what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from Bartlomiej Balcerek

WSO2 Identity Server 4.5.0 / 4.6.0 / 5.0.0 Bypass / Cross Site Scripting

Posted Mar 26, 2015

Authored by Bartlomiej Balcerek

WSO2 Identity Server versions 4.5.0, 4.6.0, and 5.0.0 suffer from authentication bypass and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, bypass

SHA-256 | 6680a7e463046ee138266816668db4cf56362edb02b8e6d3cff5088123687903

Download | Favorite | View

Java OpenID Server 1.2.1 XSS / Session Fixation

Posted Mar 4, 2014

Authored by Bartlomiej Balcerek

JOIDS (Java OpenID Server) version 1.2.1 suffers from reflected cross site scripting and session fixation vulnerabilities.

tags | exploit, java, vulnerability, xss

SHA-256 | d0111d88c2b72fdcea60d1fd44070e2af28045c390f13e4603277e4f163efcef

Download | Favorite | View

Torque Server Buffer Overflow

Posted Jul 14, 2011

Authored by Adam Zabrocki, Bartlomiej Balcerek, Maciej Kotowicz

Torque Server versions prior to 2.4.1.4 and 3.0.[0,1] suffer from a buffer overflow vulnerability.

tags | advisory, overflow

advisories | CVE-2011-2193

SHA-256 | d42dea2627d928ed2511106108e44d93bc90572f0feebc4a43a5e9fbfbcc8c7b

Download | Favorite | View

PBS Pro Race Condition

Posted Jul 8, 2010

Authored by Bartlomiej Balcerek

PBS Pro versions prior to 10.4 o+w race condition proof of concept exploit.

tags | exploit, proof of concept

SHA-256 | e5ef3ff55ecaffc75cef785be9136ba14ff0bdba919b16c5d79092a7dd9aa824

Download | Favorite | View