exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 7 of 7

Files from Moritz Bechler

Protection Licensing Toolkit ReadyAPI 3.2.5 Code Execution / Deserialization

Posted May 19, 2020

Authored by Moritz Bechler

Protection Licensing Toolkit ReadyAPI version 3.2.5 suffers from an unsafe deserialization vulnerability that allows for remote code execution.

tags | exploit, remote, code execution

advisories | CVE-2020-12835

MD5 | 04d24a10d080f67a99623c2a47d1d455

Download | Favorite | View

SquirrelMail 1.4.22 Cross Site Scripting

Posted Jul 1, 2019

Authored by Moritz Bechler

SquirrelMail version 1.4.22 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2019-12970

MD5 | 35d36e761a3e0e4a901673fe89e36bff

Download | Favorite | View

Coldfusion / JNBridge Remote Code Execution

Posted Jun 26, 2019

Authored by Moritz Bechler

Coldfusion versions 2016 and 2018 along with all current versions of JNBridge suffer from a remote code execution vulnerability.

tags | advisory, remote, code execution

advisories | CVE-2019-7839

MD5 | f1b8b67bd353230a79828cd27fa10223

Download | Favorite | View

LDAP Swiss Army Knife

Posted Jun 12, 2019

Authored by Moritz Bechler | Site github.com

This paper presents the "LDAP Swiss Army Knife", an easy to use LDAP server implementation built for penetration oder software testing. Apart from general usage as a server or proxy it also shows some specific attacks against Java/JNDI based LDAP clients.

tags | paper, java

MD5 | a5b08197ac7d25c91698564ff5769d7b

Download | Favorite | View

Dojo Toolkit 1.13 Cross Site Scripting

Posted Aug 27, 2018

Authored by Moritz Bechler

Dojo Toolkit version 1.13 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2018-15494

MD5 | 32361799fbf94963fe405a9d518c8786

Download | Favorite | View

ILIAS 5.3.2 / 5.2.14 / 5.1.25 Cross Site Scripting

Posted May 22, 2018

Authored by Moritz Bechler

ILIAS versions 5.3.2, 5.2.14, and 5.1.25 suffer from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2018-10428

MD5 | e040c53ef97a1cf82b56b47ee94179a8

Download | Favorite | View

Bamboo Deserialization Issue

Posted Jul 26, 2016

Authored by David Black, Moritz Bechler

This advisory discloses a critical severity security vulnerability which was introduced in version 2.3.1 of Bamboo. Versions of Bamboo starting with 2.3.1 before 5.11.4.1 (the fixed version for 5.11.x) and from 5.12.0 before 5.12.3.1 (the fixed version for 5.12.x) are affected by this vulnerability.

tags | advisory

advisories | CVE-2016-5229

MD5 | 22f79e542f62355e4c2c0534dfa98069

Download | Favorite | View