Showing 1 - 9 of 9

Files from Christian Catalano

SonarQube Jenkins Password Disclosure: Posted Aug 13, 2016; Authored by Christian Catalano, Rv3Lab; The SonarQube Jenkins plugin in Jenkins CI suffers from a plain text password disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2013-5676; SHA-256 | 127c8c86b8c0bf44289f1b21f47a30d02721a2459668e7f5692d4d16b1178397; Download | Favorite | View

ColoradoFTP 1.3 Prime Edition (Build 8) Directory Traversal: Posted Aug 12, 2016; Authored by Christian Catalano, Rv3Lab, Marco Fornaro; ColoradoFTP version 1.3 Prime Edition (Build 8) suffers from a directory traversal vulnerability.; tags | exploit, file inclusion; SHA-256 | 91283725e1f5776a707996847385b3c798b3049566679412587c14ff20c727a7; Download | Favorite | View

Oliver 1.3.0 / 1.3.1 Cross Site Scripting: Posted Apr 19, 2016; Authored by Christian Catalano, Rv3Lab, Massimo Piccinno; Oliver versions 1.3.0 and 1.3.1 suffer from reflective cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2014-2710; SHA-256 | 432496911f1411e7822f0277e55dc6ffd1625b86f2ba47830b95a792365b7b98; Download | Favorite | View

SpagoBI 4.0 Cross Site Scripting / Shell Upload: Posted Mar 2, 2014; Authored by Christian Catalano; SpagoBI version 4.0 suffers from cross site scripting and arbitrary file upload vulnerabilities. The file upload issue could possibly lead to code execution.; tags | exploit, arbitrary, vulnerability, code execution, xss, file upload; advisories | CVE-2013-6234; SHA-256 | a473d04492ed0ca46728806a232c7a6ee98f70e5940464e4217b27d3d8c8a651; Download | Favorite | View

SpagoBI 4.0 HTML Injection: Posted Mar 2, 2014; Authored by Christian Catalano; SpagoBI version 4.0 suffers from an HTML injection vulnerability.; tags | exploit; advisories | CVE-2013-6233; SHA-256 | b8ca2e456b6ec5e643124527c4b74faae73a8dcad1893f8c1471c09a33533b6f; Download | Favorite | View

SpagoBI 4.0 Stored Cross Site Scripting: Posted Mar 2, 2014; Authored by Christian Catalano; SpagoBI version 4.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2013-6232; SHA-256 | 8d2851f9ad8e9898fb04e583d9b3ed25ef61555335668592cc857b8a3fb00edd; Download | Favorite | View

SpagoBI 4.0 Privilege Escalation: Posted Feb 28, 2014; Authored by Christian Catalano; SpagoBI version 4.0 suffers from an administrative privilege escalation vulnerability.; tags | exploit; advisories | CVE-2013-6231; SHA-256 | 08879394f05ec3888c94bd4b06561081d45aa1549a6e63d70b7be33bbcfe4f7f; Download | Favorite | View

JAMon 2.7 Cross Site Scripting: Posted Jan 24, 2014; Authored by Christian Catalano; JAMon version 2.7 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2013-6235; SHA-256 | 05d3cecf7d59ce888a09043a4aa1af1988abd9d302ed9dd5da80c76ff2e50e0a; Download | Favorite | View

Jenkins CI 1.523 Persistent Script Insertion: Posted Dec 19, 2013; Authored by Christian Catalano; Jenkins CI version 1.523 has a default markup formatter that permits offsite-bound forms. This vulnerability could be exploited by a remote attacker (a malicious user) to inject malicious persistent HTML script code (application side) and in turn perform a cross site scripting attack.; tags | exploit, remote, xss; advisories | CVE-2013-5573; SHA-256 | 5764f0eb1aedc4495f9f0a84672d7a2996fc96b4c3ea9d658bcea48cd425c6bf; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days