Lucene search
K

4072 matches found

Huntr
Huntr
β€’added 2021/08/29 9:12 a.m.β€’17 views

in zmister2016/mrdoc

✍️ Description online document system developed based on python. It is suitable for individuals and small teams to manage documents, wiki, knowledge and notes. like gitbook this package is vulnerable for RCE due to Yaml.load in import function πŸ•΅οΈβ€β™‚οΈ Proof of Concept Uploaded ZIp : Payload.yaml :...

6.8CVSS1.3AI score0.00824EPSS
Exploits1
Huntr
Huntr
β€’added 2021/08/28 11:3 p.m.β€’13 views

Cross-site Scripting (XSS) - Stored in namelessmc/nameless

✍️ Description Stored XSS in google analytics. πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. goto 'http://localhost/Nameless/index.php?route=/panel/core/seo/' logged in as admin. 2. enter "G-XXXXXXXX'; javascript:alert1; alert1; instead will cause any admin who visits the SEO page to have the java script activated on...

1.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/28 3:56 p.m.β€’8 views

SQL Injection in phili67/ecclesiacrm

✍️ Description SQL Injection SQLi found in search section for http://YOURIP/ecclesiacrm/v2/people/list/person. A SQL Injection allows an attacker to run SQL command remotely and can extract information such as password, usernames and other sensitive data. This SQLi is a blind SQLi and doesn't...

Exploits0References2
Huntr
Huntr
β€’added 2021/08/28 10:41 a.m.β€’8 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to rename any file with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.6AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/28 10:41 a.m.β€’9 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to rename any disktag with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks...

1.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/28 10:36 a.m.β€’11 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to make copy of any disk with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

1.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/28 10:34 a.m.β€’13 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to delete any disk with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

1.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/28 10:32 a.m.β€’7 views

Cross-Site Request Forgery (CSRF) in qkqpttgf/onemanager-php

✍️ Description Attacker able to delete any folder with CSRF attack history.pushState'', '', '/' As you can see there is no CSRF token...

2AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/28 5:47 a.m.β€’14 views

Path Traversal in os4ed/opensis-classic

✍️ Description The module.php modname parameter in OpenSIS 8.0 is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.; πŸ•΅οΈβ€β™‚οΈ Proof of Concept // Modules.php GET /Modules.php?modname=../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 302...

2.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/27 2:55 p.m.β€’8 views

Cross-Site Request Forgery (CSRF) in aimeos/ai-client-html

✍️ Description Attacker able to pin any product in favorites with CSRF attack. In CSRF attacks it is necessary that a user logged into your application and just going to a malicious website and after that only with a redirection attacker can perform attack on unprotected endpoint, this means only...

1.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/27 2:54 p.m.β€’6 views

Cross-Site Request Forgery (CSRF) in aimeos/ai-client-html

✍️ Description Attacker able to add any product in favorites with CSRF attack. In CSRF attacks it is necessary that a user logged into your application and just going to a malicious website and after that only with a redirection attacker can perform attack on unprotected endpoint, this means only...

1.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/27 2:4 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in pimcore/pimcore

✍️ Description pimcore is a Open Source Data & Experience Management Platform PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce this package is vulnerable for Stored XSS thru SEO menu πŸ•΅οΈβ€β™‚οΈ Proof of Concept πŸ’₯ Impact This vulnerability is capable of...

1.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/27 1:58 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in pimcore/pimcore

✍️ Description pimcore is a Open Source Data & Experience Management Platform PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce this package is vulnerable for Stored XSS thru adding customer πŸ•΅οΈβ€β™‚οΈ Proof of Concept πŸ’₯ Impact This vulnerability is capable of XSS...

1.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/27 8:28 a.m.β€’10 views

Cross-site Scripting (XSS) - Stored in yogeshojha/rengine

✍️ Description When a XSS payload is used as the name of a gf pattern, it executes. πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. Name a file .json 2. Import the file as a gf pattern at https://127.0.0.1/scanEngine/toolsettings 3. Click on the uploaded gf pattern. πŸ’₯ Impact The impact is same as any other Stored XSS...

