Hi
I am Tejas Pingulkar
Security Researcher 

Popular posts from this blog

CVE-2020-13475: NCH accounts-Cross Site Scripting

Image
  Vulnerable Software:  Express Account Vulnerability:  XSS Affected Version:  from 8.06 to 8.24 Vendor Homepage:   https://www.nchsoftware.com/ CVE:  CVE-2020-13475 CVE Author:  Tejas Nitin Pingulkar Exploit Available:   POC Available Patch Status:  Unpatched About Affected Software: Express Accounts is professional business accounting software, perfect for small businesses needing to document and report on incoming and outgoing cash flow including sales, receipts, payments and purchases. Exploit 1>Login as admin Use any of below payload IP:PORT/invoicelist?type=czalc’%3e%3cscript%3ealert(1)%3c%2fscript%3eqb6nc IP:PORT/ invoicedelete?type=mctf8″>%3e%3cscript%3ealert(1)%3c%2fscript%3eqb6ncmwk0t&id=DFT3  [to render second payload click on cancel]   Proof Of Concept Timeline: Vulnerability Discovered – 7 April Initial Email Sent: 19th May 2020 — No response CVE Generated: 26 May 2020 Followup 2: 15 June 2020 — No respon...
Read more

CVE-2020-13480-Verint-HTML Injection

Image
Vulnerable Software : Verint Workforce Optimization (WFO) Vulnerability:  HTML Injection Affected Version:  15.2 Vendor Homepage:    https://www.verint.com CVE:  CVE-2020-13480 CVE Author:  Tejas Nitin Pingulkar Exploit Available:  POC Available About Affected Software Verint Workforce Optimization is a suite of unified software and services for capturing interactions and managing the performance of employees across the enterprise or in targeted areas of your business, including: Back-office operations Branch operations Contact centers Financial trading rooms Additional Information Verint WFO application provides functionality to send receive emails within an application. However application fails to sanitize user input. Exploit: 1. Open send email function  2. Write your payload inside the body POC: Timeline: Initial Email Sent: 21 May 2020 — No response Followup 2: 25 May 2020 — No response Followup 3: 26 May 2020 — No response CVE Generate...
Read more

CVE-2020-13473: NCH Account-Clear Text Password Storage

Image
  Vulnerable Software:   Express Account Affected Version:   8.24 and prior Vendor Homepage:   https://www.nchsoftware.com/ CVE:  CVE-2020-13473 CVE Author:  Tejas Nitin Pingulkar Exploit Available:  Yes About Affected Software Express Accounts is professional business accounting software, perfect for small businesses needing to document and report on incoming and outgoing cash flow including sales, receipts, payments and purchases. Additional Information Express Accounts has functionality that allows to access it over the web. While configuring web access function application asks for user details such as username, password, email, etc. Application stores this information in “C:\ProgramData\NCH Software\ExpressAccounts\WebAccounts” Exploit Low authenticated user can access files stored in cleartext format in C:\ProgramData\NCH Software\ExpressAccounts\WebAccounts and obtain username passwords Proof Of Concept
Read more