Search: Idor

Airlangga 12 December 2022 30.383 Views
Insecure direct object references IDOR are a type of access control vulnerability that arises when an application uses user supplied input to access objects directly. The term IDOR was popularized by its appearance in the OWASP 2007 Top Ten. However, it is just one example of many access control i...

Stored DOM-based XSS on VPSServer.com

Airlangga 10 December 2022 32.090 Views
VPSServer.com is a company that sells Virtual Private Servers VPS . A virtual private server VPS is a virtual machine sold as a service by an Internet hosting service. The virtual dedicated server VDS also has a similar meaning. Now let me share how I found a Stored DOM based XSS Vulnerab...

Microsoft says hackers attacking energy grids using decades-old software

Ganesha 25 November 2022 27.898 Views
Microsoft said this week that technology discontinued in 2005 is still being used widely and poses threats and vulnerabilities to power grids and the petroleum industry. Malicious hackers, according to the tech giant, are gaining access into secure networks and devices through common Internet of ...

How to Make a Good Bug Bounty Report

Ganesha 30 November 2022 24.737 Views
Report Title Include the type of vulnerability XSS, CSRF, XXE, SQLi, SSRF, etc . Include sub domain and or with directory path example.com Example of a good title Stored XSS at example.com Via Parameter Name Example of a bad title Stored XSS example.com Report fo...

[CVE-2022-3590] WP <= 6.1.1 - Unauthenticated Blind SSRF via DNS Rebinding

Ganesha 19 December 2022 31.456 Views
WordPress is affected by an unauthenticated blind SSRF in the pingback feature. Because of a TOCTOU Time of check to time of use race condition between the validation checks and the HTTP request, attackers can reach internal hosts that are explicitly forbidden. Below is what a request to t...

qdPM 9.1 - Remote Code Execution (RCE) (Authenticated)

Ganesha 21 November 2022 28.586 Views
A remote code execution RCE vulnerability exists in qdPM 9.1 and earlier. An attacker can upload a malicious PHP code file via the profile photo functionality, by leveraging a path traversal vulnerability in the users photo preview delete photo feature, allowing bypass of .htaccess protecti...

Reflected XSS on sgsg.samsung.com

Ganesha 27 November 2022 25.522 Views
Like I did before, I use Google Dorks, to find some interesting URLs. Google Dork site sgsg.samsung.com I found a very interesting URL, The HTTP response shows every value from the campu...

Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.25 - Reflected XSS

Ganesha 21 November 2022 30.998 Views
The Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue WordPress plugin before 3.1.25 does not escape the sib statistics date parameter before outputting it back in an attribute, leading to a Reflected Cross Site Scripting issue Proof of Concept html body ...

FBI and CISA says Cuba ransomware gang extorted $60M from victims this year

Ganesha 03 December 2022 26.380 Views
The Cuba ransomware gang extorted more than 60 million in ransom payments from victims between December 2021 and August 2022, a joint advisory from CISA and the FBI has warned. The latest advisory is a follow up to a flash alert released by the FBI in December 2021, which revealed that the gang ...

XSSRush: An automatic XSS scanner

Ganesha 24 November 2022 28.596 Views
XSSRush is an automatic XSS scanner. Available on Desktop, Chrome Extension, and Web Based. Screenshot Chrome Extension XSSR Chrome Extension .. images post 68747470733a2f2f312e62702e626c6f6773706f742e636f6d2f2d314e6b6766637951526c452f59475363726734476733492f41414141414141414278552...

CVE-2022-3360 - Unauthenticated PHP Object Injection via REST API

Ganesha 21 November 2022 27.162 Views
The LearnPress WordPress plugin before 4.1.7.2 unserialises user input in a REST API endpoint available to unauthenticated users, which could lead to PHP Object Injection when a suitable gadget is present, leadint to remote code execution RCE . To successfully exploit this vulnerability attackers m...

www.1337.or.id