HackerOne Reports
Search through disclosed security reports
10,350 reports found
Showing 1681 - 1700
As discussed in #309391, here's the separate report for each of the library. This one is the information for the deap library. **Module:** [deap](https://www.npmjs.com/package/deap) **Summary:** Utilities function in all the listed modules can be tricked into modify the prototype of "Object" when the attacker control part of the structure passed …
Hi Guys, There is Path Traversal vulnerability in crud-file-server module, which allows to read arbitrary file from the remote server. ## Module **crud-file-server** This package exposes a directory and its children to create, read, update, and delete operations over http. https://www.npmjs.com/package/crud-file-server version: 0.7.0 Stats 0 downloads in the last day …
**Summary:** A server side request forgery vulnerability appears to leak an internal IP address and tries to connect to an attacker controlled host. **Description:** In an normal request on this web page ```GET /HTTP/1.1 Host: www.████████ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:58.0) Gecko/20100101 Firefox/58.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 …
As discussed in #309391, here's the separate report for each of the library. This one is the information for the Hoek library. **Module:** [hoek](https://www.npmjs.com/package/hoek) **Summary:** Utilities function in all the listed modules can be tricked into modify the prototype of "Object" when the attacker control part of the structure passed …
**Summary:** Hi team. The old version of the invite program, looks simple. A link to the program in which you need to log in.Now this looks through token.So my PoC I think you can count work since you have changed the system to a new, token **Description:** ### Steps To …
As discussed in #309391, here's the separate report for each of the library. This one is the information for the merge-objects library. **Module:** [merge-object](https://www.npmjs.com/package/merge-object) **Summary:** Utilities function in all the listed modules can be tricked into modifying the prototype of "Object" when the attacker control part of the structure passed …
As discussed in #309391, here's the separate report for each of the library. This one is the information for the lodash library. **Module:** [lodash](https://www.npmjs.com/package/lodash) **Summary:** Utilities function in all the listed modules can be tricked into modify the prototype of "Object" when the attacker control part of the structure passed …
Hi Guys, There is Path Traversal in general-file-server module. It allows to read content of arbitrary files on the remote server. ## Module **general-file-server** This is a general file server made by nodejs. It will be easy for you to access the files on the server through the browser. https://www.npmjs.com/package/general-file-server …
If someone sends a cookie called '0', automattic.com responds with a list of all 152 cookies supported by the application: curl -v -H 'Cookie: 0=1' https://automattic.com/?cb=123 | fgrep Cookie ``` Set-Cookie: ██████=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.wordpress.com Set-Cookie: ██████=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.wordpress.com Set-Cookie: ██████=deleted; …
As discussed in #309391, here's the separate report for each of the library. This one is the information for the defaults-deep library. **Module:** [https://www.npmjs.com/package/defaults-deep](defaults-deep) **Summary:** Utilities function in all the listed modules can be tricked into modifying the prototype of "Object" when the attacker control part of the structure passed …
Hi Guys, There is Path Traversal vulnerability in file-static-server module, which allows to read arbitrary file from the remote server. ## Module **file-static-server** [no description provided] https://www.npmjs.com/package/file-static-server version: 1.0.2 Stats 0 downloads in the last day 3 downloads in the last week 20 downloads in the last month ~250 estimated …
At first, I thought, that my finding is a valid sql injection but I was wrong because of WordPress currently adding magic slashes to COOKIE/POST/GET - this is a very special behaviour which may be remove in the future. There are tons of requests to remove this "old" technique. Nevertheless …
Hi Guys, There is a Stored XSS vulnerability in ```glance``` module. File name, which contains malicious HTML (eg. embedded ```iframe``` element or ```javascript:``` pseudoprotocol handler in ```<a>``` element) allows to execute JavaScript code against any user who opens directory listing contains such crafted file name. ## Module **glance** a quick …
As discussed in #309391, here's the separate report for each of the library. This one is the information for the assign-deep library. **Module:** [assign-deep](https://www.npmjs.com/package/assign-deep) **Summary:** Utilities function in all the listed modules can be tricked into modifying the prototype of "Object" when the attacker control part of the structure passed …
**Summary:** The website appears to be vulnerable to SQL injection due to inducing an sql error using a single ' **Description:** The following url, https://█████/hro/html/tech.cfm?Sort=Grade&ThisType=2 contains the parameter sort= which is vulnerable to SQLI. We know this due to the error disclosing the SQL query being used. ```SELECT *, tbl_JobInfo.id …
**Summary:** (a) *rogue* user is added to a private group with dozen of projects (b) The role in some projects is changed for the *rogue* user (c) *rogue* is fired, and removed from the group: he still has access to projects where his role was changed **Description:** the (b) can …
As discussed in #309391, here's the separate report for each of the library. This one is the information for the merge-deep library. **Module:** [merge-deep](https://www.npmjs.com/package/merge-deep) **Summary:** Utilities function in all the listed modules can be tricked into modifying the prototype of "Object" when the attacker control part of the structure passed …
## Details **Title**: Improper data update process on `UpdatePhabricatorIntegration` mutation leads to leak of Phabricator Conduit API token. **Risk**: High **Impact**: High **Exploitability**: High **Target**: `base_url` parameter on `UpdatePhabricatorIntegration` mutation at `/graphql` endpoint. ## Introduction Sensitive data exposure occurs when an application, company, or other entity inadvertently exposes personal data. …