Found bugs

Below you will find the list of few bugs I found. (In the middle of time I'll try to update CVE IDs as well...) Maybe you will find it useful:

(...)  

09.04.2021 - FuzzLabs vs Acme CAD Converter 8.9.8.1480
28.03.2021 - FuzzLabs: OpenAPC 5-5.1 (from 0 to RCE)
24.03.2021 - Pentester on the Meeting
30.01.2021 - Crashing ActivePresenter (6.1.6) - (CVE-2021-3375)
20.08.2020 - Postauth RCE in Nagios XI 5.7.2 - (CVE-2020-24899)
25.06.2020 - Postauth SQLi in SiTracker (v3.67 p2)  - (CVE-2020-15308)
03.04.2020 - Postauth SQLi in Centreon (19.10-1el7) - (CVE-2020-22425)
03.04.2020 - Crashing VMPlayer 14
01.04.2020 - Postauth RCE in multiOTP (5.0.4.4)
29.03.2020 - Pentesting Zen Load Balancer - quick tutorial - (CVE-2020-11490, CVE-2020-11491)
26.03.2020 - Postauth RCE in Symantec Web Gateway (5.0.2.8)
18.03.2020 - Postauth RCE in ManageEngine 14
14.03.2020 - Multiple RCE bugs in NagiosXI (5.6.11) - (CVE-2020-22427)
13.03.2020 - Postauth SQLi in latest NagiosXI (5.6.11)
11.03.2020 - Nagios 5.6.11 XSS'd - (CVE-2020-10819, CVE-2020-10820, CVE-2020-10821)
09.03.2020 - RCE in Artica 4.26 - (CVE-2020-10818)
28.02.2020 - Postauth RCE in Centreon 19.10 - part 2
24.02.2020 - Postauth RCE in Centreon 19.10 - (CVE-2020-9463)
15.02.2020 - Exploiting Dolibarr 11 - (CVE-2020-9016)
31.01.2020 - From 0 to 0day - manual approach (Nsauditor 3.0.13)
05.01.2020 - Fax and Scan: from Windows 7(x86) to Windows 10(x64)
31.12.2019 - Postauth RCE in latest Nagios (5.6.9) - (CVE-2019-20197)
30.12.2019 - Multiple XSS bugs in Nagios 5.6.9 - (CVE-2019-20139)
28.12.2019 - Testing SSRF in LiquiFireOS  - (CVE-2019-20055)
20.11.2019 - From 0 to 0day - FreePhotoViewer (CVE-2019-19468)
28.11.2019 - XSS in Oracle EMPS
07.11.2019 - Crashing Logo Designer 3.82 (CVE-2019-18819, CVE-2019-18820, CVE-2019-18821)
05.11.2019 - Crashing HoneyView 5.31
05.11.2019 - Crashing Better JPEG
22.10.2019 - Random bytes in VLC 3.0.8 - (CVE-2019-18278)
21-26.09.2019 - Crashing WebAccess/HMI Designer 2.1.9.31 - (CVE-2019-16899, CVE-2019-16900, CVE-2019-16901
09.09.2019 - Crashing Fortigate VM 6.2.1 - (CVE-2019-17656)
09.09.2019 - Crashing DCISoft 1.21 (CVE-2019-16247)
09.09.2019 - Crashing Omegon Fluid Technology 2
18.07.2019 - XSS in Zurmo CRM (CVE-2019-14472)
18.07.2019 - XSS in TestLink 1.9.19 (CVE-2019-14471)
18.07.2019 - XSS in DokuWiki
17.06.2019 - Unquote path in CA Agents
09.05.2019 - Crashing DeviceNet Builder (CVE-2019-12898, CVE-2019-12899)
09.05.2019 - Unquoted path in ActiveFax Server 6.70
09.05.2019 - Crashing Alternate Pic View (CVE-2019-12893, CVE-2019-12894, CVE-2019-12895)
09.05.2019 - Unquoted path in Lan Messenger
09.05.2019 - Crashing Edraw Max  (CVE-2019-12896, CVE-2019-12897)
21.03.2019 - Crashing XnView (CVE-2019-9965, CVE-2019-9964, CVE-2019-9963, CVE-2019-9962, CVE-2019-9966, CVE-2019-9967, CVE-2019-9968, CVE-2019-9969)
10.02.2019 - RCE in Enterprise VA MAX
31.01.2019 - RCE in Zen Load Balancer - (CVE-2019-7301)
29.01.2019 - RCE in Artica - (CVE-2019-7300)
11.01.2019 - Crashing Zelio Soft 2
31.12.2018 - Reading Foscam (found ~23-25.09.2018)
25.12.2018 - Crashing FantaMorhp
25.12.2018 - Crashing CANOpen Builder
19.12.2018 - Crashing DCISoft
19.12.2018 - Crashing ISPSoft v3.05
07.11.2018 - Crashing LibreCAD (2.1.3) - (CVE-2018-19105)
20.10.2018 - Few XSS bugs in Dolibarr 8.0.2
28.08.2018 -- Crashing FreePlane
15.08.2018 -- Crashing KMPlayer
05.08.2018 -- Updating XnView - (CVE-2018-15174, CVE-2018-15175, CVE-2018-15176)
31.07.2018 -- Crashing nmap 7.70 - (CVE-2018-15173)
29.07.2018 -- Crashing nmap 7.60
10.07.2018 -- Exploiting Monstra CMS 3.0.4
26.06.2018 -- Exploiting CyberArk 10.2.1.603 - (CVE-2018-12903)
25.06.2018 -- Fiddler bug - case 01
25.06.2018 -- Crashing Photoshop CS3
