what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Andreas Kolbeck

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download

Posted Nov 14, 2024

Authored by Andreas Kolbeck, Steffen Robertz | Site sec-consult.com

Siemens Energy Omnivise T3000 version 8.2 SP3 suffers from local privilege escalation, cleartext storage of passwords in configuration and log files, file system access allowing for arbitrary file download, and IP whitelist bypass.

tags | exploit, arbitrary, local

advisories | CVE-2024-38876, CVE-2024-38877, CVE-2024-38878, CVE-2024-38879

SHA-256 | f3ace4f4cb5b84a560a9593357976ec236f7e116327a16dffefa142cb8440217

Download | Favorite | View

LimeSurvey 3.17.13 Cross Site Scripting

Posted Sep 12, 2019

Authored by Andreas Kolbeck, David Haintz | Site sec-consult.com

LimeSurvey versions 3.17.13 and below suffer from reflective and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

advisories | CVE-2019-16172, CVE-2019-16173

SHA-256 | 573baf1603249a448f854d8c59cc5938e7334c20fe44126259027c9914a5cfd5

Download | Favorite | View