daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix-format

patch-1
Dhiyaneshwaran 2024-04-12 15:45:38 +05:30 committed by GitHub
parent f583cef033
commit 63e52d64a2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
http/cves/2024/CVE-2024-26331.yaml
View File

@ -4,10 +4,10 @@ info:
name: ReCrystallize Server - Authentication Bypass name: ReCrystallize Server - Authentication Bypass
author: Carson Chan author: Carson Chan
severity: high severity: high
reference:
- https://preview.sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/
description: | description: |
This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server application by manipulating the 'AdminUsername' cookie. This gives the attacker administrative access to the application's functionality, even when the default password has been changed. This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server application by manipulating the 'AdminUsername' cookie. This gives the attacker administrative access to the application's functionality, even when the default password has been changed.
reference:
- https://preview.sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/
metadata: metadata:
verified: true verified: true
max-request: 1 max-request: 1