Ok. Here we go again... During last few days after I had a pleasure to received some 'results' from CVE Team (1,2,3). I decided that it should be good ('enough';]) idea to create a small 'poc script' (again) to automate a little bit the process of 'finding bugs' (for example: like those mentioned in CVE's reference(s)). Below you will find few details collected after few days of 'research' and pinging the Vendors...
czwartek, 30 listopada 2017
poniedziałek, 20 listopada 2017
RCE via XSS - Horde 5.2.19
This time I
decided to sit for a while with Horde Groupware (5.2.19). “Ready to go” virtual
machine we can find at Bitnami’s webpage (big thanks!) so using for example
VirtualBox – you can set all things up very quickly. Below you will find few
publicly disclosed bugs found during last few days...
piątek, 17 listopada 2017
Friday surprise from Kali.org
Standard friday evening... checking some twitter and news at net... and then I found...
czwartek, 16 listopada 2017
More SQL Injections in ManageEngine Applications Manager 13
Last time we saw few bugs found in latest ManageEngine Applications Manager 13. Today I decided to publish another 6 (so called ;] '0day') exploits (found between 6-7.11.2017). Details below...
niedziela, 5 listopada 2017
SQL Injection in ManageEngine Applications Manager 13
This morning I decided to start some new "challenge" related to webapp pentesting. That's how I found latest version of ManageEngine Applications Manager.(You can grab a copy here.) Below you will find some 'results'...
Subskrybuj:
Posty (Atom)