what you don't know can hurt you
Showing 1 - 25 of 26 RSS Feed

Files from Martin Heiland

Email addressmartin.heiland at open-xchange.com
First Active2014-09-15
Last Active2021-01-08
OX App Suite / OX Documents 7.10.x XSS / SSRF
Posted Jan 8, 2021
Authored by Martin Heiland, notoriousrip, Stuart Redman

OX App Suite and OX Documents suffer from server-side request forgery and multiple cross site scripting vulnerabilities. Various versions are affected including 7.10.4 and 7.10.3.

tags | exploit, vulnerability, xss
advisories | CVE-2020-24700, CVE-2020-24701
MD5 | 2fbb089c8daa5ef915d9f746ea2a73a4
Download | Favorite | View
OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery
Posted Oct 19, 2020
Authored by Martin Heiland, Zeeshan Khalid, Sreejith Krishnan R, MOGWAI LABS, notoriousrip

OX App Suite and OX Documents versions 7.10.3 and some prior versions suffer from information exposure, server-side request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-15002, CVE-2020-15003, CVE-2020-15004
MD5 | a516b6243bb0f374586eb83076157208
Download | Favorite | View
OX App Suite / OX Documents XSS / SSRF / Bypass
Posted Aug 21, 2020
Authored by Martin Heiland

OX App Suite and OX Documents suffer from access control bypass, cross site scripting, and improper input validation vulnerabilities. Multiple version ranges are affected.

tags | exploit, vulnerability, xss, bypass
advisories | CVE-2020-12643, CVE-2020-12644, CVE-2020-12645, CVE-2020-12646, CVE-2020-8542
MD5 | ab797e28a3a58caa12fe105e311a7704
Download | Favorite | View
OX Guard 2.10.3 Cross Site Scripting / Server-Side Request Forgery
Posted Jun 12, 2020
Authored by Martin Heiland

OX Guard version 2.10.3 suffers from server-side request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-9426, CVE-2020-9427
MD5 | fbb358adaf8635397a48eb79a5b0cf1a
Download | Favorite | View
OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
Posted Jun 12, 2020
Authored by Martin Heiland, Johannes Moritz, zee_shan, chbi, Hasan Ali

OX App Suite and OX Documents versions 7.10.3 and below suffer from server-side request forgery, cross site scripting, improper parameter validation, and XML injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-18846, CVE-2020-8541, CVE-2020-8542, CVE-2020-8543, CVE-2020-8544
MD5 | e2537f0ecbd0317d3b111655ee78f0de
Download | Favorite | View
Open-Xchange App Suite / Documents Server-Side Request Forgery
Posted Feb 21, 2020
Authored by Martin Heiland

Open-Xchange App Suite and Documents versions 7.10.2 and below suffer from multiple server-side request forgery vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-18846, CVE-2019-9853
MD5 | 43acfce60891d606ddbc7bb9726ef5ad
Download | Favorite | View
OX App Suite 7.10.2 Cross Site Scripting / Improper Access Control
Posted Jan 2, 2020
Authored by Martin Heiland

Open-Xchange App Suite versions 7.10.2 and below suffer from cross site scripting and improper access control vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-16716, CVE-2019-16717
MD5 | e0efb2989e7241b1f05cf48ea022f5f7
Download | Favorite | View
Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls
Posted Oct 14, 2019
Authored by MantiS, Martin Heiland, Michael Medvedev, Manas Gupta, hd7exploit

Various Open-Xchange OX App Suite versions suffer from server-side request forgery, cross site scripting, information disclosure, and improper access control vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2019-14225, CVE-2019-14226, CVE-2019-14227
MD5 | bfbf59df0658a611dc03b03bbb86a669
Download | Favorite | View
Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
Posted Aug 16, 2019
Authored by Martin Heiland, zee_shan

Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability.

tags | exploit, spoof, vulnerability, xss, info disclosure
advisories | CVE-2019-11521, CVE-2019-11522, CVE-2019-11806
MD5 | e4f984f70b4911993c1fb35b6018270a
Download | Favorite | View
Open-Xchange OX Guard Cross Site Scripting / Signature Validation
Posted Aug 16, 2019
Authored by Hanno Boeck, Juraj Somorovsky, Martin Heiland, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Jens Muller, Marcus Brinkmann

Open-Xchange OX Guard versions 7.10.2 and below suffer from a cross site scripting vulnerability. Open-Xchange OX Guard versions 7.10.1 and below, 2.10.2 and below suffer from a signature validation vulnerability.

tags | exploit, xss
advisories | CVE-2018-9997, CVE-2019-11521
MD5 | 8a4509aba45a3f48bf32078dfdbc3fd1
Download | Favorite | View
Open-Xchange AppSuite 7.10.1 Information Disclosure / Improper Access Control
Posted Apr 5, 2019
Authored by Martin Heiland

Open-Xchange AppSuite versions 7.10.1 and below suffer from information exposure and improper access control vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2019-7158, CVE-2019-7159
MD5 | 49339a0d35cc917c045e135d1d0cc7bf
Download | Favorite | View
Open-Xchange OX App Suite Cross Site Scripting / SSRF
Posted Jan 21, 2019
Authored by Martin Heiland, Secator, Zhihua Yao, stemcloud, Gamal negm eldin

