what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from C. Schwarz

Kiuwan Local Analyzer / SAST / SaaS XML Injection / XSS / IDOR

Posted Jun 10, 2024

Authored by C. Schwarz | Site sec-consult.com

Kiuwan SAST versions prior to 2.8.2402.3, Kiuwan Local Analyzer versions prior to master.1808.p685.q13371, and Kiuwan SaaS versions prior to 2024-02-05 suffer from XML external entity injection, cross site scripting, insecure direct object reference, and various other vulnerabilities.

tags | exploit, local, vulnerability, xss

advisories | CVE-2023-49110, CVE-2023-49111, CVE-2023-49112, CVE-2023-49113

SHA-256 | 6af5ef942877432434cbf024cf41b29e270c93717f04c0f42c420899c400c4ef

Download | Favorite | View

Skybox Platform 7.0.611 XSS / SQL Injection / Code Execution

Posted Dec 11, 2015

Authored by Kestutis Gudinavicius, M. Heinzl, C. Schwarz | Site sec-consult.com

Skybox Platform versions 7.0.611 and below suffer from code execution, remote SQL injection, cross site scripting, and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, xss, sql injection

SHA-256 | d2a34290d02d3f2013ecd41c823081fe86b61aaf79b73808107e70eb70589040

Download | Favorite | View