4072 matches found
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the Address field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: Go to https://localhost:443///admin/pageSettings.php?search-settings=smtp Add " as senders...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
š„ BUG STORED XSSS š„ TESTED VERSION latest version as of 3/7/21 š„ STEP TO REPRODUCE plz check this 1 minute video to reproduce the bug https://drive.google.com/file/d/16Y2WR7PKj-OpDGGDMAxV60CaiSX2RZXl/view?usp=sharing...
Cross-site Scripting (XSS) - Reflected in bigprof-software/online-rental-property-manager
āļø Description Reflected XSS in membershippasswordReset.php where key parameter leads to exploitation of a vulnerability. šµļøāāļø Proof of Concept // POC membershippasswordReset.php?key=;?"alert1 š„ Impact This vulnerability is capable of XSS, steal user cookies, session hijacking...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in pageTransferOwnership.php where sourceMemberID parameter leads to xss which gets stored in pageViewRecords.php šµļøāāļø Proof of Concept Steps to reproduce: 1. Go to admin account 2. Visit URL /app/admin/pageTransferOwnership.php?sourceGroupID=2&sourceMemberID="alert1 š„...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in adding group name. šµļøāāļø Proof of Concept Steps to reproduce: 1. Create a group and enter s"' in group name 2. Save and view it you will see popup š„ Impact This vulnerability is capable of stored xss...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored XSS in adding properties lead by adding owners first name and second name. šµļøāāļø Proof of Concept Video POC: https://drive.google.com/file/d/1QbdzPJPHmQPsNl-o43a-Slub4Z3hhNh/view?usp=sharing š„ Impact This vulnerability is capable of Stored XSS...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in membership profile. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a member account. 2. Login into the member account. 3. Enter the s"' payload in the State field. 4. Update the profile and You will see an alert. š„ Impact This vulnerability is capable of Stored XSS...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in membership profile. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a member account. 2. Login into the member account. 3. Enter the s"' payload in the city field. 4. Update the profile and You will see an alert. š„ Impact This vulnerability is capable of Stored xss...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in membership profile. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a member account. 2. Login into the member account. 3. Enter the s"' payload in the Address field. 4. Update the profile and You will see an alert. š„ Impact This vulnerability is capable of stored...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description There is a stored xss in member profile in the full name šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a member account. 2. Login into the member account. 3. Enter the s"' payload in the Full Name field. 4. Update the profile and You will see an alert. š„ Impact Stored XSS...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
š„ BUG xss via unit description š„ VERSION TESTED latest version as of 1/7/21 š„ IMPACT xss allow to execute arbitary javascript in vicitm account š„ STEP TO REPRODUCE 1. goto http://localhost/online-rental/app/unitsview.php and create a new unit .\ During creation put bellow xss payload in...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
š„ BUG xss via Applications/Leases š„ VERSION TESTED latest version as of 1/7/21 š„ IMPACT xss allow to execute arbitary javascript in vicitm account š„ STEP TO REPRODUCE 1. goto http://localhost/online-rental/app/applicationsleasesview.php and create a new application .\ During creation put bellow...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in profile City field.\ There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the State name field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in profile Full-name field.\ There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the State name field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in profile Address field.\ There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the State name field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
āļø Description Stored xss in profile state field There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the State name field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
š„ BUG xss via groupname permission š„ VERSION TESTED latest version as of 1/7/21 š„ IMPACT xss allow to execute arbitary javascript in vicitm account š„ STEP TO REPRODUCE 1. first goto http://localhost/online-rental/app/admin/pageEditGroup.php and add a new group and put bellow xss payload in...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
š„ BUG Stored xss via group name š„ TESTED VERSION latest version as of 01/07/21 š„ STEP TO REPRODUCE 1. create a group with bellow xss payload in name.\ group1"'.\ 2. Now add a new user called user-B to the above group .\ 3. Finally visit...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-rental-property-manager
š„ BUG xss via landlord comment š„ VERSION TESTED latest version as of 1/7/21 š„ IMPACT xss allow to execute arbitary javascript in vicitm account š„ STEP TO REPRODUCE 1. first goto http://localhost/online-rental/app/rentalownersview.php and add a new landlord .\ During creation put bellow xss payloa...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
š„ BUG xss via groupname in item š„ VERSION TESTED latest version as of 1/7/21 š„ IMPACT xss allow to execute arbitary javascript in vicitm account š„ STEP TO REPRODUCE 1. first goto http://localhost/online-invoice2/app/admin/pageEditGroup.php and add a new group and put bellow xss payload in...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
š„ BUG xss via groupname š„ VERSION TESTED latest version as of 1/7/21 š„ IMPACT xss allow to execute arbitary javascript in vicitm account š„ STEP TO REPRODUCE 1. first goto http://localhost/online-invoice2/app/admin/pageEditGroup.php and add a new group and put bellow xss payload in group-name....
