Tag
Microsoft introduced Data Protection Application Programming Interface (DPAPI) in Windows environments as a method to encrypt and decrypt sensitive data such as credentials using the… Continue reading → Web Browser Stored Credentials
### Summary Upon reviewing the MobSF source code, I identified a flaw in the Static Libraries analysis section. Specifically, during the extraction of .a extension files, the measure intended to prevent Zip Slip attacks is improperly implemented. Since the implemented measure can be bypassed, the vulnerability allows an attacker to extract files to any desired location within the server running MobSF. ### Details Upon examining lines 183-192 of the `mobsf/StaticAnalyzer/views/common/shared_func.py` file, it is observed that there is a mitigation against Zip Slip attacks implemented as `a.decode('utf-8', 'ignore').replace('../', '').replace('..\\', '')`. However, this measure can be bypassed using sequences like `....//....//....//`. Since the replace operation is not recursive, this sequence is transformed into `../../../` after the replace operation, allowing files to be written to upper directories. <img width="448" alt="image" src="https://github.com/user-attachments/assets/fadf...
Lawyer CMS version 1.6 suffers from an ignored default credential vulnerability.
Karya Online Shopping Portal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
JobSeeker CMS version 1.5 suffers from an ignored default credential vulnerability.
Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.
Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.
Hotel Management System version 1.0 suffers from a cross site request forgery vulnerability.
Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.
Accounting Journal Management System version 1.0 suffers from a cross site request forgery vulnerability.