exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 10 of 10

Files from Tobias Glemser

OvulaRing 4.2.2 Broken Object Level Authorization

Posted Nov 9, 2020

Authored by Tobias Glemser | Site secuvera.de

OvulaRing web application version 4.2.2 suffers from a broken object level authorization vulnerability.

tags | advisory, web

SHA-256 | dffcde032a8dd793d393ba02105fd87ad9d62221dd74ab9bedb8f1a24fa594ec

Download | Favorite | View

Microsoft Wireless Display Adapter 2 Command Injection / Broken Access Control

Posted Jul 30, 2018

Authored by Tobias Glemser, Simon Winter | Site secuvera.de

Microsoft Wireless Display Adapter versions 2.0.8350 to 2.0.8372 suffer from command injection, broken access control, and evil twin attack vulnerabilities.

tags | exploit, vulnerability

advisories | CVE-2018-8306

SHA-256 | 12ac02f7b82abb950c50fc899c9ee75f0eb6c39678669493f3d3a29f178c6b13

Download | Favorite | View

MailStore 10.0.1 Cross Site Scripting / Open Redirect

Posted Feb 1, 2017

Authored by Tobias Glemser | Site secuvera.de

MailStore versions 9.2 through 10.0.1 suffer from a cross site scripting vulnerability. Additionally, versions 9.0 through 10.0.1 suffer from an open redirection vulnerability.

tags | exploit, xss

SHA-256 | f5602e0d3c653782c14b0a030dfe2ecc4b12ce1bd7b97505f5fbbfe0704ca3dd

Download | Favorite | View

W3 Total Cache 0.9.4 Cross Site Scripting

Posted Dec 17, 2014

Authored by Tobias Glemser | Site secuvera.de

W3 Total Cache version 0.9.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2014-8724

SHA-256 | cff6fe10895c8207c8b98f60bca56ea967171e48b99fd89f7efb8a4948e8c914

Download | Favorite | View

Airdroid 1.0.4 Beta Implementation Weaknesses

Posted Jul 13, 2012

Authored by Tobias Glemser, Dominique Dewitt, Kathrin Schaberle

Airdroid version 1.0.4 Beta suffers from multiple security design implementation weaknesses.

tags | advisory, info disclosure

advisories | CVE-2012-3884, CVE-2012-3885, CVE-2012-3886, CVE-2012-3887, CVE-2012-3888

SHA-256 | e6777f2cf37fd0cc0c4fad4bc5839eb4b7f717137929dae19f8b618c9f4dfd25

Download | Favorite | View

ownCloud 3.0.0 Cross Site Scripting

Posted Apr 18, 2012

Authored by Tobias Glemser

ownCloud version 3.0.0 suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss

advisories | CVE-2012-2269, CVE-2012-2270

SHA-256 | dcb41a8d27105adce78fe22f673e0fa7b51d9f521221de638e38bba3db43a2cf

Download | Favorite | View

iTop 1.1.181 Cross Site Scripting

Posted Nov 23, 2011

Authored by Tobias Glemser

iTop version 1.1.181 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | f4a98080aa929ad990ec251726e39591021720b2ee5b2f73700699d9859ee51c

Download | Favorite | View

OmniTouch Instant Communication Suite XSRF / XSS

Posted Oct 25, 2011

Authored by Tobias Glemser

OmniTouch Instant Communication Suite suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf

SHA-256 | 07892a2e4751df91fbe28681577a37dca30715e6cc870860ee5c81e2769086a2

Download | Favorite | View

ssf.zip

Posted Nov 4, 2005

Authored by Tobias Glemser | Site security-scans.de

Sip Send Fun version 0.2 - a tool to exploit the various weakness in VoIP-Phones. Written in php.

tags | spoof, php

SHA-256 | 4caf3015d8abe09a2efcfb6068961af9f04ed3f7fd73754ebd4bd8ca6b17394a

Download | Favorite | View

voip-phones.txt

Posted Jul 7, 2005

Authored by Tobias Glemser | Site pentest.tele-consulting.com

Due to ignoring the value of Call-ID and even tag and branch while processing NOTIFY messages, VOIP-Hardphones process spoofed status messages like Messages-Waiting.

tags | advisory, spoof

SHA-256 | 7e874ac6aa4310120bd4e7a44ff20320a9205cdf8195fe255cbc74e7c8879b81

Download | Favorite | View