4072 matches found
Open Redirect in erudika/scoold
✍️ Description Open redirect bypass 🕵️♂️ Proof of Concept i see you resently fixed open-redirect . But it can be bypassed .\ 1. First login into your account and visit https://live.scoold.com/signin?returnto=https://[email protected]/xx and see you just redirected to different site 💥...
Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager
✍️ Description Attacker able to change users password if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check that password changed to admin0 // PoC.html history.pushState'', '', '/' document.forms0.submit; 💥 Impact This vulnerability is...
Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager
✍️ Description Attacker able to create any Personal Data if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check that Personal data with Denomination aaa have been created. // PoC.html history.pushState'', '', '/' input type="hidden" name="e...
Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager
✍️ Description Attacker able to delete any Personal Data if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check that Personal data with idrecord value equal to 2 have been deleted. // PoC.html history.pushState'', '', '/'...
Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager
✍️ Description Attacker able to disable any Personal Data module if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check that Personal data module with id value equal to 1 have been disabled. // PoC.html history.pushState'', '', '/'...
Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager
✍️ Description Attacker able to create any Document management if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check Document management with aaa name have been created. // PoC.html history.pushState'', '', '/' document.forms0.submit; 💥...
Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager
✍️ Description Attacker able to delete any Document management if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check Document management with idrecord value equal to 1 have been created. // PoC.html history.pushState'', '', '/'...
Cross-Site Request Forgery (CSRF) in devcode-it/openstamanager
✍️ Description Attacker able to create any Contract if users visit attacker site. 🕵️♂️ Proof of Concept 1.Open the PoC.html In Firefox or safari. 2.now you can check a Contract with aaaa name have been created. // PoC.html history.pushState'', '', '/' document.forms0.submit; 💥 Impact This...
Open Redirect in erudika/scoold
✍️ Description There is an open redirect vulnerability in the following URL: https://live.scoold.com/signin?returnto=https://google.com 🕵️♂️ Proof of Concept Step to reproduce 1. open above URL 2. login in the applicaiton 3. you redirect to google.com 💥 Impact That causes a redirection to an...
in amirsanni/mini-inventory-and-sales-management-system
💥 BUG unprivileged user can update stoke 💥 STEP TO REPDOUCE 1. From admin account goto https://1410inc.xyz/mini-inventory-and-sales-management-system/administrators and add new user callled user-B with basic role .\ 2. Now goto user-B account and here user-B cant see any item.\ Now user-B execute...
in amirsanni/mini-inventory-and-sales-management-system
💥 BUG unprivileged user can delete item 💥 STEP TO REPDOUCE 1. From admin account goto https://1410inc.xyz/mini-inventory-and-sales-management-system/administrators and add new user callled user-B with basic role .\ 2. Now goto user-B account and here user-B cant see any item.\ Now user-B execute...
Improper Privilege Management in amirsanni/mini-inventory-and-sales-management-system
💥 BUG unprivileged user can update item 💥 STEP TO REPDOUCE 1. From admin account goto https://1410inc.xyz/mini-inventory-and-sales-management-system/administrators and add new user callled user-B with basic role .\ 2. Now goto user-B account and here user-B cant see any item.\ Now user-B execute...
Improper Privilege Management in amirsanni/mini-inventory-and-sales-management-system
💥 BUG unprivileged user can add item 💥 STEP TO REPDOUCE 1. From admin account goto https://1410inc.xyz/mini-inventory-and-sales-management-system/administrators and add new user callled user-B with basic role .\ So, user-B cant add new item.\ 2. Now goto user-B account and here user-B cant see...
in sergix44/xbackbone
✍️ Description According to 1 we have : The secure attribute is an option that can be set by the application server when sending a new cookie to the user within an HTTP Response. The purpose of the secure attribute is to prevent cookies from being observed by unauthorized parties due to the...
