what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files from Martin Heiland

Email addressmartin.heiland at open-xchange.com
First Active2014-09-15
Last Active2022-11-30
OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
Posted Nov 30, 2022
Authored by Martin Heiland

OX App Suite versions 7.10.6 and below suffer from cross site scripting, server-side request forgery, and resource exhaustion vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2022-31469, CVE-2022-37307, CVE-2022-37308, CVE-2022-37309, CVE-2022-37310, CVE-2022-37311, CVE-2022-37312, CVE-2022-37313
SHA-256 | ba6b2cbc7f4a93851df3e4965e0195411ca754b70e55778fee524c5fadf9d260
OX App Suite Cross Site Scripting / Command Injection
Posted Sep 2, 2022
Authored by Martin Heiland

OX App Suite versions 8.2 and earlier suffer from multiple cross site scripting vulnerabilities. Versions 7.10.6 and earlier suffer from a command injection vulnerability.

tags | advisory, vulnerability, xss
advisories | CVE-2022-29851, CVE-2022-29852, CVE-2022-29853, CVE-2022-31468
SHA-256 | df934839b9bb30ae7abcc52dec7595f09a5e03c04493af0116b03ecf48aee33b
Open-Xchange App Suite 7.10.x Cross Site Scripting / Command Injection
Posted Jul 22, 2022
Authored by Martin Heiland

Open-Xchange App Suite versions 7.10.6 and below suffer from OS command injection and cross site scripting vulnerabilities. One particular cross site scripting issue only affects versions 7.10.5 and below.

tags | advisory, vulnerability, xss
advisories | CVE-2021-42550, CVE-2022-23099, CVE-2022-23100, CVE-2022-23101, CVE-2022-24405, CVE-2022-24406
SHA-256 | 145c2f74cfe9370dfbec4b0f72f06c5a67138afef07940be7a7e97d9a4b1f072
OX App Suite 7.10.5 Cross Site Scripting
Posted Mar 21, 2022
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-44208, CVE-2021-44209, CVE-2021-44210, CVE-2021-44211, CVE-2021-44212, CVE-2021-44213
SHA-256 | 439326d231827e72e3d0872c060c5c62dddd34691c556c0825bfa59c8c7f1d96
OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure
Posted Nov 22, 2021
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2021-38374, CVE-2021-38375, CVE-2021-38376, CVE-2021-38377, CVE-2021-38378
SHA-256 | c99f2e36cd127fb981a5512d68d67833a23fbcadee9ad6f6f9c134c3632fb7ef
OX App Suite / Ox Documents 7.10.x XSS / Code Injection / Traversal
Posted Nov 22, 2021
Authored by Martin Heiland

OX App Suite and OX Documents suffer from cross site scripting, code injection, path traversal, and input validation vulnerabilities. Most of these issues affect 7.10.5 and below with one affecting 7.10.4 and below.

tags | exploit, vulnerability, xss
advisories | CVE-2021-33488, CVE-2021-33489, CVE-2021-33490, CVE-2021-33491, CVE-2021-33492, CVE-2021-33493, CVE-2021-33494, CVE-2021-33495
SHA-256 | 8ee4a4656fa2949ce351598464b1ce8aca906f19ee6d4f991c80fc45a41c8c4b
OX Documents 7.10.5 Improper Authorization
Posted Jul 20, 2021
Authored by Martin Heiland

OX Documents version 7.10.5 suffers from multiple improper authorization vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-28093, CVE-2021-28094, CVE-2021-28095
SHA-256 | fdc415c0e1479fc1bbd7c9da23f2c1893080132040e14750beb56328b7efaa61
OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting
Posted Jul 16, 2021
Authored by Martin Heiland

Open-Xchange OX App Suite, OX Guard, and OX Documents suffer from server-side request forgery and cross site scripting vulnerabilities. Some of these issues only affect version 7.10.3 while some affect 7.10.4 and earlier.

tags | exploit, vulnerability, xss
advisories | CVE-2020-24700, CVE-2020-24701, CVE-2021-26698, CVE-2021-26699
SHA-256 | 264f5c37a41ec6bca16aeacc29650f3f157abec2e181ef828458e50fe0bc2740
OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting
Posted Apr 30, 2021
Authored by Martin Heiland

