4072 matches found
Cross-Site Request Forgery (CSRF) in tsolucio/corebos
✍️ Description Attacker able to delete any Invoice with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the I...
Cross-Site Request Forgery (CSRF) in tsolucio/corebos
✍️ Description Attacker able to delete any Campaign with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the...
Cross-Site Request Forgery (CSRF) in tsolucio/corebos
✍️ Description Attacker able to delete any Organization with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know...
Cross-Site Request Forgery (CSRF) in tsolucio/corebos
✍️ Description Attacker able to change password with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP...
Cross-Site Request Forgery (CSRF) in glpi-project/glpi
✍️ Description Attacker able to delete any document from Processing ticket with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user...
Cross-Site Request Forgery (CSRF) in glpi-project/glpi
✍️ Description Attacker able to delete any document from Processing change with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user...
Cross-Site Request Forgery (CSRF) in glpi-project/glpi
✍️ Description Attacker able to change any task state from changes/tickets/problems with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low...
Cross-Site Request Forgery (CSRF) in glpi-project/glpi
✍️ Description Attacker able to delete any document from Processing problem with CSRF attack because there is any CSRF protection for related endpoint. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege use...
Sensitive Cookie Without 'HttpOnly' Flag in glpi-project/glpi
✍️ Description According to 1 we have : HttpOnly is an additional flag included in a Set-Cookie HTTP response header. Using the HttpOnly flag when generating a cookie helps mitigate the risk of client side script accessing the protected cookie 💥 Impact This vulnerability is capable of take control...
Cross-site Scripting (XSS) - Reflected in forkcms/forkcms
✍️ Description The forkcms is vulnerable to XSS through the search form 🕵️♂️ Proof of Concept 1. Go to http://site.com/search?form=search&qwidget=%22%3E%3Csvg/onload=alertdocument.domain%3E 2. XSS payload will be executed 💥 Impact An attacker can execute JavaScript code in the website...
Cross-site Scripting (XSS) - Reflected in forkcms/forkcms
✍️ Description The forkcms is vulnerable to XSS through settings translation 🕵️♂️ Proof of Concept 1. Go to https://demo.fork-cms.com/private/en/locale 2. In search box named "Reference code" input " 3. XSS payload will be executed 💥 Impact An attacker can execute JavaScript code in the website...
Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition
✍️ Description Attacker is able to change a user profile state to visible if a logged in user visits attacker website. 🕵️♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check your profile state changed to visible history.pushState'', '', '/'...
Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition
✍️ Description Attacker is able to change a user profile state to hidden if a logged in user visits attacker website. 🕵️♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check your profile state changed to hidden history.pushState'', '', '/' document.forms0.submit;...
Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition
✍️ Description Attacker is able to change a user profile state to public if a logged in user visits attacker website. 🕵️♂️ Proof of Concept 1.when you logged in open this POC.html in a browser 2.you can check your profile state changed form private to public history.pushState'', '', '/'...
Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition
✍️ Description Attacker is able to change a user profile state to private if a logged in user visits attacker website. 🕵️♂️ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check your profile state changed form public to private history.pushState'', '', '/'...
Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition
✍️ Description Attacker is able to logout a user if a logged in user visits attacker website. 🕵️♂️ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check unintentionally you loged out history.pushState'', '', '/' document.forms0.submit; 💥 Impact This vulnerability...
Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition
✍️ Description Attacker is able to enable a user notification if a logged in user visits attacker website. 🕵️♂️ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check your notification is enable history.pushState'', '', '/' document.forms0.submit; 💥 Impact This...
Cross-Site Request Forgery (CSRF) in hdinnovations/unit3d-community-edition
✍️ Description Attacker is able to disable a user notification if a logged in user visits attacker website. 🕵️♂️ Proof of Concept 1. when you logged in open this POC.html in a browser 2. you can check your notification is disabled history.pushState'', '', '/' document.forms0.submit; 💥 Impact This...
