| 제목 | Smart Office - A complete HRMS Solutions https://smartofficepayroll.com/downloads 1.0 weak Password Policy allowing Account Takeover over the whole sy |
|---|
| 설명 | Hello, I was able to detect a weak Password Policy in Smart Office Biometrocs and HRMS Solutions.
This allows an attacker to change the password from smart to 1.
This is what we will see together :)
we will set the password from smart to 1 -> lets see :)
As you can see we are able to successfully login :)
Thank you for watching :)
Proof of Concept Video: https://mega.nz/file/3MUjTIiB#gMuogm3Vaqk-QLRXMtSS2dqlEJlnBhKal6CjeC-dIF8 |
|---|
| 원천 | ⚠️ https://mega.nz/file/3MUjTIiB#gMuogm3Vaqk-QLRXMtSS2dqlEJlnBhKal6CjeC-dIF8 |
|---|
| 사용자 | ahmed8199 (UID 60803) |
|---|
| 제출 | 2024. 04. 05. PM 12:40 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 04. 12. PM 09:20 (7 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 260574 [Smart Office 까지 20240405 Main.aspx New Password/Confirm Password 약한 인증] |
|---|
| 포인트들 | 20 |
|---|