system which could be exploited by any user who has permission to add a client. when a comment is added during the creation of a client by the user then due to improper sanitization XSS payload gets triggered. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Video...

0.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/06/30 7:4 a.m.β€’10 views

Cross-site Scripting (XSS) - Reflected in falconchristmas/fpp

✍️ Description Reflected XSS in ping.php as IP parameter is not sanitized. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Vulnerable Code: Ping Payload: Ping alert1 ? πŸ’₯ Impact This vulnerability is capable of reflected XSS...

1.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/06/26 5:42 a.m.β€’10 views

in beestat/app

✍️ Description The random number generator implemented by mtrand on session keys is not suitable for cryptographic purposes generation of tokens, passwords, or cryptographic keys either. mtrand function that produces predictable values is utilized as a source of randomness in a security-sensitive...

0.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/06/23 8:41 a.m.β€’10 views

Stack-based Buffer Overflow in rup0rt/pcapfix

Description A stack over flow was found in pcapfix in function fixpcappackets in pcap.c at line 550 The root cause seem at line 458 , there is an int overflow if filesize-pos-sizeofpackethdr is negative. Test version : 1.1.6 2fe168e Test env: gcc 9.3.0 ubuntu 20.04 x86-64 Proof of Concept...

Exploits0References1
Huntr
Huntr
β€’added 2021/06/20 4:26 p.m.β€’10 views

in phpservermon/phpservermon

✍️ Description Insecure randomness errors occur when a function that can produce predictable values is used as a source of randomness in security-sensitive context. This code uses the rand function to generate "unique" identifiers for the receipt pages it generates. In this case the function that...

1.5AI score
Exploits0References2
Huntr
Huntr
β€’added 2021/06/20 4:0 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in erudika/scoold

✍️ Description The /voteup/question/ endpoint does not have a CSRF protection. This could be exploited by an attacker to manipulate votes in a question. πŸ•΅οΈβ€β™‚οΈ Proof of Concept An attacker creates the following web page and sends a link to a logged in user. // PoC.html Click Here When an...

2.9AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/06/12 7:10 a.m.β€’10 views

Server-Side Request Forgery (SSRF) in frenchbread/private-ip

✍️ Description private-ip is an npm module that is used to check if the IP address is private or not for preventing SSRF attacks. It has nearly 11k+ weekly downloads on npmjs. However, I discovered that an attacker may simply get around this check by constructing a malicious IP. πŸ•΅οΈβ€β™‚οΈ Proof of...

1AI score
Exploits0
Huntr
Huntr
β€’added 2021/06/09 5:26 p.m.β€’10 views

Command Injection in sofianehamlaoui/lockdoor-framework

✍️ Description Unsanitized user input leads to command injection in Nasnum function input in the infogathering.py script. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Payload: ;id πŸ’₯ Impact command run as root. So an attacker could do potential damage to the machine...

3AI score
Exploits0
Total number of security vulnerabilities4072