#auth

Veeam Recovery Orchestrator authentication bypass proof of concept exploit.

Telerik Report Server deserialization and authentication bypass exploit chain that makes use of the vulnerabilities noted in CVE-2024-4358 and CVE-2024-1800.

### Summary An attacker can use the `next` parameter on the login page to redirect a victim to a malicious page, while masking this using a legit-looking `app.khoj.dev` url. For example, `https://app.khoj.dev/login?next=//example.com` will redirect to the https://example.com page. ### Details The problem seems to be in this method: https://github.com/khoj-ai/khoj/blob/2667ef45449eb408ce1d7c393be04845be31e15f/src/khoj/routers/auth.py#L95 ### PoC Open the `https://app.khoj.dev/login?next=//example.com` url in a Gecko-based browser (Firefox). ### Impact The impact is low, and this could only be used in phishing attempts, but it's still a problem nonetheless.

Progress WhatsUp Gold WriteDatafile unauthenticated remote code execution proof of concept exploit.

Progress WhatsUp Gold GetFileWithoutZip unauthenticated remote code execution proof of concept exploit.

ResidenceCMS versions 2.10.1 and below suffer from a persistent cross site scripting vulnerability.

PMS 2024 version 1.0 suffers from a remote SQL injection vulnerability.

Simple Online Banking System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

A list, known as RockYou2024, of almost 10 billion passwords has been released on a hacking forum. What are the dangers?

Financial institutions in Latin America are being threatened by a banking trojan called Mekotio (aka Melcoz). That's according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware. Mekotio, known to be actively put to use since 2015, is known to target Latin American countries like Brazil, Chile, Mexico, Spain, Peru, and Portugal