in postfixadmin/postfixadmin
✍️ Description clickjacking attack 🕵️♂️ Proof of Concept i see there is no X-Frame-Options reseponse header present which allow to load entire website in iframe . And using this clickjacking attack can be performed . 💥 Impact clickjacking attack...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to delete any menu with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to delete any rule with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to upload any picture with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to delete any admin with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks i...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to delete any local picture with CSRF attack. It does not matter at all that phproject run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of filebrowser application. It does...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to add any rule with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it is...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to modify any menu with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin
✍️ Description Attacker able to change any password and username with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. I...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system
✍️ Description csrf bug to mass delete item price 🕵️♂️ Proof of Concept bellow request is vulnerable to csrf attack. here csrf token checking, no refferrer checking . There is nothing to prevent csrf attack . POST /online-invoicing-system/app/itempricesview.php HTTP/1.1 Host: localhost User-Agent:...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system
✍️ Description csrf bug to mass delete client 🕵️♂️ Proof of Concept bellow request is vulnerable to csrf attack. here csrf token checking, no refferrer checking . There is nothing to prevent csrf attack . POST /online-invoicing-system/app/clientsview.php HTTP/1.1 Host: localhost User-Agent:...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager
✍️ Description csrf bug to delete a backup 🕵️♂️ Proof of Concept Bellow request vulnerable to csrf bug which allow to delete database backup GET /online-rental-property-manager/app/admin/pageBackupRestore.php?action=delete&md5hash=eea01b37c4b7422a4 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system
✍️ Description csrf bug to create a backup 🕵️♂️ Proof of Concept Bellow request vulnerable to csrf bug which allow to create database backup GET /online-invoice/app/admin/pageBackupRestore.php?action=createbackup HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Ubuntu; Linux x8664; rv:90.0...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager
✍️ Description csrf bug to create a backup 🕵️♂️ Proof of Concept Bellow request vulnerable to csrf bug which allow to create database backup GET /online-rental-property-manager/app/admin/pageBackupRestore.php?action=createbackup HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 X11; Ubuntu; Linux...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager
✍️ Description CSRF bug in application 🕵️♂️ Proof of Concept Bellow request is vulnerable to csrf attack .\ Although there is csrf token in request but it does not checked in server-side . Any attacker provided csrf token is accepted here. POST /online-rental/app/applicationsleasesview.php...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager
✍️ Description CSRF bug in applicant 🕵️♂️ Proof of Concept Bellow request is vulnerable to csrf attack .\ Although there is csrf token in request but it does not checked in server-side . Any attacker provided csrf token is accepted here. POST /online-rental/app/applicantsandtenantsview.php...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-rental-property-manager
✍️ Description CSRF bug to add property 🕵️♂️ Proof of Concept Bellow request is vulnerable to csrf attack .\ Although there is csrf token in request but it does not checked in server-side . Any attacker provided csrf token is accepted here. POST /online-rental/app/propertiesview.php HTTP/1.1 Host:...
Improper Privilege Management in bigprof-software/online-invoicing-system
💥 BUG CSRF bug to approve member 💥 IMPACT csrf bug allow to approov any user 💥 STEP TO REPRODUCE 1. Lets assume signup allowed in settings page and member need to approoved .\ Now From external user goto http://localhost/online-invoice/app/membershipsignup.php and signup for new member with...
Cross-Site Request Forgery (CSRF) in bigprof-software/online-invoicing-system
💥 BUG CSRF bug to ban a member 💥 IMPACT csrf bug allow to ban any user 💥 STEP TO REPRODUCE 1. First goto http://localhost/online-invoice/app/admin/pageViewMembers.php and lets assume there present a member with username test.\ Now any user send link...
Cross-Site Request Forgery (CSRF) in star7th/showdoc
✍️ Description With CSRF vulnerability Attacker able to add any member to for any item if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check that member with email address [email protected] that already should registered befor have access to...
Cross-site Scripting (XSS) - Stored in kalcaddle/kodexplorer
✍️ Description XSS via SVG file Upload 🕵️♂️ Proof of Concept upload the svg file with xss payload and open it with browser alertdocument.domain; 💥 Impact Custom JS code execution embedded with in the svg file...
in frangoteam/fuxa
✍️ Description This endpoint handler performs a file system operation and does not use a rate-limiting mechanism. 🕵️♂️ Proof of Concept fs.writeFileSyncruntime.settings.userSettingsFile, JSON.stringifyreq.body, null, 4; mergeUserSettingsreq.body; res.end; FIx Consider using a rate-limiting...
in postfixadmin/postfixadmin
✍️ Description uniqid is used as input to MD5 when generating a PFATOKEN I'll refer to this as a session token - the function uniqid is not a CSPRNG but rather is a PRNG meaning that it cannot generate cryptographically reliable/secure values. 🕵️♂️ Proof of Concept Execute the below code: PHP "; ?...
in star7th/showdoc
✍️ Description The referenced code contains a hard-coded salt that is used for all passwords, ideally - a unique salt should be generated for each password and then would be stored alongside it as oppose to the constant one that is used for all passwords in the showdoc repository. 🕵️♂️ Proof of...
in star7th/showdoc
✍️ Description The referenced code block computes a MD5 hash based on a string "rgrsfsrfsrf", the current time, and a random number. The string used is static and does not appear to change, therefore I'm not sure why it is there in the first place as it does not provide any additional security...
Cross-Site Request Forgery (CSRF) in alanaktion/phproject
✍️ Description Attacker able to close any issue with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in alanaktion/phproject
✍️ Description Attacker able to delete any group with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks i...
Cross-Site Request Forgery (CSRF) in alanaktion/phproject
✍️ Description Attacker able to delete any user with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...
Cross-Site Request Forgery (CSRF) in alanaktion/phproject
✍️ Description Attacker able to delete any issue with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks i...
in aquilacms/aquilacms
✍️ Description Unauthenticated API function allows any user to change OR view another user first name, last name, password, and address information. As well, leaked activateAccountToken and resetPassToken can be viewed. 🕵️♂️ Proof of Concept The attacker can guess the correct MongoDBobject ID and...
in erudika/scoold
✍️ Description Bypass rate limit and sent unlimited email to any email address. 💥 Impact Attacker can sent unlimited email to any mail address . Many email service provider has limited email sending like 10000 email per month . If you exeed that limit then you will be extra charged . So, using thi...
in erudika/scoold
✍️ Description Bypass rate limit and sent unlimited email to any email address. 💥 Impact Attacker can sent unlimited email to any mail address . Many email service provider has limited email sending like 10000 email per month . If you exeed that limit then you will be extra charged . So, using thi...