exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

Files from Fabian Krone

First Active2019-10-28
Last Active2020-05-01
xt:Commerce 5.4.1 / 6.2.1 / 6.2.2 Improper Access Control
Posted May 1, 2020
Authored by Fabian Krone, Markus Weiler | Site syss.de

xt:Commerce version 5.4.1, 6.2.1, and 6.2.2 suffer from an improper access control vulnerability. A logged-in customer can create and alter addresses. These addresses are referenced by incrementing IDs. On saving an address, an attacker could change the ID of the address to write the data to. If the ID belongs to an address which does not belong to the current logged-in user, every field in the address is set to null. An attacker could use this to null all addresses in a shop.

tags | exploit
advisories | CVE-2020-12101
SHA-256 | f54fc2ef6644a4e641224c9d4bbfedbcbc95e27c9202e6200a1ccd2764b4b697
Download | Favorite | View
Infosysta Jira 1.6.13_J8 User Name Disclosure
Posted Oct 28, 2019
Authored by Erik Steltzner, Sascha Heider, Fabian Krone | Site syss.de

Infosysta Jira version 1.6.13_J8 suffers from a user name disclosure vulnerability.

tags | exploit
advisories | CVE-2019-16907
SHA-256 | 506fa47855ab00052d2c3b374f021b09caf1e85be4e4a010161eed8775c5f5b8
Download | Favorite | View
Infosysta Jira 1.6.13_J8 Project List Authentication Bypass
Posted Oct 28, 2019
Authored by Erik Steltzner, Sascha Heider, Fabian Krone | Site syss.de

Infosysta Jira version 1.6.13_J8 suffers from an authentication bypass vulnerability that allows you to see project lists.

tags | exploit, bypass
advisories | CVE-2019-16908, CVE-2019-16909
SHA-256 | 5759cf071d560c4da28fae8baa88ebacb2d306e5d1cfc0ae9d1a454907d296b8
Download | Favorite | View
Infosysta Jira 1.6.13_J8 Push Notification Authentication Bypass
Posted Oct 28, 2019
Authored by Erik Steltzner, Sascha Heider, Fabian Krone | Site syss.de

Infosysta Jira version 1.6.13_J8 suffers from an authentication bypass vulnerability that allows you to see push notifications for a given user.

tags | exploit, bypass
advisories | CVE-2019-16906
SHA-256 | 01fd0ed65d6bb484afc3a2b833eae1e73bda43947aa08a133d177919fadef778
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close