what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 10 of 10

Files from Murat Aydemir

Barco Control Room Management Suite Directory Traversal

Posted Apr 4, 2022

Authored by Murat Aydemir

Barco Control Room Management Suite versions prior to 2.9 build 0275 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2022-26233

SHA-256 | b1ec333a285f727f101ec39e59974d8125d1c1f97f298850e6ec2b47b08d879f

Download | Favorite | View

M-Files Web Denial Of Service

Posted Dec 3, 2021

Authored by Murat Aydemir

M-Files Web versions prior to 20.10.9524.1 and M-Files Web versions prior to 20.10.9445.0 contain an improper range header processing vulnerability. A remote unauthenticated attacker may send crafted requests with overlapping ranges (via HTTP requests with a specially-crafted Range or Request-Range headers) to cause the web application to compress each of the requested bytes, resulting in a crash due to excessive memory and CPU consumption and preventing users from accessing the system.

tags | exploit, remote, web, denial of service

advisories | CVE-2021-37253

SHA-256 | 156f6be8e8269992c6311ee1cad599e1338e7f7bf24b2810bb20c39727986b7c

Download | Favorite | View

Zoho ManageEngine OpManager 12.3 Alarms Cross Site Scripting

Posted Dec 21, 2018

Authored by Murat Aydemir

Zoho ManageEngine OpManager versions 12.3 before build 123239 suffers from a cross site scripting vulnerability in the Alarms section.

tags | exploit, xss

advisories | CVE-2018-20339

SHA-256 | 86d14a418d1c96a1de4aea21241185938cae7766df1b79f5ba59466c6647d576

Download | Favorite | View

Zoho ManageEngine OpManager 12.3 Alarms SQL Injection

Posted Dec 21, 2018

Authored by Murat Aydemir

Zoho ManageEngine OpManager versions 12.3 before build 123239 suffers from a remote SQL injection vulnerability in the Alarms section.

tags | exploit, remote, sql injection

advisories | CVE-2018-20338

SHA-256 | df3b4cca1a33cee2c1b1466213ad18fa0d9f4707c689196c5a9641e212dd2ad0

Download | Favorite | View

Zoho ManageEngine OpManager 12.3 SQL Injection

Posted Dec 17, 2018

Authored by Murat Aydemir

Zoho ManageEngine OpManager versions 12.3 before 123238 suffer from a remote SQL injection vulnerability in the getGraphData API.

tags | exploit, remote, sql injection

advisories | CVE-2018-20173

SHA-256 | 1a049e8278a847b77887e080ec099b64303b5a9ab7a770820a6961d579f33b08

Download | Favorite | View

Zoho ManageEngine OpManager 12.3 Cross Site Scripting

Posted Dec 11, 2018

Authored by Murat Aydemir

Zoho ManageEngine OpManager version 12.3 prior to build 123237 has a cross site scripting vulnerability in the domainController API.

tags | exploit, xss

advisories | CVE-2018-19921

SHA-256 | b757a066966d43dab92e82b070ec0aa7cb574a7fac46efeaa46eea3d52d17b5c

Download | Favorite | View

Zoho ManageEngine OpManager 12.3 Cross Site Scripting

Posted Nov 20, 2018

Authored by Murat Aydemir

Zoho ManageEngine OpManager versions 12.3 before build 123223 have a cross site scripting vulnerability via the updateWidget API.

tags | advisory, xss

advisories | CVE-2018-19288

SHA-256 | 4f3c08804393e70f710c96815caa8549c3dc5e71017eeb4012d2c44a6bb278d1

Download | Favorite | View

Zoho ManageEngine OpManager 12.3 Arbitrary File Upload

Posted Oct 19, 2018

Authored by Murat Aydemir, Hakan Bayir

Zoho ManageEngine OpManager version 12.3 suffers from an arbitrary file upload vulnerability.

tags | advisory, arbitrary, file upload

advisories | CVE-2018-18475

SHA-256 | b33e29926189ccf274c11a2f500355455426ce1a4b36d07449efbf681fa210ab

Download | Favorite | View

ManageEngine OPManager 12.3 Cross Site Scripting

Posted Oct 17, 2018

Authored by Murat Aydemir

ManageEngine OPManager version 12.3 suffers from a persistent cross site scripting vulnerability.

tags | advisory, xss

advisories | CVE-2018-18262

SHA-256 | 4accf5407115e8f4a22709ea0edfcf808b651f9a993ef1576a3d1abecdc13910

Download | Favorite | View

ManageEngine OPManager 12.3 SQL Injection

Posted Sep 20, 2018

Authored by Murat Aydemir

ManageEngine OPManager version 12.3 suffers from a remote SQL injection vulnerability.

tags | advisory, remote, sql injection

advisories | CVE-2018-17243

SHA-256 | 4b6a4ea76848ab6114a56a416f3fbcbcf9f30c0019d583b5a31c9da234e2a04f

Download | Favorite | View