Lucene search
K
HuntrMost viewed

4072 matches found

Huntr
Huntr
added 2021/09/24 5:35 a.m.8 views

in aces/loris

Description It is possible to perform a clickjacking attack due to the lack of frame restrictions such as X-Frame-Options: DENY Proof of Concept Tested :: https://demo.loris.ca/ https://drive.google.com/file/d/1oSi2JpYnPjjoL6QvhFnsHcTD94KMzKBj/view?usp=sharing Impact Clickjacking is an...

Exploits0References1
Huntr
Huntr
added 2021/09/24 1:58 a.m.8 views

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

Description CSRF in flushing peer Proof of Concept 1. Login stafff/admin account 2. Access this link https://unit3d.site/dashboard/flush/peers 3. See that the peers has been flushed. Impact This vulnerability is capable of flushing peers...

1.3AI score
Exploits0
Huntr
Huntr
added 2021/09/18 7:34 p.m.8 views

Cross-site Scripting (XSS) - Reflected in zikula/core

Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites Proof of Concept // PoC Request: POST /permissions/test HTTP/1.1 Host: demo.ziku.la Cookie: zsid=qk60gkn4dmhgrjc6io2kt3dij4 User-Agent:...

6.1AI score
Exploits0
Huntr
Huntr
added 2021/09/17 5:8 a.m.8 views

Cross-site Scripting (XSS) - Stored in zoujingli/thinkadmin

Description Stored XSS Content allows for the arbitrary execution of JavaScript Proof of Concept In Wechat management at feature - Reply rule management - Follow reply configuration - Default reply configuration - Follow automatic replies Save Reply text with payload : \x3csVg/\x3e XSS will trigg...

2.1AI score
Exploits0
Huntr
Huntr
added 2021/09/16 5:4 p.m.8 views

Inefficient Regular Expression Complexity in chocobozzz/peertube

Description Hello Again dear Peertube team. I found inefficient regular expression in that have a Polynomial execution time that can be lead to ReDoS attacks and it is better to replace it with another regex or Use google re2 regex engine for server sides code. Proof of Concept I create two...

0.2AI score
Exploits0
Huntr
Huntr
added 2021/09/15 8:54 a.m.8 views

in zoujingli/thinkadmin

Description upload file to any path Proof of Concept User can upload file to any path by path-traversal POST /admin/api.upload/file.html HTTP/2 Host: v6.thinkadmin.top Cookie: lang=zh-cn; PHPSESSID=88a2945fb139bb74f87137d2144709ab; limit=20 Content-Length: 14170 Sec-Ch-Ua: "Google Chrome";v="93",...

7.1AI score
Exploits0
Huntr
Huntr
added 2021/09/15 4:37 a.m.8 views

Cross-site Scripting (XSS) - Stored in zoujingli/thinkadmin

Description Stored xss Proof of Concept Plz check this 1 minute video to reproduce the bug https://drive.google.com/file/d/1hyN4X9gIgQJH2B5QEFhkniGt78sIw1iF/view?usp=sharing Impact Xss allow to arbitary javascript code execution...

1AI score
Exploits0
Huntr
Huntr
added 2021/09/14 5:54 a.m.8 views

in sbrl/pepperminty-wiki

Unrestricted Upload of File with Dangerous Type allows javascript injection Uploaded files represent a significant risk to applications. The first step in many attacks is to get some code to the system to be attacked. Then the attack only needs to find a way to get the code executed. Using a file...

7AI score
Exploits0References2
Huntr
Huntr
added 2021/09/14 5:31 a.m.8 views

Cross-site Scripting (XSS) - Reflected in dmpop/mejiro

Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will execut...

5.3AI score
Exploits0References2
Huntr
Huntr
added 2021/09/13 10:2 a.m.8 views

Cross-Site Request Forgery (CSRF) in glpi-project/glpi

✍️ Description Hello dear glpi team I found one more CSRF vulnerability. 🕵️‍♂️ Proof of Concept 1.fisrt user already should be logged in In Firefox or safari. 2.Open the PoC.html and click on submit button Also it can be auto-submit 3.Here a Planning start and end times with itemsid 3will be...

0.4AI score
Exploits0
Huntr
Huntr
added 2021/09/13 7:1 a.m.8 views

Cross-Site Request Forgery (CSRF) in e107inc/e107

✍️ Description Attacker or malicious user is able to change emoticons activation status if a logged in user visits attacker website. 🕵️‍♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check unintentionally emoticons deactivated //POC.html history.pushState'', '',...

