bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/49173.txt
Offensive Security 0ffa4d35c4 DB: 2020-12-03 
32 changes to exploits/shellcodes

aSc TimeTables 2021.6.2 - Denial of Service (PoC)
IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path
Microsoft Windows - Win32k Elevation of Privilege
Ksix Zigbee Devices - Playback Protection Bypass (PoC)
Mitel mitel-cs018 - Call Data Information Disclosure
Expense Management System - 'description' Stored Cross Site Scripting
ILIAS Learning Management System 4.3 - SSRF
Pharmacy Store Management System 1.0 - 'id' SQL Injection
Under Construction Page with CPanel 1.0 - SQL injection
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF
Student Result Management System 1.0 - Authentication Bypass SQL Injection
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting
WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution
WonderCMS 3.1.3 - Authenticated Remote Code Execution
PRTG Network Monitor 20.4.63.1412 - 'maps' Stored XSS
Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting
NewsLister - Authenticated Persistent Cross-Site Scripting
Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting
Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting
Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass
WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting
Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Add Artwork
Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile
DotCMS 20.11 - Stored Cross-Site Scripting
WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass
ChurchCRM 4.2.0 - CSV/Formula Injection
ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)
Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality
Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover
Simple College Website 1.0 - 'page' Local File Inclusion
Car Rental Management System 1.0 - SQL Injection / Local File include
WordPress Plugin Wp-FileManager 6.8 - RCE
2020-12-03 05:01:56 +00:00

20 lines
No EOL
918 B
Text
Raw Blame History

#Exploit Title: Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality
#Date: 2020-11-11
#Exploit Author: Mufaddal Masalawala
#Vendor Homepage: https://www.anuko.com/
#Software Link: https://www.anuko.com/time-tracker/index.htm
#Version: 1.19.23.5311
#Tested on: Kali Linux 2020.3
#CVE: CVE-2020-27423
#Proof Of Concept:
Anuko Time Tracker v1.19.23.5311 and prior, lacks rate limit on the
password reset module which allows attackers to perform Denial of Service
attack on any legitimate user's mailbox. Attacker could perform Denial of
Service on a legitimate user's mailbox
To exploit this vulnerability:
1. Goto 'Password Reset' module and enter any user's login name
2. Click on 'Reset Password' and capture this request.
3. Replay this request n number of times.
4. The victim receives a password reset email the number of times the
request is replayed.
Reference in a new issue View git blame Copy permalink