exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files from Fabian Krone

First Active2019-10-28
Last Active2020-05-01
xt:Commerce 5.4.1 / 6.2.1 / 6.2.2 Improper Access Control
Posted May 1, 2020
Authored by Fabian Krone, Markus Weiler | Site syss.de

xt:Commerce version 5.4.1, 6.2.1, and 6.2.2 suffer from an improper access control vulnerability. A logged-in customer can create and alter addresses. These addresses are referenced by incrementing IDs. On saving an address, an attacker could change the ID of the address to write the data to. If the ID belongs to an address which does not belong to the current logged-in user, every field in the address is set to null. An attacker could use this to null all addresses in a shop.

tags | exploit
advisories | CVE-2020-12101
SHA-256 | f54fc2ef6644a4e641224c9d4bbfedbcbc95e27c9202e6200a1ccd2764b4b697
Download | Favorite | View
Infosysta Jira 1.6.13_J8 User Name Disclosure
Posted Oct 28, 2019
Authored by Erik Steltzner, Sascha Heider, Fabian Krone | Site syss.de

Infosysta Jira version 1.6.13_J8 suffers from a user name disclosure vulnerability.

tags | exploit
advisories | CVE-2019-16907
SHA-256 | 506fa47855ab00052d2c3b374f021b09caf1e85be4e4a010161eed8775c5f5b8
Download | Favorite | View
Infosysta Jira 1.6.13_J8 Project List Authentication Bypass
Posted Oct 28, 2019
Authored by Erik Steltzner, Sascha Heider, Fabian Krone | Site syss.de

Infosysta Jira version 1.6.13_J8 suffers from an authentication bypass vulnerability that allows you to see project lists.

tags | exploit, bypass
advisories | CVE-2019-16908, CVE-2019-16909
SHA-256 | 5759cf071d560c4da28fae8baa88ebacb2d306e5d1cfc0ae9d1a454907d296b8
Download | Favorite | View
Infosysta Jira 1.6.13_J8 Push Notification Authentication Bypass
Posted Oct 28, 2019
Authored by Erik Steltzner, Sascha Heider, Fabian Krone | Site syss.de

Infosysta Jira version 1.6.13_J8 suffers from an authentication bypass vulnerability that allows you to see push notifications for a given user.

tags | exploit, bypass
advisories | CVE-2019-16906
SHA-256 | 01fd0ed65d6bb484afc3a2b833eae1e73bda43947aa08a133d177919fadef778
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close