24.06.2018 -- WriteAV / NullPtrDeref for IBM Lotus Notes 8.5
28.05.2018 -- Make free the VLC - (CVE-2018-11516)
29.04.2018 -- Few bugs in latest Nagios XI 5.4.13 - (CVE-2018-10553, CVE-2018-10554)
29.01.2018 -- Post-auth SQL injection in FreePBX - (CVE-2018-6393)
16.01.2018 -- Fuzzing ArcSight 6.x - 01 - ArcSoloBug.exe
12.01.2018 -- Wipe TrendMicro - Deep Discovery Inspector
10.01.2018 -- Few crashes for MS Access 2010/13/16 - (CVE-2018-0903, SecurityFocus
10.01.2018 -- Few crashes - MS Publisher 2010
12.12.2017 -- 'modus operandi' - Piwigo 2.9.2
12.12.2017 -- 'modus operandi' - Horde 5.2.x  - (CVE-2017-17781
05.12.2017 -- 'modus operandi' - GeniXCMS 1.1.5 - (CVE-2017-17431)
20.11.2017 -- RCE via XSS - Horde 5.2.19
16.11.2017 -- More SQL Injections in ManageEngine Applications Manager 13 - (CVE-2017-16543, CVE-2017-16542
05.11.2017 -- SQL Injection in ManageEngine Applications Manager 13 - ([CVE(s): 2017-16846, 2017-16847, 2017-16848, 2017-16849, 2017-16850, 2017-16851]) 
29.10.2017 -- Microsoft Outlook 2016 - RW/RA Crash
25.10.2017 -- Night fuzzing session - Kaspersky10 on Windows 10 - part 2
25.10.2017 -- Patch your Fortinet - CVE-2017-14182
07.09.2017 -- Night fuzzing session - Kaspersky10 on Windows 10
04.09.2017 -- SIGSEGV in Python2.7
17.08.2017 -- RCE in Trend Micro IMSVA 9.1
17.08.2017 -- DEP Violation in IBM Notes 9
17.08.2017 -- ReadAVonIP Crash in IBM Notes9
17.08.2017 -- Read/Write Crash in IBM Notes 9
17.08.2017 -- Read/Write Crash in IBM Notes 9
07.08.2017 -- Microsoft Outlook 2016 - WriteAV
07.08.2017 -- Microsoft Outlook 2010 - Write AV
25.07.2017 -- Read/Write Access Violation - Acunetix - (CVE-2017-11674)
25.07.2017 -- Few bugs in vBulletin 4.2.3 - (CVE-2017-11607)
30.05.2017 -- Exploiting MODX - Bitnami Edition
29.05.2017 -- Multiple crashes in RealPlayer 18.1.7.344 - (CVE-2017-9302)
27.05.2017 -- Exploiting Joomla 3.x - Bitnami Edition
27.05.2017 -- Exploiting DokuWiki - Bitnami Edition
27.05.2017 -- Exploiting Concrete5 CMS 8.1.0 - Bitnami Edition
27.05.2017 -- Divided RealPlayer 16.0.2.32
11.05.2017 -- Exploiting TestLink 1.9.16 - Bitnami Edition
08.05.2017 -- Napalm 2.1 feat. Bitnami
08.05.2017 -- TurnKeyLinux feat. OTRS - (CVE-2017-9299
14.04.2017 - Multiple Crashes in MS Publisher 2010/16 - part 2
11.04.2017 - Multiple Crashes in MS Publisher 2010/16
09.04.2017 -- Multiple Crashes in VLC 2.2.4 - (CVE-2017-9300/CVE-2017-9301
07.04.2017 -- Multiple Crashes in IrfanView 4.44
16.01.2017 -- Bug in ab from Apache 2.2.22
05.01.2017 -- Few bugs in TestLink
08.11.2016 -- Playing Winamp
02.11.2016 -- Divided Paint
29.10.2016 -- HTTP Server fuzzing with Burp
23.10.2016 -- Crash gdb in Kali
16.09.2016 -- SQL injection in latest e107 CMS  - (CVE-2016-10378)
10.09.2016 -- DVL Warmup poc
22.08.2016 -- Testing SQL injections in com_virtuemart 3.0.14  - (CVE-2016-10379)
29.07.2016 -- Exploiting Kali2 - Part 1
19.07.2016 -- Crash in PhotosApp for Windows 8.1
17.07.2016 -- MS Access 2010 - WriteAV Crash
16.07.2016 -- Outlook 2010 - ReadAV Crash
15.07.2016 -- MS Publisher 2010 another crash
14.07.2016 -- Irfan View - Crash - WMA heap crash
14.07.2016 -- Irfan View - Crash - TIFF case
14.07.2016 -- Irfan View - Crash - ANI poc
14.07.2016 -- IrfanView - TIF heap crash
14.07.2016 -- IfranView - msctf!tf_checkthreadinputidle
07.07.2016 -- WriteAV crash in Outlook 2010
05.06.2016 -- NULL ptr in Publisher 2010
27.05.2016 -- IE8 divided by zero
27.05.2016 -- Dos in Publisher #3
26.05.2016 -- Few pocs for IE8
26.05.2016 -- MS Office 2010 - DoS in Publisher - #2
26.05.2016 -- MS Office 2010 - DoS in Publisher


If you're looking for some of my old research feel free to check (my old, closed now) blog - HauntIT.blogspot.com

TBC...


Cheers ;]

Brak komentarzy:

Prześlij komentarz