User Activity
-
Posted
a comment
on
ticket #235
on
trixbox
Please fix it.
-
Created
ticket #237
on
trixbox
TrixBox Multiple Cross Site Scripting Vulnerabilities
-
Created
ticket #236
on
trixbox
TrixBox Multiple Path Traversal Vulnerabilities
-
Created
ticket #235
on
trixbox
TrixBox OS Command Injection Vulnerability
-
Posted
a comment
on
ticket #1703
on
KeePass
Affected Version: KePass 2.38 Description: Server Side Request Forgery (SSRF) refers to an attack where in an attacker is able to send a crafted request from a vulnerable web application. SSRF is usually used to target internal systems behind firewalls that are normally inaccessible to an attacker from the external network. Typically Server Side Request Forgery (SSRF) occurs when a web application is making a request, where an attacker has full or partial control of the request that is being sent....
-
Posted
a comment
on
ticket #1703
on
KeePass
Hello Paul, Thanks for replying. An attacker can control the URL to which the web application makes a request to some third-party service. Relying on the scheme http://domain:port I was able to port scan Internet facing servers (eg. scanme.nmap.org) for open/closed ports. For more details please go through the report. Thanks.
-
Created
ticket #1705
on
KeePass
KeePass XML External Entity Injection (XXE) Vulnerability
-
Created
ticket #1703
on
KeePass
KePass Server Side Request Forgery (SSRF) Vulnerability
Personal Data
- Username:
- sachinwagh
- Joined:
- 2018-01-24 18:57:05
Projects
- No projects to display.