OX App Suite versions 7.10.4 and below suffer from cross site scripting and server-side request forgery vulnerabilities. OX Guard versions 2.10.4 and below suffer from a denial of service vulnerability.

tags | exploit, denial of service, vulnerability, xss
advisories | CVE-2020-28943, CVE-2020-28944, CVE-2020-28945
SHA-256 | f79fdb3de2e0adf5d96f8bd0f53e9ea78572bc1ad06052cccf66726ab09192b0
OX App Suite / OX Documents 7.10.x XSS / SSRF
Posted Jan 8, 2021
Authored by Martin Heiland, notoriousrip, Stuart Redman

OX App Suite and OX Documents suffer from server-side request forgery and multiple cross site scripting vulnerabilities. Various versions are affected including 7.10.4 and 7.10.3.

tags | exploit, vulnerability, xss
advisories | CVE-2020-24700, CVE-2020-24701
SHA-256 | ba8c16584bc43d579279e941f2d796ec74153f6debe5a7df85b435f86196a43c
OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery
Posted Oct 19, 2020
Authored by Martin Heiland, Zeeshan Khalid, Sreejith Krishnan R, MOGWAI LABS, notoriousrip

OX App Suite and OX Documents versions 7.10.3 and some prior versions suffer from information exposure, server-side request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-15002, CVE-2020-15003, CVE-2020-15004
SHA-256 | 4fa6c054c00387a832592e2040a5da296d518180b40ccda03e95e88b581e3a1d
OX App Suite / OX Documents XSS / SSRF / Bypass
Posted Aug 21, 2020
Authored by Martin Heiland

OX App Suite and OX Documents suffer from access control bypass, cross site scripting, and improper input validation vulnerabilities. Multiple version ranges are affected.

tags | exploit, vulnerability, xss, bypass
advisories | CVE-2020-12643, CVE-2020-12644, CVE-2020-12645, CVE-2020-12646, CVE-2020-8542
SHA-256 | 51edab0377b8fe0d44554f6f7f4760f83af8457588e97679c30c8d3bae31cdc2
OX Guard 2.10.3 Cross Site Scripting / Server-Side Request Forgery
Posted Jun 12, 2020
Authored by Martin Heiland

OX Guard version 2.10.3 suffers from server-side request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-9426, CVE-2020-9427
SHA-256 | 893145b9db604b7ed2accebb80ae3b758c5c402c2edddeae5cf393b911b11fb3
OX App Suite / OX Documents 7.10.3 XSS / SSRF / Improper Validation
Posted Jun 12, 2020
Authored by Martin Heiland, Johannes Moritz, zee_shan, chbi, Hasan Ali

OX App Suite and OX Documents versions 7.10.3 and below suffer from server-side request forgery, cross site scripting, improper parameter validation, and XML injection vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-18846, CVE-2020-8541, CVE-2020-8542, CVE-2020-8543, CVE-2020-8544
SHA-256 | 64ac41f600218c8a53f85f7edaf868fd9208d415671cac26f51f2f16940095bb
Open-Xchange App Suite / Documents Server-Side Request Forgery
Posted Feb 21, 2020
Authored by Martin Heiland

Open-Xchange App Suite and Documents versions 7.10.2 and below suffer from multiple server-side request forgery vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2019-18846, CVE-2019-9853
SHA-256 | 9e95ed9b8b18b7aa67aa539e677d18a46c58d0f74c70f908ef7a336569ff51e9
OX App Suite 7.10.2 Cross Site Scripting / Improper Access Control
Posted Jan 2, 2020
Authored by Martin Heiland

Open-Xchange App Suite versions 7.10.2 and below suffer from cross site scripting and improper access control vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2019-16716, CVE-2019-16717
SHA-256 | f91286e977b72a5c49cfb19cbc8ab36556eed739bb0463e808cd0c851816ff64
Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls
Posted Oct 14, 2019
Authored by MantiS, Martin Heiland, Michael Medvedev, Manas Gupta, hd7exploit

