Hi !

I found a lot of vulnerabilities on your website

:-https://www.demoblaze.com/

1.1 :- VULNERBILITY NAME :- BUSINESS LOGIC

 VULNERBILITY DESCRIPTION :- Business logic

vulnerabilities refer to security flaws that arise due to
improper or incorrect implementation of business logic in
an application. These vulnerabilities are not related to
technical flaws in the code or infrastructure, but rather to
the application's behaviour in response to certain user
input or business rules.

 SEVERITY :- MEDIUM

 STEP TO REPROCUDE :-
 Go to https://www.demoblaze.com/index.html
 Click on Sign up.
 User create without proper validation.

 IMPACT :- This could lead to pre account take over.

1.2 :- WEAK PASSWORDS :- Weak passwords are a significant

vulnerability in the security of computer systems, networks,
and online accounts. A weak password is one that is easy
to guess or crack, and it provides little or no protection
against unauthorized access.
Attackers can use various techniques to crack weak
passwords, such as dictionary attacks, brute-force attacks,
and social engineering. Dictionary attacks involve using a
pre-compiled list of common passwords and attempting each
one until the correct password is found. Brute-force attacks
involve trying all possible combinations of characters until
the correct password is discovered. Social engineering
involves tricking the user into revealing their password
through phishing, pretexting, or other deceptive tactics

 SEVERITY :- MEDIUM

 STEP TO REPROCUDE :-
 Go to https://www.demoblaze.com/index.html
 Click on Sign up
 Fill user name
 Fill password in any format long or short both are
acceptable.
 Login
 POC :-

( Before Login )
 (After Login )

 IMPACT :- Guesses any one your password and also

perform brute-force attack by any one.

 MITIGATION :-

 Websites can enforce password complexity

requirements, such as requiring passwords to be a
minimum length, contain a mix of uppercase and
lowercase letters, and include numbers and special
characters. This can help prevent users from choosing
weak passwords that are easily guessed.
 Password Strength Indicators: Websites can provide
password strength indicators to help users create
stronger passwords. These indicators can display a
rating of the password's strength based on factors such
as length, complexity, and uniqueness.
  Two-Factor Authentication (2FA): Two-factor
authentication can provide an additional layer of
security by requiring users to provide a second factor of
authentication, such as a code sent to their phone or
email, in addition to their password.
 Account Lockout: Websites can implement account
lockout policies that temporarily lock user accounts
after a certain number of failed login attempts. This can
help prevent brute-force attacks that attempt to guess
passwords.
 Password Expiration and Reset: Websites can enforce
password expiration and require users to reset their
passwords periodically. This can help ensure that users
regularly change their passwords and prevent the use of
compromised passwords.
 Password Storage and Encryption: Websites should
store user passwords securely, using strong encryption
and proper key management. Passwords should never
be stored in plain text, and website owners should
follow industry best practices for password storage and
encryption.

1.3 USER NAME ENUMERATION :- Username enumeration is

a vulnerability that occurs when an attacker can determine
valid usernames for a system or service. Attackers can use
username enumeration to gather information about
potential targets and launch further attacks, such as
password guessing or phishing.

 SEVERITY :- MEDIUM
 STEP TO REPROCUDE :-
 Go to https://www.demoblaze.com/index.html
 Click on login
 Type any random username
 Fill any wrong password
 It only saw Wrong password that’s means your
user name is correct

 POC :-

 IMPACT :-

 Increased Risk of Brute-Force Attacks: Once an attacker

has a list of valid usernames, they can use that
information to launch brute-force attacks to guess the
password associated with each account. Brute-force
attacks can be automated, and when successful, they can
 allow an attacker to gain unauthorized access to
systems, applications, or data.
 Account Lockout: In some cases, a system may lock out
an account after a certain number of failed login
attempts. Username enumeration can lead to account
lockouts if an attacker attempts to log in to a large
number of accounts using a list of valid usernames. This
can cause significant inconvenience for legitimate users
who are unable to access their accounts.
 Phishing and Social Engineering: Attackers can use the
information gathered from username enumeration to
craft convincing phishing emails or other social
engineering attacks. For example, they can send an
email that appears to come from a legitimate source and
use the username to make the email more convincing.
This can lead to the user disclosing sensitive
information or clicking on a malicious link.
 Data Breach: If an attacker gains access to a system or
application through a successful brute-force attack, they
may be able to access sensitive data, such as customer
data, financial information, or intellectual property.
This can result in a significant data breach that can
damage the reputation of the organization and result in
financial losses.
 No limitation on passwords when you fill wrong
passwords

 MITIGATION :- To mitigate the risk of username

enumeration, organizations should implement security
controls such as account lockout policies, multi-factor
authentication, and monitoring of login attempts. They
should also educate their users about the risks of social
engineering and phishing attacks and encourage them
to use strong, unique passwords. Regular vulnerability
assessments and penetration testing can also help
 identify and address vulnerabilities, including
username enumeration.

2 :- VULNERBILITY NAME :- CORS(Cross-origin resource

sharing)

 VULNERBILITY DESCRIPTION :- The impact of a CORS

vulnerability depends on the severity of the
vulnerability and the resources accessible to an
attacker. However, potential consequences can include
data theft, data manipulation, privilege escalation, and
unauthorized access to sensitive information.

 SEVERITY :- MEDIUM

 STEP TO REPROCUDE :-
 Go to https://www.demoblaze.com/index.html
 Login
 Using proxy tool like Burp-suite for capturing
request
 I saw Allow-Credentials are true
 Then I change origin Demoblaze.com to Evil.com

 POC :-
 IMPACT :-

 Information Disclosure: An attacker can use a CORS

vulnerability to access sensitive information from a web
application. This information may include
authentication tokens, session cookies, and other
sensitive data that can be used to launch further attacks.
 Unauthorized Data Modification: A CORS vulnerability
can also allow an attacker to modify data in a web
application, which can result in unauthorized changes to
user accounts, transactions, and other data stored in the
application.
 Cross-Site Scripting (XSS) Attacks: Attackers can also
use a CORS vulnerability to launch XSS attacks on a web
application. This can be done by injecting malicious
scripts that can execute in the context of the target
website and steal user data, modify content, or perform
other malicious activities.
  Account Takeover: If an attacker is able to steal
authentication tokens or session cookies, they can use
them to gain access to user accounts and perform
actions on behalf of the legitimate user. This can lead to
data theft, financial fraud, and other malicious activities.
 Reputation Damage: If a website or application is
compromised due to a CORS vulnerability, it can damage
the reputation of the organization and erode user trust.
This can result in financial losses and a loss of business.

 MITIGATION :- To mitigate the risks associated with

CORS vulnerabilities, it is essential to properly configure
and implement CORS on the web server. The server
should only allow cross-origin requests from trusted
domains, and the response headers should be
configured to restrict the types of requests that are
allowed. Additionally, web developers should always
consider the security implications of third-party APIs
and libraries that they integrate into their applications.
Regular vulnerability assessments and penetration
testing can also help identify and address CORS-related
issues.

3 :- VULNERBILITY NAME :- PROTO-TYPE POLLUTION

VULNERBILITY DESCRIPTION :- Prototype Pollution is a type of

vulnerability that can occur in JavaScript applications. It happens
when an attacker is able to modify the prototype of an object,
which can result in unexpected behavior or even a security breach.
In JavaScript, objects are created using prototypes, which define
the properties and methods of the object. An attacker can exploit a
vulnerability in an application that allows them to modify the
prototype of an object, leading to unexpected behavior or even a
security breach and it’s CVE number – 2019-11358

 SEVERITY :- MEDIUM

 STEP TO REPROCUDE :-
 Go to Go to
https://www.demoblaze.com/index.html
 Login
 Use DOM invader extension and you can also try
manually
 Then you show pop-up notice

 POC :-

- Pop-up Image
 - Pop-up Image

 IMPACT :-

 Unauthorized Access to Data: An attacker can use a

Prototype Pollution vulnerability to modify the
properties and methods of an object, potentially
leading to unauthorized access to sensitive data.
For example, an attacker can add a new property to
an object that contains sensitive data, allowing
them to steal that data.
 Remote Code Execution: In some cases, an attacker
can use a Prototype Pollution vulnerability to
execute arbitrary code on the target system. This
can be done by modifying the prototype of a built-
in object, such as the Object or Array objects, and
then using that object to execute code.
 Application Crashes: Prototype Pollution can also
lead to application crashes and instability. For
 example, an attacker can modify the prototype of
an object in a way that causes the application to
crash when it tries to access that object.
 Data Corruption: If an attacker modifies the
prototype of an object that is used to store data,
they can potentially corrupt that data or cause it to
be processed incorrectly.
 Reputation Damage: If a JavaScript application is
compromised due to a Prototype Pollution
vulnerability, it can damage the reputation of the
organization and erode user trust. This can result
in financial losses and a loss of business.

 MITIGATION :- To mitigate the risks associated with

Prototype Pollution vulnerabilities, it is essential to
follow secure coding practices and implement proper
input validation and sanitization in the application.
Libraries and frameworks used in the application
should also be kept up-to-date to ensure that any known
vulnerabilities are addressed. Additionally, regular
security assessments and penetration testing can help
identify and address potential vulnerabilities, including
Prototype Pollution.