2.1AI score
Exploits0References1
Huntr
Huntr
added 2021/09/12 11:24 p.m.8 views

Cross-Site Request Forgery (CSRF) in justingit/dada-mail

✍️ Description Attacker able to delete any Profile filed with CSRF attack. In CSRF attacks it is necessary that a user logged into your application and just going to a malicious website and after that only with a redirection attacker can perform attack on unprotected endpoint, this means only with...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/09/12 11:22 p.m.8 views

Cross-Site Request Forgery (CSRF) in justingit/dada-mail

✍️ Description Attacker able to Change List Password with CSRF attack. In CSRF attacks it is necessary that a user logged into your application and just going to a malicious website and after that only with a redirection attacker can perform attack on unprotected endpoint, this means only with...

1AI score
Exploits0
Huntr
Huntr
added 2021/09/12 9:56 p.m.8 views

OS Command Injection in zacanger/is-program-installed

✍️ Description There is "OS Command Injection" vulnerability on "is-program-installed" npm package. This package tries to understand the given parameter name program or binary name is installed in the computer or not. However, since this package does not properly control the characters in the...

2.3AI score
Exploits0
Huntr
Huntr
added 2021/09/11 10:15 p.m.8 views

Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb

✍️ Description Hello dear Rdiffweb team. I found a CSRF vulnerability on following endpoint that attackers able to change the email of a user with PoC.html 🕵️‍♂️ Proof of Concept 1. user with right privileges should be logged in Firefox or Safari. 2. Users go to a website that contain PoC.html...

0.8AI score
Exploits0
Huntr
Huntr
added 2021/09/11 10:14 p.m.8 views

Cross-Site Request Forgery (CSRF) in ikus060/rdiffweb

✍️ Description Hello dear Rdiffweb team. I found a CSRF vulnerability on following endpoint that attackers able to Create users with PoC.html 🕵️‍♂️ Proof of Concept 1. User with right privileges should be logged in Firefox or Safari. 2. Users go to a website that contain PoC.html 3.after visiting...

0.8AI score
Exploits0
Huntr
Huntr
added 2021/09/11 5:21 a.m.8 views

Inefficient Regular Expression Complexity in terkelg/prompts

✍️ Description The prompts package is vulnerable to ReDoS regular expression denial of service. An attacker that is able to provide a crafted input to the strip functionality may cause an application to consume an excessive amount of CPU. Below pinned line using vulnerable regex. The ReDOS is...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/09/06 6:6 a.m.8 views

Cross-site Scripting (XSS) - Stored in btcpayserver/btcpayserver

✍️ Description Accept Bitcoin payments. Free, open-source & self-hosted, Bitcoin payment processor this package is vulnerable for xss 🕵️‍♂️ Proof of Concept 💥 Impact This vulnerability is capable of stored XSS...

1.8AI score
Exploits0
Huntr
Huntr
added 2021/09/04 9:26 a.m.8 views

Cross-Site Request Forgery (CSRF) in imran300/inventory

✍️ Description You didn't set any CSRF protection for deactivating a user. 🕵️‍♂️ Proof of Concept // PoC.html history.pushState'', '', '/' document.forms0.submit; After that admin open the PoC.html file the user with id 7 will be deactivated. 💥 Impact This vulnerability is capable of deactivate any...

2.1AI score
Exploits0
Huntr
Huntr
added 2021/09/02 11:38 a.m.8 views

Inefficient Regular Expression Complexity in x-neuron/antdfront

✍️ Description A ReDoS regular expression denial of service flaw was found in the antdFront package. An attacker that is able to provide crafted input to the isUrlinput function may cause an application to consume an excessive amount of CPU. 🕵️‍♂️ Proof of Concept Create the following poc.mjs //...

1.4AI score
Exploits0
Huntr
Huntr
added 2021/08/31 3:3 p.m.8 views

in pimcore/pimcore

✍️ Description It is possible to enumerate usernames via the forgot password functionality 🕵️‍♂️ Proof of Concept When entering an username that is not registered in the application the response reads "User unknown". The following curl command demonstrates this: curl -i -s -k -X $'POST' \ -H...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/08/28 3:56 p.m.8 views

SQL Injection in phili67/ecclesiacrm

✍️ Description SQL Injection SQLi found in search section for http://YOURIP/ecclesiacrm/v2/people/list/person. A SQL Injection allows an attacker to run SQL command remotely and can extract information such as password, usernames and other sensitive data. This SQLi is a blind SQLi and doesn't...

