#auth

Veeam Backup Enterprise Manager authentication bypass proof of concept exploit. Versions prior to 12.1.2.172 are vulnerable.

Veeam Recovery Orchestrator authentication bypass proof of concept exploit.

Telerik Report Server deserialization and authentication bypass exploit chain that makes use of the vulnerabilities noted in CVE-2024-4358 and CVE-2024-1800.

### Summary An attacker can use the `next` parameter on the login page to redirect a victim to a malicious page, while masking this using a legit-looking `app.khoj.dev` url. For example, `https://app.khoj.dev/login?next=//example.com` will redirect to the https://example.com page. ### Details The problem seems to be in this method: https://github.com/khoj-ai/khoj/blob/2667ef45449eb408ce1d7c393be04845be31e15f/src/khoj/routers/auth.py#L95 ### PoC Open the `https://app.khoj.dev/login?next=//example.com` url in a Gecko-based browser (Firefox). ### Impact The impact is low, and this could only be used in phishing attempts, but it's still a problem nonetheless.

Progress WhatsUp Gold WriteDatafile unauthenticated remote code execution proof of concept exploit.

Progress WhatsUp Gold GetFileWithoutZip unauthenticated remote code execution proof of concept exploit.

ResidenceCMS versions 2.10.1 and below suffer from a persistent cross site scripting vulnerability.

PMS 2024 version 1.0 suffers from a remote SQL injection vulnerability.

Simple Online Banking System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

A list, known as RockYou2024, of almost 10 billion passwords has been released on a hacking forum. What are the dangers?