Open-Xchange OX App Suite suffers from cross site scripting and server-side request forgery vulnerabilities. The vulnerabilities spawn a multitude of versions.

tags | exploit, vulnerability, xss
advisories | CVE-2018-13103, CVE-2018-13104
MD5 | 0f83a06f2870765960fa46b3d0ee12cc
Download | Favorite | View
OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal
Posted Jun 8, 2018
Authored by Martin Heiland

OX App Suite versions 7.8.4 and below suffer from cross site scripting, improper privilege management, content spoofing, server-side request forgery, and path traversal vulnerabilities.

tags | exploit, spoof, vulnerability, xss
advisories | CVE-2017-17062, CVE-2018-5751, CVE-2018-5752, CVE-2018-5753, CVE-2018-5754, CVE-2018-5755, CVE-2018-5756
MD5 | 17c9e0a5fb461f27f24ee61b974f87d2
Download | Favorite | View
Open-Xchange Guard 2.4.2 Cross Site Scripting
Posted Sep 13, 2016
Authored by Martin Heiland, Benjamin Daniel Mussler

Open-Xchange Guard versions 2.4.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-6851, CVE-2016-6853, CVE-2016-6854
MD5 | d44f33ba21304aefcec92be18ae9b028
Download | Favorite | View
Open-Xchange App Suite 7.8.2 Cross Site Scripting
Posted Sep 13, 2016
Authored by Martin Heiland

Open-Xchange App Suite versions 7.8.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-5740
MD5 | 7a2af6d51c5db2a16311fd0e0642821d
Download | Favorite | View
Open-Xchange App Suite 7.8.1 Cross Site Scripting
Posted Jul 13, 2016
Authored by Martin Heiland

Open-Xchange App Suite version 7.8.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-5124
MD5 | d60a7f33ad89664b8be9155ff78dc07f
Download | Favorite | View
Open-Xchange App Suite 7.8.1 Information Disclosure
Posted Jun 22, 2016
Authored by Martin Heiland

Open-Xchange App Suite versions 7.8.1 and below suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2016-4027
MD5 | 910936d4615de9cca8522b94efda498b
Download | Favorite | View
Open-Xchange Guard 2.2.0 / 2.0 Private Key Disclosure
Posted Mar 3, 2016
Authored by Martin Heiland

Open-Xchange Guard versions 2.2.0 and 2.0 suffer from a PGP private key disclosure vulnerability.

tags | advisory, info disclosure
advisories | CVE-2015-8542
MD5 | f0c1c9f01b082805ec57a6b902c849e6
Download | Favorite | View
Open-Xchange Guard 2.0 Cross Site Scripting
Posted Nov 17, 2015
Authored by Martin Heiland, Eduard Hauck

Open-Xchange Guard version 2.0 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-7385
MD5 | 7bcf96196babe6f26d2f7cccfa2c4dd3
Download | Favorite | View
Open-Xchange Server 6 / OX AppSuite Cross Site Scripting
Posted Sep 23, 2015
Authored by Martin Heiland

Open-Xchange Server 6 version 6.22.9 and AppSuite versions 7.6.2 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2015-5375
MD5 | 99dde2180ecb64791f723bcd32efcafa
Download | Favorite | View
Guard 2.0.0-rev7 SQL Injection
Posted Sep 23, 2015
Authored by Martin Heiland

Guard versions 2.0.0-rev7 and below suffer from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection
advisories | CVE-2015-5703
MD5 | 7181ab5f46a2f86c4174378b16b57a6d
Download | Favorite | View
Open-Xchange Server 6 / OX AppSuite Cross Site Scripting
Posted Apr 27, 2015
Authored by Martin Heiland

Open-Xchange Server 6 and OX AppSuite versions 7.6.1 and below suffer from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2015-1588
MD5 | a65ec62667e3fc8fb957722446b0ebd5
Download | Favorite | View
Open-Xchange Server 6 / OX AppSuite 7.6.1 Exposure
Posted Feb 12, 2015
Authored by Martin Heiland

Open-Xchange Server 6 / OX AppSuite suffers from an information exposure vulnerability in versions 7.6.1 and below.

tags | advisory
advisories | CVE-2014-9466
MD5 | 6123d10eae5f0d519ad1eccd689369d0
Download | Favorite | View
Open-Xchange Server 6 / OX AppSuite 7.6.1 Cross Site Scripting
Posted Jan 5, 2015
Authored by Martin Heiland, John de Kroon

Open-Xchange Server 6 / OX AppSuite versions 7.6.1 and below suffer from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2014-8993
MD5 | b7382005ce24ee724c045fbdf1adca9c
Download | Favorite | View
OX App Suite 7.6.0 SQL Injection
Posted Nov 7, 2014
Authored by Martin Heiland

OX App Suite versions 7.6.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-7871
MD5 | 688e3e9eb49ee93380a01d210c91dbc5
Download | Favorite | View
Page 1 of 2
Back12Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close