Exploits0References2
Huntr
Huntr
added 2021/08/28 10:41 a.m.8 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to rename any file with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.6AI score
Exploits0
Huntr
Huntr
added 2021/08/27 2:55 p.m.8 views

Cross-Site Request Forgery (CSRF) in aimeos/ai-client-html

✍️ Description Attacker able to pin any product in favorites with CSRF attack. In CSRF attacks it is necessary that a user logged into your application and just going to a malicious website and after that only with a redirection attacker can perform attack on unprotected endpoint, this means only...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/08/27 3:25 a.m.8 views

Path Traversal in os4ed/opensis-classic

✍️ Description The ajax.php modname parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. 🕵️‍♂️ Proof of Concept // Ajax.php GET /Ajax.php?modname=../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 302 Found Location: index.php...

2.4AI score
Exploits0
Huntr
Huntr
added 2021/08/26 2:50 a.m.8 views

SQL Injection in opensourcepos/opensourcepos

✍️ Description The Application is vulnerable to blind SQL Injection 🕵️‍♂️ Proof of Concept URL: https://dev.opensourcepos.org/suppliers/search?sort=1 Vulnerable Parameter: sort SQLMap POC --- Parameter: sort GET Type: boolean-based blind Title: Boolean-based blind - Parameter replace original value...

0.1AI score
Exploits0References1
Huntr
Huntr
added 2021/08/24 4:44 p.m.8 views

in circuitverse/circuitverse

✍️ Description no rate limit allow to send unlimited email to any mail address 🕵️‍♂️ Proof of Concept During forgot password there is no rate limit to send password-reset email which allow to send unlimited email to a mail address. bellow request is vulnerable to rate-limit bug POST /users/password...

7.3AI score
Exploits0
Huntr
Huntr
added 2021/08/23 11:33 a.m.8 views

Cross-site Scripting (XSS) - Reflected in znixbtw/panel-v2

✍️ Description Cross-Site Scripting XSS attacks are a type of injection, in which malicious scripts are injected into websites. An attacker can use XSS to send a malicious script to an unsuspecting user. The end user’s browser has no way to know that the script should not be trusted, and will...

5.2AI score
Exploits0References2
Huntr
Huntr
added 2021/08/19 2:8 p.m.8 views

Cross-site Scripting (XSS) - Stored in imran300/inventory

✍️ Description Stored xss bug using a xss payload in the product name when adding a new categorie in the product page. 🕵️‍♂️ Proof of Concept Goto http://localhost/inventory/index.php/Category/listcategory and click on add category and copy paste the following xss payload and paste it in the...

Exploits0
Huntr
Huntr
added 2021/08/17 8:25 p.m.8 views

Cross-Site Request Forgery (CSRF) in admidio/admidio

✍️ Description Attacker able to delete any Announcements with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/08/17 5:59 p.m.8 views

Cross-site Scripting (XSS) - Stored in leantime/leantime

✍️ Description Stored xss bug using a xss payload in the Retrospectives Title when adding a new retrospective 🕵️‍♂️ Proof of Concept Goto http://localhost/retrospectives/showBoards and click on add more and copy paste the following xss payload in the title javascript " Click on safe and see the xss...

7.1AI score
Exploits0
Huntr
Huntr
added 2021/08/17 3:14 p.m.8 views

Cross-Site Request Forgery (CSRF) in aces/loris

✍️ Description Attacker able to create any Category with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attack...

1.4AI score
Exploits0
Huntr
Huntr
added 2021/08/17 3:3 p.m.8 views

Cross-Site Request Forgery (CSRF) in aces/loris

✍️ Description Attacker able to upload any document with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attack...

0.9AI score
Exploits0
Huntr
Huntr
added 2021/08/15 11:15 a.m.8 views

Cross-site Scripting (XSS) - Stored in aces/loris

✍️ Description Cross-site scripting also known as XSS is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application. Cross-site scripting vulnerabilities normally allow an attacker to masquerade as a victim user, to carry out...

0.2AI score
Exploits0References1
Huntr
Huntr
added 2021/08/12 4:34 a.m.8 views

Open Redirect in slackero/phpwcms

✍️ Description Session hijacking via open redirection 🕵️‍♂️ Proof of Concept Steps to reproduce 1. Go to http://your-domain.tld/login.php?ref=http://attackers-domain.tld/? 2. Login to a valid account 3. You will be redirected to...

1.3AI score
Exploits0
Huntr
Huntr
added 2021/08/05 3:13 p.m.8 views

Cross-Site Request Forgery (CSRF) in tsolucio/corebos

✍️ Description Attacker able to delete any Message with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the I...