Improper Privilege Management in bigprof-software/online-invoicing-system
š„ BUG privilege escalation bug to add item to a price-history š„ IMPACT unprivileged user can add item to a price-history š„ STEP TO REPRODUCE 1. From admin account goto http://localhost/online-invoice2/app/admin/pageViewMembers.php and add new user called user-B .\ Now revoke all acccess from item...
Improper Privilege Management in bigprof-software/online-invoicing-system
š„ BUG privilege escalation bug to add invoice to a client . š„ IMPACT unprivileged user can add invoice to a client š„ STEP TO REPRODUCE 1. From admin account goto http://localhost/online-invoice2/app/admin/pageViewMembers.php and add new user called user-B .\ Now revoke all acccess from client...
in getgrav/grav
āļø Description A cookie with an overly broad path can be accessed through other applications on the same domain. šµļøāāļø Proof of Concept Application deployed at http://real.example.com/grav and the application sets a session ID cookie with path "/" when users log in to the forum. then below code is...
in projectsend/projectsend
š„ BUG create client even when self client registration is disabled š„ IMPACT any user can create create client even when self client registration is disabled š„ STEP TO REPRODUCE 1. From admin account goto http://localhost/projectsend2/options.php?section=clients and disabled client registration....
Cross-site Scripting (XSS) - Stored in projectsend/projectsend
āļø Description section parameter at Line 331 of email-templates.php sends unvalidated data to a web browser, which can result in the browser executing malicious code. In this case the data is sent at builtinecho in email-templates.php at line 331 šµļøāāļø Proof of Concept Data enters in application...
Cross-site Scripting (XSS) - Reflected in projectsend/projectsend
āļø Description GET parameter ?client= in Line 419 of manage-files.php sends unvalidated data to a web browser, which can result in the browser executing malicious code. In this case the data is sent at builtinecho in manage-files.php at line 419. šµļøāāļø Proof of Concept Data enters a web application...
Cross-site Scripting (XSS) - Stored in devcode-it/openstamanager
āļø Description Stored xss through file upload via anagrafiche šµļøāāļø Proof of Concept Go to an existing Anagrafiche or create a new one. Upload a .svg file with the following content: javascript alertdocument.cookie; give a name you want ending with .svg store-xss.svg for example. when you click on...
in projectsend/projectsend
š„ BUG privilege escalation bug to update admin email-address and company name etc . š„ IMPACT unprivileged user can update admin email-address and company name etc š„ STEP TO REPRODUCE 1. From admin account goto http://localhost/projectsend2/users.php and add new user called user-B with uploader...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS in the online invoicing system view price history which is lead by adding invoice items. š„ TESTED VERSION https://github.com/bigprof-software/online-invoicing-system/releases/tag/v5.0 šµļøāāļø Proof of Concept POC Video:...
Cross-site Scripting (XSS) - Reflected in projectsend/projectsend
š„ BUG reflected xss š„ STEP TO REPRODUCE 1. Login to your account and visit url http://localhost/projectsend2/process.php?do=returnfilesids&files%5B0%5D%5Bname%5D=batch%5B%5D&files%5B0%5D%5Bvalue%5D=32%27%22%3E%3Cimg+src=x+onerror=alert%3E and see xss is executed š„ IMPACT Attacker can execute...
Cross-site Scripting (XSS) - Stored in projectsend/projectsend
š„ BUG CSRF bug to delete file š„ SUMMURY during batch delete file there is no csrf token present š„ STEP TO REPRODUCE 1. vulnerable url is http://localhost/projectsend2/manage-files.php?action=delete&batch=27&batch=31&page=1 .\ Here in this url change file-id to delete and open the url and see file...
Cross-site Scripting (XSS) - Stored in projectsend/projectsend
š„ BUG Stored xss during file upload š„ STEP TO REPRODUCE check this 1 minute video to reproduce the bug https://drive.google.com/file/d/17TkVQxAOuXxSnlaPh4smvbJndcW-JQla/view?usp=sharing š„ IMPACT Lower level user can make xss attack against admin. So, using this xss bug lower level user can execut...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the State name field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user account. 3. Enter the s"' payload in the...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the City field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user account. 3. Enter the s"' payload in the City...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the Address field as tested on the latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user account. 3. Enter the s"' payload in the...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS on the user profile edit page which occurs due to improper sanitization of the Full name field as tested on latest release. šµļøāāļø Proof of Concept Steps to Reproduce: 1. Create a user account. 2. Login into the user account. 3. Enter the s"' payload in the Full...
