[www.drive2.ru] Insufficient Security Configurability - The user can using the same password as your current ID. |
Improper Authentication - Generic |
what_web |
Low |
2020-10-23 |
[www.drive2.ru] Insufficient Security Configurability - The user's can set an existing password as a new password. |
Improper Authentication - Generic |
what_web |
Low |
2020-10-23 |
[www.drive2.ru] Insufficient Security Configurability - Notification email is not sent when email is changed. |
Improper Authentication - Generic |
what_web |
Low |
2020-10-23 |
[www.drive2.ru] Insufficient Security Configurability - Notification message not sent when account is deleted |
Business Logic Errors |
what_web |
Low |
2020-10-23 |
[www.drive2.ru] Insufficient Security Configurability - Email notification is not being sent while changing passwords |
Improper Authentication - Generic |
what_web |
Low |
2020-10-22 |
Testing for arbitrary HTTP methods |
Information Exposure Through an Error Message |
sandesh_shinde |
Low |
2020-07-06 |
[www.drive2.ru] There is no rate limit for comments endpoints. |
Violation of Secure Design Principles |
what_web |
Low |
2020-06-08 |
[www.drive2.ru] CSRF through FCTX token bypass |
Cross-Site Request Forgery (CSRF) |
what_web |
Medium |
2020-03-31 |
[www.drive2.ru] CSRF through FCTX token bypass |
Cross-Site Request Forgery (CSRF) |
what_web |
Medium |
2020-03-31 |
Хранимый XSS в Business-аккаунте, на странице компании |
Cross-site Scripting (XSS) - Stored |
konqi |
High |
2020-01-17 |
Same site Scripting |
None supplied |
dre4dp1r4terob3rts |
Low |
2020-01-13 |