Showing 1 - 6 of 6

Files from Daniel Hirschberger

First Active	2022-11-15
Last Active	2024-06-25

Faronics WINSelect Hardcoded Credentials / Bad Permissions / Unhashed Password: Posted Jun 25, 2024; Authored by Daniel Hirschberger | Site sec-consult.com; Faronics WINSelect versions prior to 8.30.xx.903 suffer from having hardcoded credentials, storing unhashed passwords, and configuration file modification vulnerabilities.; tags | exploit, vulnerability; advisories | CVE-2024-36495, CVE-2024-36496, CVE-2024-36497; SHA-256 | 027ee14709ee8088f3a43a3e25e6450580e3674393ef37542ccf9f8c2f9f3e81; Download | Favorite | View

Anveo Mobile User Enumeration / Missing Certificate Validation: Posted Dec 13, 2023; Authored by Daniel Hirschberger | Site sec-consult.com; Anveo Mobile application version 10.0.0.359 and server version 11.0.0.5 suffer from missing certificate validation and user enumeration vulnerabilities.; tags | exploit, vulnerability; SHA-256 | c4a7657b4c12593459bacc7aff28a2ad2162f37df6ff2b5a94f451b1bba03ac4; Download | Favorite | View

Fortra Digital Guardian Agent Uninstaller Cross Site Scripting / UninstallKey Cached: Posted Nov 28, 2023; Authored by Johannes Kruchem, Daniel Hirschberger, Bernhard Grundling | Site sec-consult.com; The uninstaller in Fortra Digital Guardian Agent versions prior to 7.9.4 suffers from a cross site scripting vulnerability. Additionally, the Agent Uninstaller handles sensitive data insecurely and caches the Uninstall key in memory. This key can be used to stop or uninstall the application. This allows a locally authenticated attacker with administrative privileges to disable the application temporarily or even remove the application from the system completely.; tags | exploit, xss; advisories | CVE-2023-6253; SHA-256 | d393eda92218fb28d4719259401d1db3e0731edb5b930170f2f951494d02fbc7; Download | Favorite | View

m-privacy TightGate-Pro Code Execution / Insecure Permissions: Posted Nov 28, 2023; Authored by Daniel Hirschberger, Marco Schillinger, Steven Kurka | Site sec-consult.com; m-privacy TightGate-Pro suffers from code execution, insecure permissions, deletion mitigation, and outdated server vulnerabilities.; tags | exploit, vulnerability, code execution; advisories | CVE-2023-47250, CVE-2023-47251; SHA-256 | 55d99668e130fe585eb26f5ac98889fe0cb5368f4185842bb3d4346adf9bd24b; Download | Favorite | View

openVIVA c2 20220101 Cross Site Scripting: Posted Oct 3, 2023; Authored by Daniel Hirschberger | Site sec-consult.com; openVIVA c2 suffers from a persistent cross site scripting vulnerability. Versions prior to 20220801 are affected.; tags | exploit, xss; advisories | CVE-2022-39172; SHA-256 | 1bb461472efdf8f6410f98641bda375496497eeeacb50a76a14f2e2f531514ed; Download | Favorite | View

BMC Remedy ITSM-Suite 9.1.10 / 20.02 HTML Injection: Posted Nov 15, 2022; Authored by Daniel Hirschberger | Site sec-consult.com; BMC Remedy ITSM-Suite version 9.1.10 (20.02 in new versioning scheme) suffers from an html injection vulnerability.; tags | exploit; advisories | CVE-2022-26088; SHA-256 | ed89f3f49d37ea4299f6f6221ace6ef8292ada73199f9aac17bae7cf6165fad3; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days