Various Open-Xchange OX App Suite versions suffer from server-side request forgery, cross site scripting, information disclosure, and improper access control vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2019-14225, CVE-2019-14226, CVE-2019-14227
SHA-256 | 6bbc17512735cd2e68b49123c22dd4e31db09620ca1cc4d07081dd51dda4894a
Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
Posted Aug 16, 2019
Authored by Martin Heiland, zee_shan

Open-Xchange OX App Suite suffers from a content spoofing, cross site scripting, and information disclosure vulnerabilities. Versions affected vary depending on the vulnerability.

tags | exploit, spoof, vulnerability, xss, info disclosure
advisories | CVE-2019-11521, CVE-2019-11522, CVE-2019-11806
SHA-256 | 2071c53e872acfa5491162c42ffc088b0353ec35291faf2ce74402fd3c1328d6
Open-Xchange OX Guard Cross Site Scripting / Signature Validation
Posted Aug 16, 2019
Authored by Hanno Boeck, Juraj Somorovsky, Martin Heiland, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Jens Muller, Marcus Brinkmann

Open-Xchange OX Guard versions 7.10.2 and below suffer from a cross site scripting vulnerability. Open-Xchange OX Guard versions 7.10.1 and below, 2.10.2 and below suffer from a signature validation vulnerability.

tags | exploit, xss
advisories | CVE-2018-9997, CVE-2019-11521
SHA-256 | ea4821effec5ebd51f45bdf732d362fc22eb10a99a7363c2441cceeedc97dfae
Open-Xchange AppSuite 7.10.1 Information Disclosure / Improper Access Control
Posted Apr 5, 2019
Authored by Martin Heiland

Open-Xchange AppSuite versions 7.10.1 and below suffer from information exposure and improper access control vulnerabilities.

tags | exploit, vulnerability, info disclosure
advisories | CVE-2019-7158, CVE-2019-7159
SHA-256 | a722921e6fddc3e83ee1b00bdf589f283a0af7624c6b56c8422fdc8435786cc9
Open-Xchange OX App Suite Cross Site Scripting / SSRF
Posted Jan 21, 2019
Authored by Martin Heiland, Secator, Zhihua Yao, stemcloud, Gamal negm eldin

Open-Xchange OX App Suite suffers from cross site scripting and server-side request forgery vulnerabilities. The vulnerabilities spawn a multitude of versions.

tags | exploit, vulnerability, xss
advisories | CVE-2018-13103, CVE-2018-13104
SHA-256 | 24e2155c543cabcd184eee8f58682b0f7854489ae93e4d51a85b793fe3464e40
OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal
Posted Jun 8, 2018
Authored by Martin Heiland

OX App Suite versions 7.8.4 and below suffer from cross site scripting, improper privilege management, content spoofing, server-side request forgery, and path traversal vulnerabilities.

tags | exploit, spoof, vulnerability, xss
advisories | CVE-2017-17062, CVE-2018-5751, CVE-2018-5752, CVE-2018-5753, CVE-2018-5754, CVE-2018-5755, CVE-2018-5756
SHA-256 | b05b1425ad2ad09c94d5f8ea14683797a289d6404376b147dc5a8333076d15fc
Open-Xchange Guard 2.4.2 Cross Site Scripting
Posted Sep 13, 2016
Authored by Martin Heiland, Benjamin Daniel Mussler

Open-Xchange Guard versions 2.4.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-6851, CVE-2016-6853, CVE-2016-6854
SHA-256 | b6b00b94ecd8a6eb1ccee7f194f7bf72d2f3738376ca2774dec5ff0fb5b81020
Open-Xchange App Suite 7.8.2 Cross Site Scripting
Posted Sep 13, 2016
Authored by Martin Heiland

Open-Xchange App Suite versions 7.8.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2016-5740
SHA-256 | 357ca5858f8f3f0f5e8af6faa2268fb1efd131b5eada5dfc41eb2ddb9239f572
Open-Xchange App Suite 7.8.1 Cross Site Scripting
Posted Jul 13, 2016
Authored by Martin Heiland

Open-Xchange App Suite version 7.8.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-5124
SHA-256 | 54885411364ea66a6a88cc613ff3399708f6b52cbe59e735d9647a8e158559b8
Page 1 of 2
Back12Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    11 Files
  • 8
    Dec 8th
    36 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close