sub domains hosted on smartjobboard.com or mysmartjobboard.com are also possible to be claimed #139
Labels
vulnerable
Someone has provided proof in the issue ticket that one can hijack subdomains on this service.
Comments
|
Just confirmed that this works 👍 |
|
Why not you guys updating the list with other vulnerable hosts.
…On Thu, Apr 2, 2020, 4:31 PM proabiral ***@***.***> wrote:
Just confirmed that this works 👍
Thanks for sharing.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#139 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AI56B7FTP54ENJSZWZL2MKLRKRWBFANCNFSM4L2CKC3Q>
.
|
|
Pingdom.com also vulnerable.
https://youtu.be/VuIO1l5RL8k
|
Feel free to create a PR with a link to this issue. That's part of how contributing to this repository works. |
|
As @JLLeitschuh mentioned, please do raise a pull request. @EdOverflow and I are happy to maintain this, but there's a limit to the time that can be invested given the vast number of other projects we both work on. |
EdOverflow
added
the
vulnerable
manasmbellani
pushed a commit
to manasmbellani/subjack
that referenced
this issue
Aug 16, 2020
manasmbellani
pushed a commit
to manasmbellani/subjack
that referenced
this issue
Aug 16, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Service name
smartjobboard.com
mysmartjobboard.com
Proof
go to smartjobboard.com
create a trial account.
settings>System Settings>add your vulnerable domain in column "Custom Domain Name"
Documentation
https://help.smartjobboard.com/en/articles/1269655-connecting-a-custom-domain-name
The text was updated successfully, but these errors were encountered: