Showing 1 - 14 of 14

Files from Nico Leidecker

MobileIron VSP / Sentry Authentication Bypass: Posted Apr 2, 2014; Authored by Nico Leidecker | Site trustmatta.com; MobileIron VSP versions prior to 5.9.1 and Sentry versions prior to 5.0 suffer from password obfuscation and XPath injection vulnerabilities.; tags | exploit, vulnerability; advisories | CVE-2013-7286, CVE-2014-1409; SHA-256 | d6a5bba8acefd20a11c0a78f4ae846a3e103e0ec9d568120f814bbe1909a34e1; Download | Favorite | View

SAP AG Netweaver 7.02 Buffer Overflow: Posted Feb 18, 2012; Authored by Nico Leidecker, Context Information Security Ltd; SAP AG Netweaver version 7.02 suffers from a stack based buffer overflow vulnerability in the SAPHostControl service. Exploitation can lead to code execution.; tags | advisory, overflow, code execution; SHA-256 | 96012632a04d7e30153723120084472f3f130485461ca0a85ad16a64e3a5da2f; Download | Favorite | View

.NET 4 - Microsoft Chart Control Information Disclosure: Posted Aug 11, 2011; Authored by Nico Leidecker, James Forshaw; The Microsoft Chart Control is vulnerable to an information disclosure vulnerability. By sending a specific GET request to an application implementing the chart control, attackers could read arbitrary files on the system.; tags | advisory, arbitrary, info disclosure; advisories | CVE-2011-1977; SHA-256 | b6ea78a725c0fad21b5d60a1b1743538aff281317ee65f07e13bb1913c9acdcd; Download | Favorite | View

OCS Inventory NG Directory Traversal: Posted Jun 4, 2009; Authored by Nico Leidecker; OCS Inventory NG version 1.02 suffers from a remote file disclosure vulnerability.; tags | exploit, remote, file inclusion; SHA-256 | 73e8f91b83749f97a33d287b830b4b07522b83f9752bb37c0cef2b5558ba9243; Download | Favorite | View

OCS Inventory NG 1.02 SQL Injection: Posted Jun 3, 2009; Authored by Nico Leidecker; OCS Inventory NG version 1.02 suffers from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; SHA-256 | 24349265fbc205824f9c785634ed2815339cc8fd1cb81aa103d5ad5fc924412f; Download | Favorite | View

CiscoCallManager_sql_07_016.txt: Posted Feb 22, 2008; Authored by Nico Leidecker; Portcullis Security Advisory - The Cisco Unified CallManager is vulnerable to multiple SQL injections in the user interface as well as in the administration interface. Affected versions include 5.0.4.2000-1, 5.1, 6.0, and 6.1.; tags | exploit, sql injection; systems | cisco; advisories | CVE-2008-0026; SHA-256 | e72e770f10c4445cb4e5fcc7cd6d6c037951bda37c5e766f48015274febd3c88; Download | Favorite | View

Belkin_Router_fw_40503_xss_06_64.txt: Posted Jul 11, 2007; Authored by Nico Leidecker | Site portcullis-security.com; The Belkin Router G Plus router administration web administrative interface suffers from a cross site scripting vulnerability.; tags | advisory, web, xss; SHA-256 | 7d420fa44c8ce272bc7185c3adcb6f3c4d5b1cb5ed9687bc0ab978bf1da01184; Download | Favorite | View

centericq_421_bo_06_063.txt: Posted Jul 11, 2007; Authored by Nico Leidecker | Site portcullis-security.com; Centericq version 4.21 on FreeBSD as well as the official sources have been found vulnerable to multiple buffer overflows.; tags | advisory, overflow; systems | freebsd; SHA-256 | 695f8d41c00f3dd190485927ef216e87f08348cdcb3ef1dd4e144206e4e61c15; Download | Favorite | View

SurgeFTP_23a1_xss_06_062.txt: Posted Jul 11, 2007; Authored by Nico Leidecker | Site portcullis-security.com; SurgeFTP version 2.3a1 Linux suffers from a cross site scripting vulnerability.; tags | advisory, xss; systems | linux; SHA-256 | eef9a98052e8bafe92d55157a4fa35e226ac63cbe789ec403cfc1bb8b0d1221e; Download | Favorite | View

SurgeFTP_23a1_dos_06_061.txt: Posted Jul 11, 2007; Authored by Nico Leidecker | Site portcullis-security.com; SurgeFTP version 2.3a1 Linux suffers from a denial of service condition in its mirror mechanism.; tags | advisory, denial of service; systems | linux; SHA-256 | c2e32fdacdb65dce7021a2557bc1a2223d451dd4eeac4d1916119a75c0f49443; Download | Favorite | View

SurgeMail_73b8_fmt_06_060.txt: Posted Jul 11, 2007; Authored by Nico Leidecker | Site portcullis-security.com; SurgeMail version 3.7b8 Linux suffers from a format string vulnerability.; tags | advisory; systems | linux; SHA-256 | 525c089d7648287aa57c4e50b8da924fae9c965e876911b34796cfc782d2004e; Download | Favorite | View

Having_Fun_With_PostgreSQL.txt: Posted Jun 19, 2007; Authored by Nico Leidecker | Site leidecker.info; Whitepaper discussing security implications with PostgreSQL when improperly configured.; tags | paper; SHA-256 | 394fde0a55e01e4ceacd902f672a2e8f17f90c73974cfcf7a60f272b62d35440; Download | Favorite | View

papoocms-xss.txt: Posted Jun 19, 2007; Authored by Nico Leidecker | Site leidecker.info; Papoo Light CMS version 3.6 suffers from cross site scripting flaws.; tags | advisory, xss; SHA-256 | e579f75a655d419fa11dd11b26f62c32799f3cbefdaed0aa31631736bd823045; Download | Favorite | View

elxis-sql.txt: Posted Jun 15, 2007; Authored by Nico Leidecker; Elxis CMS versions 2006.4 and below suffer from a SQL injection vulnerability.; tags | advisory, sql injection; SHA-256 | d53eb6928d0f75544d96921f1a3054e4b17885be06a5ee60f367852f79e0e232; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days