0.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/27 6:38 a.m.β€’9 views

Cross-site Scripting (XSS) - Reflected in azuracast/azuracast

✍️ Description The Application is Vulnerable to reflected HTML Injection πŸ•΅οΈβ€β™‚οΈ Proof of Concept Open the following page in the browser as admin. The page is vulnerable to HTML Injection...

1.4AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/27 6:25 a.m.β€’13 views

Cross-site Scripting (XSS) - Stored in pimcore/pimcore

✍️ Description pimcore is a Open Source Data & Experience Management Platform PIM, MDM, CDP, DAM, DXP/CMS & Digital Commerce this package is vulnerable for Stored XSS custom meta data πŸ•΅οΈβ€β™‚οΈ Proof of Concept πŸ’₯ Impact This vulnerability is capable of Stored XSS...

1.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/27 3:25 a.m.β€’8 views

Path Traversal in os4ed/opensis-classic

✍️ Description The ajax.php modname parameter is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server. πŸ•΅οΈβ€β™‚οΈ Proof of Concept // Ajax.php GET /Ajax.php?modname=../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1 302 Found Location: index.php...

2.4AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/26 3:28 p.m.β€’16 views

Cross-Site Request Forgery (CSRF) in azuracast/azuracast

✍️ Description Attacker able to enable any Streamer/DJ account section with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your...

1.8AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/26 2:40 p.m.β€’7 views

Open Redirect in openwhyd/openwhyd

✍️ Description There is an open redirect in the following URL: https://openwhyd.org/consent?redirect=https://mdakh404.github.io after the user agrees on the site policy, it will be redirected to my blog ! it's an open redirect. πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1- Open the link:...

6.9AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 12:9 p.m.β€’34 views

Inefficient Regular Expression Complexity in ramda/ramda

✍️ Description A ReDoS regular expression denial of service flaw was found in the ramda package. An attacker that is able to provide crafted input to the trim function may cause an application to consume an excessive amount of CPU. Similar attack ref: https://nvd.nist.gov/vuln/detail/CVE-2020-7753...

0.5AI score0.03732EPSS
Exploits1
Huntr
Huntr
β€’added 2021/08/26 9:12 a.m.β€’316 views

Inefficient Regular Expression Complexity in axios/axios

✍️ Description A ReDoS regular expression denial of service flaw was found in the axios package. An attacker that is able to provide crafted input to the trim function may cause an application to consume an excessive amount of CPU. Similar attack ref: https://nvd.nist.gov/vuln/detail/CVE-2020-7753...

7.8CVSS0.3AI score0.08515EPSS
Exploits3
Huntr
Huntr
β€’added 2021/08/26 3:59 a.m.β€’38 views

Sensitive Cookie Without 'HttpOnly' Flag in azuracast/azuracast

✍️ Description HTTPOnly attribute is not set for session cookies in the application. πŸ•΅οΈβ€β™‚οΈ Proof of Concept πŸ’₯ Impact When a cookie doesn’t have an HttpOnly flag, it can be accessed through JavaScript, which means that an XSS could lead to cookies being stolen. These include session cookies that can...

0.6AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 3:57 a.m.β€’45 views

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in azuracast/azuracast

✍️ Description The secure flag is not set for appsession cookie in the application. πŸ•΅οΈβ€β™‚οΈ Proof of Concept PoC Image: https://i.ibb.co/v1y0Fdv/cookie-flag.png πŸ’₯ Impact If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP...

0.4AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 3:2 a.m.β€’11 views

SQL Injection in opensourcepos/opensourcepos

✍️ Description The Application is vulnerable to blind SQL Injection πŸ•΅οΈβ€β™‚οΈ Proof of Concept URL: https://dev.opensourcepos.org/itemkits/search?sort=1 Vulnerable Parameter: sort SQLMap POC --- Parameter: sort GET Type: boolean-based blind Title: Boolean-based blind - Parameter replace original value...

0.2AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 3:1 a.m.β€’10 views

SQL Injection in opensourcepos/opensourcepos

✍️ Description The Application is vulnerable to blind SQL Injection πŸ•΅οΈβ€β™‚οΈ Proof of Concept URL: https://dev.opensourcepos.org/giftcards/search?sort=1 Vulnerable Parameter: sort SQLMap POC --- Parameter: sort GET Type: boolean-based blind Title: Boolean-based blind - Parameter replace original value...

