HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

validation

  1. itsMe

    Subrake: Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters

    A Subdomain Enumeration and Validation tool for Bug Bounty and Pentesters. Key Features     OSINT + Subdomain Bruteforcing     Capable of handling outputs from multiple tools     Handling False Positives and Filters subdomains with same resolutions.     Checking for Server Banners and Ports...
    • itsMe
    • Thread
    • and bounty bug enumeration for pentesters subdomain subrake: tool validation
    • Replies: 0
    • Forum: Pentesting
  2. 1

    Exploits IcedTeaWeb Validation Bypass / Directory Traversal / Code Execution

    IcedTeaWeb suffers from multiple vulnerabilities including directory traversal and validation bypass issues that can lead to remote code execution. The affected versions are 1.7.2 and below, 1.8.2 and below. 1.6 is also vulnerable and not patched due to being EOL. Proof of concepts are provided...
  3. 1

    Exploits Fortinet FortiSIEM 5.0 / 5.2.1 Improper Certification Validation

    A FortiSIEM collector connects to a Supervisor/Worker over HTTPS TLS (443/TCP) to register itself as well as relaying event data such as syslog, netflow, SNMP, etc. When the Collector (the client) connects to the Supervisor/Worker (the server), the client does not validate the server-provided...
  4. 1

    Exploits Open-Xchange OX Guard Cross Site Scripting / Signature Validation

    Open-Xchange OX Guard versions 7.10.2 and below suffer from a cross site scripting vulnerability. Open-Xchange OX Guard versions 7.10.1 and below, 2.10.2 and below suffer from a signature validation vulnerability. View the full article
  5. 1

    Exploits OmniDoc 7.0 Input Validation

    OmniDoc version 7.0 suffers from an improper input validation vulnerability. View the full article
  6. 1

    Exploits RARLAB WinRAR ACE Format Input Validation Remote Code Execution

    In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll). When the filename field is manipulated with specific patterns, the destination (extraction) folder is ignored, thus treating the filename as...
  7. 1

    Exploits JFrog Artifactory Pro 6.5.9 Signature Validation

    The SAML SSO addon in JFrog Artifactory version 6.5.9 does not properly validate the XML signature in the SAMLResponse field send to the URL /webapp/saml/loginResponse. An attacker can use this flaw to login as any user if they already can login as some user. View the full article
  8. 1

    Exploits Python GnuPG 0.4.3 Improper Input Validation

    Researchers discovered a way to inject data through the passphrase property of the gnupg.GPG.encrypt() and gnupg.GPG.decrypt() methods when symmetric encryption is used. The supplied passphrase is not validated for newlines, and the library passes --passphrase-fd=0 to the gpg executable, which...
  9. 1

    Exploits Everus.org 1.0.7 Second Factor Client-Side Validation

    The Everus.org Android application version1.0.7 has a fundamental design flaw where the server provides the second factor to the client for comparison instead of properly validating it server-side. View the full article
  10. 1

    Exploits Postman 6.3.0 Improper Certificate Validation

    Postman versions 6.3.0 and below suffer from a man-in-the-middle vulnerability due to improper certificate validation. View the full article

validation

validation

Share this tag

Back
Top