| tiêu đề | Smart Office - A complete HRMS Solutions https://smartofficepayroll.com/downloads 1.0 weak Password Policy allowing Account Takeover over the whole sy |
|---|
| Mô tả | Hello, I was able to detect a weak Password Policy in Smart Office Biometrocs and HRMS Solutions.
This allows an attacker to change the password from smart to 1.
This is what we will see together :)
we will set the password from smart to 1 -> lets see :)
As you can see we are able to successfully login :)
Thank you for watching :)
Proof of Concept Video: https://mega.nz/file/3MUjTIiB#gMuogm3Vaqk-QLRXMtSS2dqlEJlnBhKal6CjeC-dIF8 |
|---|
| Nguồn | ⚠️ https://mega.nz/file/3MUjTIiB#gMuogm3Vaqk-QLRXMtSS2dqlEJlnBhKal6CjeC-dIF8 |
|---|
| Người dùng | ahmed8199 (UID 60803) |
|---|
| Đệ trình | 05/04/2024 12:40 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 12/04/2024 21:20 (7 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 260574 [Smart Office đến 20240405 Main.aspx New Password/Confirm Password xác thực yếu] |
|---|
| điểm | 20 |
|---|