0.2AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 3:1 a.m.β€’25 views

SQL Injection in opensourcepos/opensourcepos

✍️ Description The Application is vulnerable to blind SQL Injection πŸ•΅οΈβ€β™‚οΈ Proof of Concept URL: https://dev.opensourcepos.org/attributes/search?sort=1 Vulnerable Parameter: sort SQLMap POC --- Parameter: sort GET Type: boolean-based blind Title: Boolean-based blind - Parameter replace original...

0.2AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 2:50 a.m.β€’8 views

SQL Injection in opensourcepos/opensourcepos

✍️ Description The Application is vulnerable to blind SQL Injection πŸ•΅οΈβ€β™‚οΈ Proof of Concept URL: https://dev.opensourcepos.org/suppliers/search?sort=1 Vulnerable Parameter: sort SQLMap POC --- Parameter: sort GET Type: boolean-based blind Title: Boolean-based blind - Parameter replace original value...

0.1AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 2:29 a.m.β€’11 views

in opensourcepos/opensourcepos

✍️ Description It can be possible to perform a clickjacking attack due to the lack of frame restrictions. The application does not set the response header X-Frame-Options: DENY. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Image: https://i.ibb.co/cbtVcb1/clickjack.png πŸ’₯ Impact According to PortSwigger references, it is...

0.7AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/26 2:25 a.m.β€’11 views

in opensourcepos/opensourcepos

✍️ Description The giftcards/view/ POST request can be hijacked so that the information will be sent to another page, by modifying the login page URL. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Change the login page URL to https://mydomain.com/giftcards/view/anotherpagehere Then the form action in the webpage will be...

0.7AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/25 7:21 p.m.β€’13 views

Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

✍️ Description Stored xss via generalsettings πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. gotohttps://demo.livehelperchat.com/siteadmin/chatbox/configuration and update a General settings with xss payload xss"'' and save it . 2. now try to edit this Chatbox settings using url like...

0.1AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/25 6:0 p.m.β€’22 views

Cross-site Scripting (XSS) - Reflected in leantime/leantime

✍️ Description Cross-site scripting XSS vulnerabilities Line 9 of delCanvasItem.tpl.php sends unvalidated data to a web browser, which can result in the browser executing malicious code. πŸ•΅οΈβ€β™‚οΈ Proof of Concept /leancanvas/delCanvasItem/" πŸ’₯ Impact The attacker can: Perform any action within the...

3.3AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/25 1:9 p.m.β€’17 views

in froxlor/froxlor

✍️ Description The login form POST request can be hijacked so that the credentials will be sent to an external website, by modifying the login page URL. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Change the login page URL to https://mydomain.com/index.php/evilsite.com Then the form action in the webpage will be...

0.5AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/25 12:54 p.m.β€’55 views

Sensitive Cookie Without 'HttpOnly' Flag in froxlor/froxlor

✍️ Description HTTPOnly attribute is not set for session cookies in the application. πŸ•΅οΈβ€β™‚οΈ Proof of Concept πŸ’₯ Impact When a cookie doesn’t have an HttpOnly flag, it can be accessed through JavaScript, which means that an XSS could lead to cookies being stolen. These include session cookies that can...

0.6AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/25 12:53 p.m.β€’12 views

Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in froxlor/froxlor

✍️ Description The secure flag is not set for PHPSESSID session cookie in the application. πŸ•΅οΈβ€β™‚οΈ Proof of Concept πŸ’₯ Impact If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from...

0.3AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/25 12:25 p.m.β€’33 views

Cross-site Scripting (XSS) - Reflected in zoujingli/thinkadmin

✍️ Description The Application is Vulnerable to reflected XSS Attack. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Open the following page in the browser as admin. The 商品名称 field is vulnerable to reflected XSS. An alert box is displayed as PoC...

0.6AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/25 12:12 p.m.β€’13 views

in zoujingli/thinkadmin

✍️ Description The application implements a cross-origin resource sharing CORS policy for requests that allows access from any domain. πŸ•΅οΈβ€β™‚οΈ Proof of Concept Request GET /data/shop.goods/index.html HTTP/2 Host: testdomain11.com Cookie: lang=zh-cn; PHPSESSID=45780759c5ea6ae0be9cfc95fde04bc9...