1.5AI score
Exploits0
Huntr
Huntr
added 2021/08/05 3:12 p.m.8 views

Cross-Site Request Forgery (CSRF) in tsolucio/corebos

✍️ Description Attacker able to delete any Organization with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know...

1.4AI score
Exploits0
Huntr
Huntr
added 2021/08/05 1:13 a.m.8 views

Cross-site Scripting (XSS) - Reflected in forkcms/forkcms

✍️ Description The forkcms is vulnerable to XSS through settings translation 🕵️‍♂️ Proof of Concept 1. Go to https://demo.fork-cms.com/private/en/locale 2. In search box named "Reference code" input " 3. XSS payload will be executed 💥 Impact An attacker can execute JavaScript code in the website...

0.2AI score
Exploits0
Huntr
Huntr
added 2021/08/04 3:45 p.m.8 views

Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition

✍️ Description Attacker is able to change a user profile state to private if a logged in user visits attacker website. 🕵️‍♂️ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check your profile state changed form public to private history.pushState'', '', '/'...

0.5AI score
Exploits0
Huntr
Huntr
added 2021/08/04 9:55 a.m.8 views

Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin

✍️ Description Attacker able to delete any menu with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

0.9AI score
Exploits0
Huntr
Huntr
added 2021/08/04 9:54 a.m.8 views

Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin

✍️ Description Attacker able to delete any rule with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.1AI score
Exploits0
Huntr
Huntr
added 2021/08/04 9:54 a.m.8 views

Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin

✍️ Description Attacker able to upload any picture with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/08/04 9:54 a.m.8 views

Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin

✍️ Description Attacker able to delete any admin with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks i...

1.2AI score
Exploits0
Huntr
Huntr
added 2021/08/04 7:38 a.m.8 views

Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager

✍️ Description csrf bug to delete a backup 🕵️‍♂️ Proof of Concept Bellow request vulnerable to csrf bug which allow to delete database backup GET /online-rental-property-manager/app/admin/pageBackupRestore.php?action=delete&md5hash=eea01b37c4b7422a4 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0...

7AI score
Exploits0
Huntr
Huntr
added 2021/08/04 6:55 a.m.8 views

Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager

✍️ Description CSRF bug in application 🕵️‍♂️ Proof of Concept Bellow request is vulnerable to csrf attack .\ Although there is csrf token in request but it does not checked in server-side . Any attacker provided csrf token is accepted here. POST /online-rental/app/applicationsleasesview.php...

6.9AI score
Exploits0
Huntr
Huntr
added 2021/08/04 6:48 a.m.8 views

Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager

✍️ Description CSRF bug to add property 🕵️‍♂️ Proof of Concept Bellow request is vulnerable to csrf attack .\ Although there is csrf token in request but it does not checked in server-side . Any attacker provided csrf token is accepted here. POST /online-rental/app/propertiesview.php HTTP/1.1 Host:...

0.2AI score
Exploits0
Huntr
Huntr
added 2021/08/02 11:26 a.m.8 views

Cross-Site Request Forgery (CSRF) in alanaktion/phproject

✍️ Description Attacker able to close any issue with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.9AI score
Exploits0
Huntr
Huntr
added 2021/07/31 9:51 p.m.8 views

Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager

✍️ Description Attacker able to create any Document management if users visit attacker site. 🕵️‍♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check Document management with aaa name have been created. // PoC.html history.pushState'', '', '/' document.forms0.submit; 💥...

3.1AI score
Exploits0
Huntr
Huntr
added 2021/07/31 2:4 p.m.8 views

in amirsanni/mini-inventory-and-sales-management-system

💥 BUG unprivileged user can delete item 💥 STEP TO REPDOUCE 1. From admin account goto https://1410inc.xyz/mini-inventory-and-sales-management-system/administrators and add new user callled user-B with basic role .\ 2. Now goto user-B account and here user-B cant see any item.\ Now user-B execute...

0.2AI score
Exploits0
Huntr
Huntr
added 2021/07/30 5:35 p.m.8 views

Cross-Site Request Forgery (CSRF) in sergix44/xbackbone

✍️ Description following endpoint vulnerable to CSRF: /omeka/system/recalculateUserQuota Also there is not any different that you run The application in localhost or some real hosts, this is enough to login with a browser that used the browser for online web surfacing too. 🕵️‍♂️ Proof of Concept //...

1.4AI score
Exploits0
Total number of security vulnerabilities4072