Page 1 of 1
Can't Reproduce Vulnerability
Posted: Tue Jul 10, 2018 9:36 am
by ruisilva2015
Hi
May i know the reason why these two reports : 64327 and 643262 are marked as Can't Reproduce vulnerability?
I just tested right now , and i can reproduce vulnerabilities.
Waiting response
Thanks
Re: Can't Reproduce Vulnerability
Posted: Tue Jul 10, 2018 11:45 am
by x1admin
ruisilva2015 wrote: ↑Tue Jul 10, 2018 9:36 am
Hi
May i know the reason why these two reports : 64327 and 643262 are marked as Can't Reproduce vulnerability?
I just tested right now , and i can reproduce vulnerabilities.
Waiting response
Thanks
64327 no alert
643262 we don't have credentials for this website and can't check vulnerability
Re: Can't Reproduce Vulnerability
Posted: Tue Jul 10, 2018 2:17 pm
by ruisilva2015
Are you sure, can you check again on 64327?
It works for me
Wait some second before
Thanks
Re: Can't Reproduce Vulnerability
Posted: Tue Jul 10, 2018 2:30 pm
by ruisilva2015
Can i re submit again?
Maybe was an mistake of me or something
Re: Can't Reproduce Vulnerability
Posted: Wed Jul 11, 2018 7:06 am
by x1admin
ruisilva2015 wrote: ↑Tue Jul 10, 2018 2:30 pm
Can i re submit again?
Maybe was an mistake of me or something
check report id
64327 looks like you have mistake here
Re: Can't Reproduce Vulnerability
Posted: Thu Jul 12, 2018 10:31 pm
by ruisilva2015
Hi there
I have report 4 vulns yesterday day 12
All of them was marked as Can't Reproduce Vulnerability but they all are vulnerable
IDS:
646008
645999
645673
645663
I tested it now , and they all work, maybe i put wrong payload in one of them , but i can get alert in all
Please can you re-test or say reason why you can't reproduce?
Thanks
Re: Can't Reproduce Vulnerability
Posted: Fri Jul 13, 2018 7:07 am
by x1admin
ruisilva2015 wrote: ↑Thu Jul 12, 2018 10:31 pm
Hi there
I have report 4 vulns yesterday day 12
All of them was marked as Can't Reproduce Vulnerability but they all are vulnerable
IDS:
646008
645999
645673
645663
I tested it now , and they all work, maybe i put wrong payload in one of them , but i can get alert in all
Please can you re-test or say reason why you can't reproduce?
Thanks
we don't accept sql injections
Re: Can't Reproduce Vulnerability
Posted: Fri Jul 13, 2018 8:36 am
by ruisilva2015
They are not SQL injections, they are XSS, I can get in all of them alerts, but some of them get also SQL Injection Error
Just as example on report with ID: 646008 :
https://ibb.co/ns0n1o
You can see SQL error , but vulnerable parameter is lang= , and alert is possible. I think this is an XSS vulnerability
Others it's same , and some of them don't display SQL error and has been marked as Can't Reproduce vulnerability
Waiting response
Cheers
Re: Can't Reproduce Vulnerability
Posted: Sat Jul 14, 2018 12:34 am
by GordSchramm
x1admin wrote: ↑Fri Jul 13, 2018 7:07 am
ruisilva2015 wrote: ↑Thu Jul 12, 2018 10:31 pm
Hi there
I have report 4 vulns yesterday day 12
All of them was marked as Can't Reproduce Vulnerability but they all are vulnerable
IDS:
646008
645999
645673
645663
I tested it now , and they all work, maybe i put wrong payload in one of them , but i can get alert in all
Please can you re-test or say reason why you can't reproduce?
Thanks
we don't accept sql injections
This is what I was trying to say in this thread:
viewtopic.php?f=5&t=803
Re: Can't Reproduce Vulnerability
Posted: Sat Jul 14, 2018 7:37 am
by ruisilva2015
Okay
now i understand
Cheers