0.4AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/25 11:57 a.m.β€’9 views

in zoujingli/thinkadmin

✍️ Description It can be possible to perform a clickjacking attack due to the lack of frame restrictions. The application does not set the response header X-Frame-Options: DENY. πŸ•΅οΈβ€β™‚οΈ Proof of Concept πŸ’₯ Impact According to PortSwigger references, it is possible for a page controlled by an attacker...

1.3AI score
Exploits0References1
Huntr
Huntr
β€’added 2021/08/24 10:43 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description Attacker able to disable any widget with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks...

1.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 10:40 p.m.β€’14 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description Attacker able to reset any profile banner with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

1.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 10:38 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description Attacker able to delete any reaction with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attack...

1.9AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 10:34 p.m.β€’6 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description Attacker able to leave any user message with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

1.6AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 10:31 p.m.β€’12 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description Attacker able to disable any module with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks...

1.6AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 10:30 p.m.β€’5 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description Attacker able to delete any custom page with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF...

1.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 10:19 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in namelessmc/nameless

✍️ Description stored xss via forum πŸ•΅οΈβ€β™‚οΈ Proof of Concept 1. First goto http://localhost/nameless/index.php?route=/panel/forums/&action=new and create a forum.\ During creation put bellow xss paylaod in forum icon.\ xss"' 2. Now save it .\ 3. Now goto above forum url...

2.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 10:0 p.m.β€’7 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description csrf bug to stick a topic πŸ•΅οΈβ€β™‚οΈ Proof of Concept Bellow url is vulnerable to csrf attack to stick a topic . http://localhost/nameless/index.php?route=/forum/stick/&tid=1 πŸ’₯ Impact csrf bug to stick a topic...

0.3AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 9:55 p.m.β€’10 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description csrf bug to follow a topic πŸ•΅οΈβ€β™‚οΈ Proof of Concept i see everywhere is csrf token checking . But in this case csrf token checking is missing .\ Bellow url is vulnerable to csrf attack to follow a topic . http://localhost/nameless/index.php?route=/forum/topic/1/&action=follow πŸ’₯ Impact...

0.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 9:52 p.m.β€’11 views

Cross-Site Request Forgery (CSRF) in namelessmc/nameless

✍️ Description csrf bug to lock a topic πŸ•΅οΈβ€β™‚οΈ Proof of Concept i see everywhere is csrf token checking . But in this case csrf token checking is missing .\ Bellow url is vulnerable to csrf attack to lock a topic . http://localhost/nameless/index.php?route=/forum/lock/&tid=1 πŸ’₯ Impact csrf bug to...

0.2AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 9:25 p.m.β€’20 views

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

✍️ Description csrf bug to create a group chatlist πŸ•΅οΈβ€β™‚οΈ Proof of Concept There is no csrf token checking during creating a group-chatlist.\ Bellow request is vulnerable to csrf attack document.getElementById"myForm".submit πŸ’₯ Impact csrf bug to create a group chatlist...

1.5AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 9:12 p.m.β€’10 views

Cross-site Scripting (XSS) - Stored in livehelperchat/livehelperchat

✍️ Description stored xss XMP configuration πŸ•΅οΈβ€β™‚οΈ Proof of Concept Plz check this 1 minute video to reproduce the bug https://drive.google.com/file/d/1j1b5XDv2v73539J5MYwxYDe0IPt9yS3f/view?usp=sharing πŸ’₯ Impact xss bug allow to execute arbitary javascript code...

0.7AI score
Exploits0
Huntr
Huntr
β€’added 2021/08/24 9:4 p.m.β€’15 views

Cross-Site Request Forgery (CSRF) in livehelperchat/livehelperchat

✍️ Description csrf bug to update uploaded-file πŸ•΅οΈβ€β™‚οΈ Proof of Concept Bellow request is vulnerable to csrf bug to update uploaded-file. Submit request POST /siteadmin/file/edit/2 HTTP/1.1 Host: demo.livehelperchat.com Cookie: PHPSESSID=b8cdt7e1436rstdhbgq5mjqskq User-Agent: Mozilla/5.0 X11;...

0.4AI score
Exploits0
Total number of security vulnerabilities4072