Wordpress Users Disclosure (/wp-json/wp/v2/users/) on data.gov |
Information Disclosure |
nagli |
Medium |
2020-07-28 |
Blind SSRF on https://labs.data.gov/dashboard/Campaign/json_status/ Endpoint |
Use of Inherently Dangerous Function |
mariuszpoplawski |
Medium |
2020-07-10 |
Limited LFI |
Remote File Inclusion |
mariuszpoplawski |
Medium |
2020-07-09 |
HTTP Request Smuggling on https://labs.data.gov |
HTTP Request Smuggling |
puppykok |
High |
2020-05-13 |
open redirect in eb9f.pivcac.prod.login.gov |
Open Redirect |
timwhite |
Low |
2020-05-12 |
SSRF/XSPA in labs.data.gov/dashboard/validate |
Server-Side Request Forgery (SSRF) |
haxta4ok00 |
Medium |
2020-05-05 |
Cache poisoning DoS to various TTS assets |
Violation of Secure Design Principles |
nathand |
High |
2020-03-12 |
Stealing Users OAuth Tokens through redirect_uri parameter |
Open Redirect |
manshum12 |
High |
2019-10-01 |
Nginx misconfiguration leading to direct PHP source code download |
Information Disclosure |
tolo7010 |
High |
2019-07-29 |
SQL injection in https://labs.data.gov/dashboard/datagov/csv_to_json via User-agent |
SQL Injection |
harisec |
Critical |
2019-03-22 |
Multiple Bugs in api.data.gov/signup endpoint leads to send custom messages to Anyone |
None supplied |
nuke11 |
Medium |
2018-11-13 |
Redirect on authorization allows account compromise |
Improper Authentication - Generic |
cablej_dds |
Critical |
2018-11-06 |
Defacement of catalog.data.gov via web cache poisoning to stored DOMXSS |
Cross-site Scripting (XSS) - Stored |
albinowax |
High |
2018-11-01 |
[idp.fr.cloud.gov] Open Redirect |
Open Redirect |
bobrov |
Low |
2018-11-01 |
SSH server compatible with several vulnerable cryptographic algorithms |
Use of a Broken or Risky Cryptographic Algorithm |
northivanastan |
Medium |
2018-03-02 |
CI for [example.gov] can be logged in and accessible |
Improper Access Control - Generic |
kunal94 |
Critical |
2018-02-07 |
Subdomain Takeover |
Privilege Escalation |
picklepwns |
High |
2017-11-28 |
2FA bypass - confirmation tokens don't expire |
Improper Access Control - Generic |
muskecan |
Medium |
2017-11-17 |
Error Page Content Spoofing or Text Injection |
None supplied |
dennis95 |
No rating |
2017-11-17 |
CSRF in generating a new Personal Key |
Cross-Site Request Forgery (CSRF) |
streaak2 |
Medium |
2017-11-17 |
CSRF to change Account Security Keys on secure.login.gov |
Cross-Site Request Forgery (CSRF) |
zk34911 |
Medium |
2017-11-01 |
Cross-Site Request Forgery on the Federalist API (all endpoints), using Flash file on the attacker's host |
Cross-Site Request Forgery (CSRF) |
sp1d3rs |
Medium |
2017-09-28 |
Homo graphs attack |
Violation of Secure Design Principles |
ninjan |
None |
2017-09-20 |
[api.data.gov] Leak Valid API With out Verification - |
Improper Authentication - Generic |
lawrenceamer |
None |
2017-09-20 |
Information disclosure (system username) in the x-amz-meta-s3cmd-attrs response header on federation.data.gov |
Information Disclosure |
sp1d3rs |
Low |
2017-09-16 |
Reflected XSS on the data.gov (WAF bypass+ Chrome XSS Auditor bypass+ works in all browsers) |
Cross-site Scripting (XSS) - Reflected |
sp1d3rs |
Medium |
2017-09-15 |
HTML injection (with XSS possible) on the https://www.data.gov/issue/ using media_url attribute |
Cross-site Scripting (XSS) - Reflected |
sp1d3rs |
Medium |
2017-09-15 |
Server Side Misconfiguration (EMAIL SPOOFING) |
Improper Authentication - Generic |
swag01 |
None |
2017-09-14 |
Email Spoofing - SPF record set to Neutral |
Violation of Secure Design Principles |
ramakanthk35 |
None |
2017-09-06 |
Subdomain take-over of {REDACTED}.18f.gov |
Privilege Escalation |
jackds |
High |
2017-09-06 |
{REDACTED}.data.gov subdomain takeover. |
Violation of Secure Design Principles |
edoverflow |
High |
2017-09-06 |
federalist.18f.gov vulnerable to Sweet32 attack |
Man-in-the-Middle |
r0p3 |
Medium |
2017-09-06 |
Double Stored Cross-Site scripting in the admin panel |
Cross-site Scripting (XSS) - Stored |
sp1d3rs |
Medium |
2017-09-05 |
[IDOR] The authenticated user can restart website build or view build logs on any another Federalist account |
Insecure Direct Object Reference (IDOR) |
sp1d3rs |
Medium |
2017-09-05 |
Race condition on the Federalist API endpoints can lead to the Denial of Service attack |
Violation of Secure Design Principles |
sp1d3rs |
Low |
2017-09-05 |
The user, who was deleted from Github Organization, still can access all functions of federalist, in case he didn't do logout |
Improper Authentication - Generic |
sp1d3rs |
Medium |
2017-09-05 |
The Federalsit session cookie (federalist.sid) is not properly invalidated - backdoor access to the account is possible |
Insufficient Session Expiration |
sp1d3rs |
Low |
2017-09-05 |