Showing 1 - 9 of 9

Files from W. Schober

First Active	2016-04-22
Last Active	2022-05-13

Konica Minolta bizhub MFP Printer Terminal Sandbox Escape: Posted May 13, 2022; Authored by W. Schober, Johannes Kruchem | Site sec-consult.com; Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.; tags | exploit, root, vulnerability; advisories | CVE-2022-29586, CVE-2022-29587, CVE-2022-29588; SHA-256 | 57e210f71bf42a3b11e36e7813fbbb82fccbd07555cd2d876285ea9c410da45c; Download | Favorite | View

Miele Benchmark Programming Tool 1.1.49 / 1.2.71 Privilege Escalation: Posted Apr 27, 2022; Authored by W. Schober, Johannes Kruchem | Site sec-consult.com; Miele Benchmark Programming Tool versions 1.1.49 and 1.2.71 suffer from a privilege escalation vulnerability.; tags | exploit; advisories | CVE-2022-22521; SHA-256 | d9c54518c9774d14210fa309ae32ce7bf54eac2d1ed82cd249dec9506f8662c7; Download | Favorite | View

SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass: Posted Dec 2, 2019; Authored by W. Schober | Site sec-consult.com; SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities.; tags | exploit, arbitrary, vulnerability, xss; advisories | CVE-2019-19457, CVE-2019-19458, CVE-2019-19459, CVE-2019-19460; SHA-256 | 5ed47986bbc0d66aaf57c91633e6ec7ae2e1882ae76361c2429b36bdf3d0fc38; Download | Favorite | View

Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality: Posted Jan 10, 2019; Authored by W. Schober | Site sec-consult.com; Cisco VoIP phone such as models 88XX suffer from script insertion, weak and hard-coded passwords, undocumented debug functionality, and various outdated components with known vulnerabilities.; tags | exploit, vulnerability; systems | cisco; advisories | CVE-2018-0461; SHA-256 | 41a1b9784b878fa08044f5ed9bf633aed22e9a1c597ac51d8518b8c652c3cb84; Download | Favorite | View

WSO2 Identity Server 5.3.0 Cross Site Scripting: Posted Apr 24, 2018; Authored by W. Schober | Site sec-consult.com; WSO2 Identity Sever version 5.3.0 suffers from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2018-8716; SHA-256 | 4990846341d76b6fb9e53aeae7fb7c68f1253c3a015c256315cf5ff03976dd38; Download | Favorite | View

Sonatype Nexus Repository Manager OSS/Pro 2.14.5 / 3.7.1 XSS: Posted Feb 8, 2018; Authored by W. Schober, Daniel Ostovary | Site sec-consult.com; Sonatype Nexus Repository Manager OSS/Pro versions 2.14.5 and below and 3.7.1 and below suffer from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2018-5306, CVE-2018-5307; SHA-256 | 3b80587bce0be93510d9991ad9cba5f6fb982d17a3ece5321a6148deded4146c; Download | Favorite | View

Whole Vibratissimo Smart Sex Toy XSS / Disclosure / Authentication: Posted Feb 1, 2018; Authored by W. Schober | Site sec-consult.com; Multiple versions of Whole Vibratissimo Smart Sex Toy suffer from credential disclosure, exposed administrative interface, cleartext storage of passwords, unauthenticated bluetooth LE connection, and other vulnerabilities. These devices screw you in more way than one.; tags | exploit, vulnerability; SHA-256 | 403b854be58e2556751dd002c7f0a562d2d43e1248c002ec974b81219a814700; Download | Favorite | View

Portrait Display SDK Service Privilege Escalation: Posted Apr 26, 2017; Authored by W. Schober | Site sec-consult.com; Portrait Display SDK Service suffers from a privilege escalation vulnerability due to an insecure service configuration.; tags | exploit; advisories | CVE-2017-3210; SHA-256 | bb0d1b7787b6ec46caf94bb51f129ccffd1be7a7a0ce6cb68b3a93e46de94b3a; Download | Favorite | View

Digitalstrom Konfigurator 1.10.0 CSRF / Cross Site Scripting: Posted Apr 22, 2016; Authored by W. Schober | Site sec-consult.com; Digitalstrom Konfigurator version 1.10.0 suffers from cross site request forgery and cross site scripting vulnerabilities.; tags | advisory, vulnerability, xss, csrf; SHA-256 | c1222ada6c904eee3c1aae5b05d9e712fcff0d0139e72dc176f4270549e20f32; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days