Cross-Site Request Forgery (CSRF) in sergix44/xbackbone
✍️ Description following endpoint vulnerable to CSRF: /omeka/system/deleteOrphanFiles Also there is not any different that you run The application in localhost or some real hosts, this is enough to login with a browser that used the browser for online web surfacing too. 🕵️♂️ Proof of Concept //...
Cross-Site Request Forgery (CSRF) in sergix44/xbackbone
✍️ Description following endpoint vulnerable to CSRF: /omeka/upload/1/unpublish Also there is not any different that you run The application in localhost or some real hosts, this is enough to login with a browser that used the browser for online web surfacing too. 🕵️♂️ Proof of Concept // PoC.html...
Cross-Site Request Forgery (CSRF) in sergix44/xbackbone
✍️ Description following endpoint vulnerable to CSRF: /omeka/user/2/delete Also there is not any different that you run The application in localhost or some real hosts, this is enough to login with a browser that used the browser for online web surfacing too. 🕵️♂️ Proof of Concept // PoC.html...
Cross-Site Request Forgery (CSRF) in sergix44/xbackbone
✍️ Description following endpoint vulnerable to CSRF: /omeka/system/recalculateUserQuota Also there is not any different that you run The application in localhost or some real hosts, this is enough to login with a browser that used the browser for online web surfacing too. 🕵️♂️ Proof of Concept //...
Cross-Site Request Forgery (CSRF) in sergix44/xbackbone
✍️ Description following endpoint vulnerable to CSRF: /omeka/upload/1/delete Also there is not any different that you run The application in localhost or some real hosts, this is enough to login with a browser that used the browser for online web surfacing too. 🕵️♂️ Proof of Concept // PoC.html...
in babybuddy/babybuddy
✍️ Description According to 1 we have : The secure attribute is an option that can be set by the application server when sending a new cookie to the user within an HTTP Response. The purpose of the secure attribute is to prevent cookies from being observed by unauthorized parties due to the...
Cross-Site Request Forgery (CSRF) in microweber/microweber
✍️ Description Attacker able to delete any Module if attacker knows the ids parameter value. 🕵️♂️ Proof of Concept Here after running PoC.html on Firefox or Safari and click on submit button also can be auto-submit you will see that the Module with id 167 has been deleted. //PoC.html...
Cross-Site Request Forgery (CSRF) in microweber/microweber
✍️ Description Attacker able to delete any Product in My shop section if attacker knows the ids parameter value. 🕵️♂️ Proof of Concept Here after running PoC.html on Firefox or Safari and click on submit button also can be auto-submit you will see that the Product with id 9 has been deleted...
Cross-Site Request Forgery (CSRF) in microweber/microweber
✍️ Description Attacker able to delete any user if knows the user id parameter value. 🕵️♂️ Proof of Concept Here after running PoC.html on Firefox or Safari and click on submit button also can be auto-submit you will see that the user with id 3 has been deleted. //PoC.html history.pushState'', '',...
Cross-Site Request Forgery (CSRF) in microweber/microweber
✍️ Description Attacker able to delete any customer if knows the customer ids parameter value. 🕵️♂️ Proof of Concept Here after running PoC.html on Firefox or Safari and click on submit button also can be auto-submit you will see that the customer with id 2 has been deleted. //PoC.html...
Cross-Site Request Forgery (CSRF) in microweber/microweber
✍️ Description Attacker able to batch delete any Website pages if knows the pages id parameter value. 🕵️♂️ Proof of Concept Here after running PoC.html on Firefox or Safari and click on submit button also can be auto-submit you will see that the files with id from 9 to 15 have been deleted...
Use of a Broken or Risky Cryptographic Algorithm in hdinnovations/unit3d-community-edition
✍️ Description The referenced code block uses PHP's native md5 and uniqid functions to generate the attributes named passkey and rsskey - both of which are to be considered cryptographically insecure due to their usage of uniqid which is not to be considered cryptographically secure. 🕵️♂️ Proof of...
in erudika/scoold
✍️ Description You should check and validate the password when users registering, any user able to use a weak password like aaaaa also you don't have any rate limit for incorrect passwords that cause to easily perform Bruteforce attacks against your users that have weak passwords. 💥 Impact This...