Cross-site Scripting (XSS) - Reflected in bigprof-software/online-invoicing-system
āļø Description /app/admin/pageTransferOwnership.php with sourceMemberID parameter is vulnerable to Reflected XSS. Line 216 of pageTransferOwnership.php sends unvalidated data to a web browser, which can result in the browser executing malicious code. In this case the data is sent at builtinecho in...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
š„ BUG Stored xss via client address in invoice š„ TESTED VERSION latest version as of 01/07/21 š„ STEP TO REPRODUCE 1. From admin account goto http://localhost/online-invoice2/app/admin/pageViewMembers.php and add a new user called user-B with read-write permission in invoice/client module .\ 2...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
š„ BUG Stored xss via group name š„ TESTED VERSION latest version as of 01/07/21 š„ STEP TO REPRODUCE 1. create a group with bellow xss payload in name.\ group1"'.\ 2. Now add a new user called user-B to the above group .\ 3. Finally visit...
Session Fixation in filegator/filegator
āļø Description the password reset function is vulnerable to session fixation bug, it's a small low hanging bug šµļøāāļø Proof of Concept open filegator and login with similar accounts in multiple browsers. change the password of the user in one browser and reload the other login session. we can see...
Cross-site Scripting (XSS) - Stored in getgrav/grav
āļø Description Grav is vulnerable to XSS via bad SVG files. It is possible to upload an SVG file that contains errors after script tags. šµļøāāļø Proof of Concept SVG file content: html alertdocument.domain; 1. Create an SVG file with the above content. 2. Upload it through profile image update. 3...
Inefficient Regular Expression Complexity in chatwoot/chatwoot
āļø Description If we want to use Regex in our match or search or replace or ... functions, we must be sanitize this function's inputs. if an attacker capable to inject any Regex or abuse the bad Regexes that used in our codes, then the ReDoS vulnerability appear and according to "freezing the web ...
Server-Side Request Forgery (SSRF) in kalcaddle/kodexplorer
āļø Description The path is vulnerable to ssrf via svg file upload šµļøāāļø Proof of Concept upload an SVG file with SSRF payload in it. open option on the file and open with browser. š„ Impact redirect host via ssrf...
Cross-site Scripting (XSS) - Stored in combodo/itop
š„ BUG stored xss via file upload š„ STEP TO REPRODUCE here in this case i uploaded a html file with xss payload inside.\ Plz check this 1 minute video to reproduce https://drive.google.com/file/d/1xKqYFgrsFUfp9Ufe4XiATQcAL-Q6Mr9G/view?usp=sharing š„ Impact I see there is many different type of role...
Cross-site Scripting (XSS) - Stored in combodo/itop
š„ BUG stored xss via problem title š„ STEP TO REPRODUCE Plz check this 1 minute video to reproduce https://drive.google.com/file/d/1n7ni3y5LNkK2ntrTTvVNLNOEmf2iKReO/view?usp=sharing š„ Impact I see there is many different type of role base user . So, user who has permission to create problem can ma...
Cross-site Scripting (XSS) - Stored in combodo/itop
š„ BUG stored xss via contact lastname š„ STEP TO REPRODUCE Plz check this 1 minute video to reproduce https://drive.google.com/file/d/1bR9ili6jKxX3UQ2dQUQTqNL0e4LsMDtk/view?usp=sharing š„ Impact I see there is many different type of role base user . So, user who has permission to create contact can...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS in the online invoicing system when adding a group name. šµļøāāļø Proof of Concept Video POC: https://drive.google.com/file/d/13VaUfJrhd7m565lMQWZMfzXhfYPVjPV/view?usp=sharing Payload: ''' š„ Impact Stored XSS...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS in the online invoicing system which could be exploited by any user who has permission to add a client. when a comment is added during the creation of a client by the user then due to improper sanitization XSS payload gets triggered. šµļøāāļø Proof of Concept Video...
Cross-site Scripting (XSS) - Stored in bigprof-software/online-invoicing-system
āļø Description There is a Stored XSS in the online invoicing system which could be exploited by any user who has permission to add the invoice. when a comment is added during the creation of invoices by any user then due to improper sanitization XSS payload gets triggered. šµļøāāļø Proof of Concept...