Activity for sachin

  • sachin sachin posted a comment on ticket #235

    Please fix it.

  • sachin sachin created ticket #237

    TrixBox Multiple Cross Site Scripting Vulnerabilities

  • sachin sachin created ticket #236

    TrixBox Multiple Path Traversal Vulnerabilities

  • sachin sachin created ticket #235

    TrixBox OS Command Injection Vulnerability

  • sachin sachin posted a comment on ticket #1703

    Affected Version: KePass 2.38 Description: Server Side Request Forgery (SSRF) refers to an attack where in an attacker is able to send a crafted request from a vulnerable web application. SSRF is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network. Typically Server Side Request Forgery (SSRF) occurs when a web application is making a request, where an attacker has full or partial control of the request that is being sent....

  • sachin sachin posted a comment on ticket #1703

    Hello Paul, Thanks for replying. An attacker can control the URL to which the web application makes a request to some third-party service. Relying on the scheme http://domain:port I was able to port scan Internet facing servers (eg. scanme.nmap.org) for open/closed ports. For more details please go through the report. Thanks.

  • sachin sachin created ticket #1705

    KeePass XML External Entity Injection (XXE) Vulnerability

  • sachin sachin created ticket #1703

    KePass Server Side Request Forgery (SSRF) Vulnerability

1
MongoDB Logo MongoDB