Cross-Site Request Forgery (CSRF) in pimcore/pimcore
✍️ Description Your application have not any CSRF protection and also You set the SameSite attribute to Lax, this means if you want to alter some data with GET HTTP requests, then your site should be vulnerable to CSRF attacks with no doubt. First you run this Html payload and then you should see...
Cross-Site Request Forgery (CSRF) in babybuddy/babybuddy
✍️ Description You don't check CSRF token in following endpoint /timers/1/restart/ with PoC.html attacker able to reset timer with id equal to 1. 🕵️♂️ Proof of Concept // PoC.html history.pushState'', '', '/' 💥 Impact This vulnerability is capable of reset any timer...
Cross-Site Request Forgery (CSRF) in babybuddy/babybuddy
✍️ Description You don't check CSRF token in following endpoint /timers/1/stop/ with PoC.html attacker able to stop timer with id equal to 1. 🕵️♂️ Proof of Concept // PoC.html history.pushState'', '', '/' 💥 Impact This vulnerability is capable of stop any timer...
Cross-Site Request Forgery (CSRF) in babybuddy/babybuddy
✍️ Description You don't check CSRF token in following endpoint /timers/add/quick/ with PoC.html attacker able to add quick timers. 🕵️♂️ Proof of Concept // PoC.html history.pushState'', '', '/' 💥 Impact This vulnerability is capable of ad quick timers...
Cross-site Scripting (XSS) - Stored in apostrophecms/apostrophe
✍️ Description : An attacker could upload a specially crafted SVG image containing malicious scripting code. When following a link to this image, the code would be executed. 🕵️♂️ Proof of Concept : // PoC.js var payload = ... Link POC using Demo --...
Session Fixation in projectsend/projectsend
✍️ Description Project Send contains a Session Fixation Vulnerability. This vulnerability is one that can allow an attacker to fixate find or set another person’s session identifier. This most commonly happens when session tokens are now refreshed or renewed when they should be. It looks like the...
None in polonel/trudesk
1Go to https://docker.trudesk.io/ 2Enter the username and password 3Capture the request and start bruteforcing the password IMPACT: Account takeover...
in yiisoft/yii2
✍️ Description Insecure randomness errors occur when a function that can produce predictable values is used as a source of randomness in security-sensitive context. In this case the function that generates weak random numbers is mtrand in BaseMailer.php at line 346. 🕵️♂️ Proof of Concept ?php echo...
in yiisoft/yii2
✍️ Description Insecure randomness errors occur when a function that can produce predictable values is used as a source of randomness in security-sensitive context. In this case the function that generates weak random numbers is mtrand in CaptchaAction.php at line 217. 🕵️♂️ Proof of Concept ?php...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in francoisjacquet/rosariosis
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in easysoft/zentaopms
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
in zeromq/pyzmq
✍️ Description The paramiko.WarningPolicy policy used in setmissinghostkeypolicy will not reject unknown host keys. This may lead to Man-in-the-middle attacks. 🕵️♂️ Proof of Concept client = paramiko.SSHClient client.loadsystemhostkeys client.setmissinghostkeypolicyparamiko.WarningPolicy 💥 Impact...
in pimcore/pimcore
1Go to https://demo.pimcore.fun/en/account/register 2Enter the username and password 3Choose the password as 'a' and the account will be created...
Cross-Site Request Forgery (CSRF) in changeweb/unifiedtransform
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-Site Request Forgery (CSRF) in changeweb/unifiedtransform
✍️ Description When you don't set the SameSite attribute of cookies the browsers have special act in front of this issue.I mean set default value on it chrome and chromium based browsers set the attribute "Lax" that mean if you do add/delete/alter operation in a get HTTP request then your site mor...
Cross-site Scripting (XSS) - Reflected in dolibarr/dolibarr
Description Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off of a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious...