Project

General

Profile

Activity

From 16/04/2024 to 25/04/2024

25/04/2024

11:59 PM Bug #74 (Resolved): [Security Audit ] 9- Improper Input Validation
Karthik Daram
11:58 PM Bug #78 (Resolved): [Security Audit ] 13 -Aadhaar is Not Encrypted in Transit
Karthik Daram
11:55 PM Bug #90 (Resolved): [Security Audit ] 25- Logout Functionality Not Implemented
Karthik Daram
11:54 PM Bug #86 (Resolved): [Security Audit ] 21 -Insufficient Anti-Automation
Karthik Daram
11:52 PM Bug #72 (Resolved): [Security Audit ] 7- Framework Obsolete Version in usage
Vasudev Mamidi
11:51 PM Bug #79 (Resolved): [Security Audit ] 14 -Improper Session Management / Session Expiration too longer
Vasudev Mamidi
11:49 PM Bug #89 (Resolved): [Security Audit ] 24- Improper Error Handling
Vasudev Mamidi
11:48 PM Bug #93 (Resolved): [Security Audit ] 28- Technology/Version Disclosure
Vasudev Mamidi
11:48 PM Bug #94 (Resolved): [Security Audit ] 29 -Clickjacking Attack
Vasudev Mamidi
11:47 PM Bug #95 (Resolved): [Security Audit ] 30- Port misconfiguration
Vasudev Mamidi
12:48 PM Feature #111 (New): [LAB] Dashboard Page UX design
Create a new UX design for dashboard Page for Laboratory Module.
Once the user with Lab role login to system, Lab da... Srusvin Loka
12:21 AM Feature #111: [LAB] Dashboard Page UX design
!clipboard-202404251251-jmn2s.png!
 Srusvin Loka
12:45 PM Feature #110 (New): [LAB] Laboratory OP Module
Please create a module for the Lab Outpatient. Srusvin Loka
03:30 AM Bug #81 (Resolved): [Security Audit ] 16- Weak Password Policy
Kranti Boddu
03:30 AM Bug #66 (Resolved): [Security Audit ] 1- Privilege Escalation
Kranti Boddu
03:30 AM Bug #68 (Resolved): [Security Audit ] 3-Broken Access Control
Kranti Boddu

24/04/2024

01:26 PM Bug #107 (Closed): To stop the bot attack added captch in ui
Vasudev Mamidi
12:57 AM Bug #107 (In Progress): To stop the bot attack added captch in ui
Vasudev Mamidi
01:14 PM Bug #106 (Closed): Nationalid details encription from backend
Vasudev Mamidi
12:54 AM Bug #106 (Resolved): Nationalid details encription from backend
Vasudev Mamidi
01:01 AM Bug #84 (Resolved): [Security Audit ]19- Client side bypass / Improper server side validation
Vasudev Mamidi
01:01 AM Bug #87 (Resolved): [Security Audit ] 22 -Security headers are not Implemented
Vasudev Mamidi
01:01 AM Bug #92 (Resolved): [Security Audit ] 27 -Sensitive Data Passed Through URL Parameters
Vasudev Mamidi
12:59 AM Bug #91 (Resolved): [Security Audit ] 26 -Cross-Site Request Forgery (CSRF)
Vasudev Mamidi
12:53 AM Bug #79 (In Progress): [Security Audit ] 14 -Improper Session Management / Session Expiration too longer
Vasudev Mamidi
12:53 AM Bug #73 (In Progress): [Security Audit ] 8- Insecure Direct Object Reference (IDOR)
Vasudev Mamidi
12:52 AM Bug #72 (Feedback): [Security Audit ] 7- Framework Obsolete Version in usage
Vasudev Mamidi
12:49 AM Bug #69 (Resolved): [Security Audit ] 4- User Account Takeover
Vasudev Mamidi
12:06 AM Bug #69 (In Progress): [Security Audit ] 4- User Account Takeover
Pavan kumar Siddamsetti
12:49 AM Bug #70 (Resolved): [Security Audit ] 5 -Failed Defences Against Application Misuse
Vasudev Mamidi
12:06 AM Bug #70 (In Progress): [Security Audit ] 5 -Failed Defences Against Application Misuse
Pavan kumar Siddamsetti
12:48 AM Bug #67 (In Progress): [Security Audit ] 2-Insecure Data Storage
Vasudev Mamidi
12:46 AM Bug #85 (Resolved): [Security Audit ] 20- Cross Origin Resource Sharing (CORS) Misconfiguration
Vasudev Mamidi
12:46 AM Bug #76 (Resolved): [Security Audit ] 11- OTP Flooding
Vasudev Mamidi
12:46 AM Bug #77 (Closed): [Security Audit ] 12- OTP Bypass
Vasudev Mamidi
12:45 AM Bug #82 (Closed): [Security Audit ]17 - OTP Bruteforce
Vasudev Mamidi

23/04/2024

11:15 PM Bug #88 (Resolved): [Security Audit ] 23- Email addresses disclosed
Uma Maheswarachari Melpati
02:08 AM Bug #88 (In Progress): [Security Audit ] 23- Email addresses disclosed
Deepika Valluri
03:48 AM Bug #71 (Resolved): [Security Audit ] 6- Unrestricted File Upload
Karthik Daram
03:47 AM Bug #83 (Resolved): [Security Audit ]18- Application Logic Bypass
Karthik Daram
03:02 AM Bug #96 (Resolved): [Security Audit ] 31 -Username and Password field with auto-complete
Uma Maheswarachari Melpati
02:15 AM Bug #75 (In Progress): [Security Audit ]10 -Sensitive Information Disclosure
Deepika Valluri
02:15 AM Bug #74 (In Progress): [Security Audit ] 9- Improper Input Validation
Deepika Valluri
02:07 AM Bug #89 (In Progress): [Security Audit ] 24- Improper Error Handling
Deepika Valluri

22/04/2024

05:22 AM Bug #80 (In Progress): [Security Audit ] 15- Insufficient Aadhaar Verification
Vasudev Mamidi

21/04/2024

09:30 PM Bug #68 (In Progress): [Security Audit ] 3-Broken Access Control
Kranti Boddu
08:44 PM Bug #87 (In Progress): [Security Audit ] 22 -Security headers are not Implemented
Pavan kumar Siddamsetti
08:44 PM Bug #92 (In Progress): [Security Audit ] 27 -Sensitive Data Passed Through URL Parameters
Pavan kumar Siddamsetti
08:17 PM Bug #66 (In Progress): [Security Audit ] 1- Privilege Escalation
Kranti Boddu

17/04/2024

10:47 PM Bug #90 (In Progress): [Security Audit ] 25- Logout Functionality Not Implemented
Karthik Daram
04:08 PM Bug #90 (Closed): [Security Audit ] 25- Logout Functionality Not Implemented
25 -Logout Functionality Not Implemented
CWE : CWE-1028
Description :
Logout functionality has not been implement... Kalyan Battula
10:46 PM Bug #83 (In Progress): [Security Audit ]18- Application Logic Bypass
Karthik Daram
10:43 PM Bug #83 (Resolved): [Security Audit ]18- Application Logic Bypass
Karthik Daram
10:32 PM Bug #83 (In Progress): [Security Audit ]18- Application Logic Bypass
Karthik Daram
04:00 PM Bug #83 (Closed): [Security Audit ]18- Application Logic Bypass
18- Application Logic Bypass
CWE : CWE-840
Description :
The application does not perform or incorrectly performs... Kalyan Battula
10:06 PM Bug #96 (In Progress): [Security Audit ] 31 -Username and Password field with auto-complete
Karthik Daram
04:17 PM Bug #96 (Closed): [Security Audit ] 31 -Username and Password field with auto-complete
31- Username and Password field with auto-complete
CWE : CWE-16
Description :
The Web form contains passwords or ... Kalyan Battula
04:14 PM Bug #95 (Closed): [Security Audit ] 30- Port misconfiguration
30 -Port misconfiguration
CWE : CWE-16
Description :
During the security audit it was observed that the applicati... Kalyan Battula
04:13 PM Bug #94 (Closed): [Security Audit ] 29 -Clickjacking Attack
29- Clickjacking Attack
CWE : CWE-1021
Description :
Clickjacking is a malicious technique of tricking a Web user... Kalyan Battula
04:11 PM Bug #93 (Closed): [Security Audit ] 28- Technology/Version Disclosure
28- Technology/Version Disclosure
CWE : CWE-200
Description :
The HTTP responses returned by this web application... Kalyan Battula
04:10 PM Bug #92 (Closed): [Security Audit ] 27 -Sensitive Data Passed Through URL Parameters
27- Sensitive Data Passed Through URL Parameters
CWE : CWE-598
Description :
The web application uses the HTTP GE... Kalyan Battula
04:09 PM Bug #91 (Closed): [Security Audit ] 26 -Cross-Site Request Forgery (CSRF)
26- Cross-Site Request Forgery (CSRF)
CWE : CWE-352
Description :
Cross-Site Request Forgery (CSRF) is an attac... Kalyan Battula
04:07 PM Bug #89 (Closed): [Security Audit ] 24- Improper Error Handling
24- Improper Error Handling
CWE : CWE-388
Description :
Application discloses various error messages including st... Kalyan Battula
04:06 PM Bug #88 (Closed): [Security Audit ] 23- Email addresses disclosed
23 -Email addresses disclosed
CWE : CWE-200
Description :
email addresses of developers and other individuals (wh... Kalyan Battula
04:05 PM Bug #87 (Closed): [Security Audit ] 22 -Security headers are not Implemented
22- Security headers are not Implemented
CWE : CWE-16
Description :
Modern browsers support many HTTP headers tha... Kalyan Battula
04:03 PM Bug #86 (Closed): [Security Audit ] 21 -Insufficient Anti-Automation
21- Insufficient Anti-Automation
CWE : CWE-799
Description :
Insufficient Anti-automation is when a web site perm... Kalyan Battula
04:02 PM Bug #85 (Closed): [Security Audit ] 20- Cross Origin Resource Sharing (CORS) Misconfiguration
20- Cross Origin Resource Sharing (CORS) Misconfiguration
CWE : CWE-642
Description :
The application implements ... Kalyan Battula
04:01 PM Bug #84 (Closed): [Security Audit ]19- Client side bypass / Improper server side validation
19- Client side bypass / Improper server side validation
CWE : CWE-602
Description :
The software is composed of ... Kalyan Battula
05:01 AM Bug #84 (In Progress): [Security Audit ]19- Client side bypass / Improper server side validation
Harish Beechani
03:59 PM Bug #82 (Closed): [Security Audit ]17 - OTP Bruteforce
17 - OTP Bruteforce
CWE : CWE-799
Description :
Application allows users to submit multiple wrong OTPs which lead... Kalyan Battula
04:21 AM Bug #82 (In Progress): [Security Audit ]17 - OTP Bruteforce
Harish Beechani
03:58 PM Bug #81 (Closed): [Security Audit ] 16- Weak Password Policy
16- Weak Password Policy
CWE : CWE-521
Description :
A weak password policy leaves sensitive data vulnerable to ... Kalyan Battula
05:38 AM Bug #81 (In Progress): [Security Audit ] 16- Weak Password Policy
Kranti Boddu
03:56 PM Bug #80 (Closed): [Security Audit ] 15- Insufficient Aadhaar Verification
15 -Insufficient Aadhaar Verification
CWE : CWE-20
Description :
Application is not verifying the aadhaar number ... Kalyan Battula
03:55 PM Bug #79 (Closed): [Security Audit ] 14 -Improper Session Management / Session Expiration too longer
14- Improper Session Management / Session Expiration too longer
CWE : CWE-613
Description :
In this application a... Kalyan Battula
03:53 PM Bug #78 (Closed): [Security Audit ] 13 -Aadhaar is Not Encrypted in Transit
13 -Aadhaar is Not Encrypted in Transit
CWE : CWE-311
Description :
The software transmits sensitive or security... Kalyan Battula
04:24 AM Bug #78 (In Progress): [Security Audit ] 13 -Aadhaar is Not Encrypted in Transit
Harish Beechani
03:51 PM Bug #77 (Closed): [Security Audit ] 12- OTP Bypass
12 -OTP Bypass
CWE : CWE-287
Description :
In this application OTP is disclosed in response.
Affected Path(s) : ... Kalyan Battula
03:49 PM Bug #76 (Closed): [Security Audit ] 11- OTP Flooding
11- OTP Flooding
CWE : CWE-770
Description :
This attack consists of generation of large number of OTP requests t... Kalyan Battula
03:46 PM Bug #75 (Closed): [Security Audit ]10 -Sensitive Information Disclosure
10- Sensitive Information Disclosure
CWE : CEW-200
Description :
Information disclosure, also known as informat... Kalyan Battula
03:44 PM Bug #74 (Closed): [Security Audit ] 9- Improper Input Validation
9- Improper Input Validation
CWE : CWE-20
Description :
The product receives input or data, but it does not valid... Kalyan Battula
03:43 PM Bug #73 (Closed): [Security Audit ] 8- Insecure Direct Object Reference (IDOR)
8- Insecure Direct Object Reference (IDOR)
CWE : CWE-639
Description :
An indirect object reference is likely t... Kalyan Battula
03:41 PM Bug #72 (Closed): [Security Audit ] 7- Framework Obsolete Version in usage
7 Framework Obsolete Version in usage
CWE : CWE-1035
Description :
It is observed that java spring boot older ve... Kalyan Battula
03:39 PM Bug #71 (Closed): [Security Audit ] 6- Unrestricted File Upload
6- Unrestricted File Upload
CWE : CWE-434
Description :
The application fails to restrict the file types that the... Kalyan Battula
03:37 PM Bug #70 (Closed): [Security Audit ] 5 -Failed Defences Against Application Misuse
5 -Failed Defences Against Application Misuse
CWE : CWE-841
Description :
The misuse and invalid use of valid fu... Kalyan Battula
03:36 PM Bug #69 (Closed): [Security Audit ] 4- User Account Takeover
4- User Account Takeover
CWE : CWE-285
Description :
The software does not perform or incorrectly performs an aut... Kalyan Battula
03:33 PM Bug #68 (Closed): [Security Audit ] 3-Broken Access Control
Broken Access Control
CWE : CWE-425
Description :
The application allows an unauthenticated user to access the pa... Kalyan Battula
03:29 PM Bug #67 (In Progress): [Security Audit ] 2-Insecure Data Storage
Insecure Data Storage
CWE : CWE-312
Description :
Insecure data storage vulnerabilities occur when development te... Kalyan Battula
03:24 PM Bug #66 (Closed): [Security Audit ] 1- Privilege Escalation
Privilege Escalation
CWE : CWE-269
Description :
Access control (or authorization) is the application of constr... Kalyan Battula
03:04 PM Feature #65 (New): Security Audit

List of Security Audit issues Kalyan Battula
 

Also available in: Atom