account-takeover Search Results

1000+ results
for account-takeover

Best match

Best match Most commented Newest Recently updated Least commented Oldest Least recently updated

EdOverflow/can-i-take-over-xyz #80

subdomain takeover at FeedPress not working

## Service name: FeedPress ## Documentation Based on the information shared in the hackerone report for FeedPress based subdomain, not able to takeover the ownership. The error message on the URL …

sumgr0 updated 4 years ago
4
EdOverflow/can-i-take-over-xyz #4

No clarification of handling false positives

For some of the mentioned vendors, which I've had experience dealing with, there is no clarification to hackers using this list of where a false positive could occur. In the instance of Unbounce fo…

rubyroobs updated 3 months ago
4
idrsdev/agile-board #1

SECURITY BUG: Host Header Injection in src/password-reset/pa…

There seems to be a Host header injection vulnerability in line 26 of `src/password-reset/password-reset.service.ts` ## What is Host Header Injection? When an application trusts the Host header…

redtrib3 updated 4 days ago
2
indianajson/can-i-take-over-dns #25

Hurricane Electric

Yes, you can perform DNS takeovers of domains pointing to Hurricane Electric's DNS service. ### Service [Hurricane Electric](https://dns.he.net/) ### Status Vulnerable ### Nameserver >ns5…

indianajson updated 3 years ago
9
hashicorp/terraform-provider-aws #28784

[Bug]: aws_cognito_risk_configuration should require notify_…

### Terraform Core Version 1.1.8 ### AWS Provider Version 4.49.0 ### Affected Resource(s) The `aws_cognito_risk_configuration` requires a `notify_configuration` block in `account_takeover_risk_co…

dlaudams updated 1 year ago
1
FusionAuth/fusionauth-issues #1

[Feature] Secure email change, multiple identities, and new …

## Secure email change and multiple identities ### Problem Allowing just anyone to change your email address without adequate confirmation from both the current email address owner and the new e…

robotdan updated 4 months ago
5
EdOverflow/can-i-take-over-xyz #35

Microsoft Azure proofs

## Service name Microsoft Azure ## Proof There is no general approach for PoC. Microsoft Azure offers multiple services (CloudApp, Azure Websites, etc.) that use different domain names. Ge…

PatrikHudak updated 3 weeks ago
168
EdOverflow/can-i-take-over-xyz #117

Subdomain Takeover Possible via Landingi

## Service name Landingi ## Proof Landingi is Vulnerable to Subdomain Takeover If you get an Error Similar to this one ![Fingerprint](https://user-images.githubusercontent.com/17003859/6533…

messi96 updated 2 months ago
6
dwillowtree/diana #23

Error scraping URL

Great presentation at MSSN CTRL! This is my first attempt at running DIANA, so something might be misconfigured or I might be holding it wrong.. When trying to scrap any URL, I get an error that ju…

acook-recon updated 2 weeks ago
3
eu-digital-identity-wallet/eudi-doc-architecture-and-reference-framework #273

Security considerations, threat model, account protection, a…

The ARF 2.1 states that it provides "high-security authentication" -- but there are no details on what that is, or how it is accomplished. Account protection is hard. Large providers today (Amazon, Ap…

dickhardt updated 4 months ago
1

上一页 1...1 2 3 4 5 6 7...100 下一页

1000+ results for account-takeover

1000+ results
for account-takeover