exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files

OX App Suite 7.10.6 XSS / Command Execution / LDAP Injection
Posted Jan 9, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6-rev50 suffers from remote code execution and LDAP injection vulnerabilities. Version 7.10.6-rev33 suffers from a cross site scripting vulnerability.

tags | advisory, remote, vulnerability, code execution, xss
advisories | CVE-2023-29048, CVE-2023-29049, CVE-2023-29050
SHA-256 | 592f2b04fcdcc6f8a886a43ccea679f6723dca85956b3e11029cce5b8e4022ec

Related Files

OX App Suite Backend 7.10.6-rev66 / 8.24.7 Open Redirect
Posted Sep 10, 2024
Authored by Martin Heiland

An open redirection vulnerability has been reported for a version of the Spring Framework which is shipped with OX App Suite backend versions 7.10.6-rev66 and 8.24.7.

tags | advisory
advisories | CVE-2024-22243
SHA-256 | ea468f342f7a0408607b9ba93475fecd68d35bad982ae0c29036847c45ddb637
OX App Suite Cross Site Scripting / Denial Of Service
Posted Aug 23, 2024
Authored by Martin Heiland

OX App Suite frontend version 7.10.6-rev42 suffers from cross site scripting vulnerabilities. OX App Suite backend versions 7.10.6-rev61 and 8.22 suffer from a denial of service vulnerability.

tags | advisory, denial of service, vulnerability, xss
advisories | CVE-2021-41184, CVE-2024-25582, CVE-2024-25710
SHA-256 | 6e2623da412af99e461937edfe417e674fe26af8c59f680b4bb1489413794ba8
OX App Suite Frontend 7.10.6-rev44 Cross Site Scripting
Posted Aug 23, 2024
Authored by Martin Heiland

OX App Suite frontend version 7.10.6-rev44 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2024-4367
SHA-256 | 1360b972ed80fc23c7c8b3b040403a512a3915dd0f5a8e6e9c5792c83a0e4c39
OX App Suite 8.21 Cross Site Scripting / Information Disclosure
Posted May 7, 2024
Authored by Martin Heiland

OX App Suite version 8.21 cross site scripting and information disclosure vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2024-23186, CVE-2024-23187, CVE-2024-23188, CVE-2024-23193
SHA-256 | ab18d35bc5d3677af88f7c327825d1007c6a7376fe5c5b0c3ee1c6a433e1e8b7
OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue
Posted Apr 11, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6 suffers from cross site scripting and deserialization vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-46604, CVE-2024-23189, CVE-2024-23190, CVE-2024-23191, CVE-2024-23192
SHA-256 | d67b15e5e463386e7b28cf5d7d03eebfcf3f668423493ad7f356fc890f038561
OX App Suite 7.10.6 Cross Site Scripting / Denial Of Service
Posted Feb 14, 2024
Authored by Martin Heiland

Varying revisions of OX App Suite version 7.10.6 suffer from cross site scripting and resource consumption vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-41703, CVE-2023-41704, CVE-2023-41705, CVE-2023-41706, CVE-2023-41707, CVE-2023-41708
SHA-256 | 32ea285b9f1d95b8d51ee4996b126ef6f484d7f18c109b4ccf06178533953e56
OX App Suite 7.10.6 Access Control / Cross Site Scripting
Posted Jan 9, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6-rev51 suffers from an access control vulnerability. Version 7.10.6-rev34 suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-29051, CVE-2023-29052, CVE-2023-41710
SHA-256 | 80185f3d2633831b5738bc1126710375d2e7d24e073ff394c679caa4c61efc56
OX App Suite SSRF / SQL Injection / Cross Site Scripting
Posted Aug 3, 2023
Authored by Mehmet Ince, Martin Heiland, Tim Coen, Eldar Zeynalli

OX App Suite suffers from remote SQL injection, server-side request forgery, cross site scripting, improper neutralization, command injection, and exposure of sensitive information vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection
advisories | CVE-2023-26430, CVE-2023-26438, CVE-2023-26439, CVE-2023-26440, CVE-2023-26441, CVE-2023-26442, CVE-2023-26443, CVE-2023-26445, CVE-2023-26446, CVE-2023-26447, CVE-2023-26448, CVE-2023-26449, CVE-2023-26450, CVE-2023-26451
SHA-256 | 719567b07d01c758653bc54850b5ade966278aebda53de372168e4c5c9d605c8
OX App Suite SSRF / Resource Consumption / Command Injection
Posted Jun 22, 2023
Authored by Mehmet Ince, Martin Heiland, Tim Coen, Icare

OX App Suite suffers from server-side request forgery, command injection, uncontrolled resource consumption, code injection, authorization bypass, and insecure storage vulnerabilities. Various versions in the 7.10.x and 8.x branches are affected.

tags | advisory, vulnerability
advisories | CVE-2023-26427, CVE-2023-26428, CVE-2023-26429, CVE-2023-26431, CVE-2023-26432, CVE-2023-26433, CVE-2023-26434, CVE-2023-26435, CVE-2023-26436
SHA-256 | a27979ae3ae36aed54def31f404e98c49b579e2113420246b0b046bb9f32e18d
OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
Posted Nov 30, 2022
Authored by Martin Heiland

OX App Suite versions 7.10.6 and below suffer from cross site scripting, server-side request forgery, and resource exhaustion vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2022-31469, CVE-2022-37307, CVE-2022-37308, CVE-2022-37309, CVE-2022-37310, CVE-2022-37311, CVE-2022-37312, CVE-2022-37313
SHA-256 | ba6b2cbc7f4a93851df3e4965e0195411ca754b70e55778fee524c5fadf9d260
OX App Suite Cross Site Scripting / Command Injection
Posted Sep 2, 2022
Authored by Martin Heiland

OX App Suite versions 8.2 and earlier suffer from multiple cross site scripting vulnerabilities. Versions 7.10.6 and earlier suffer from a command injection vulnerability.

tags | advisory, vulnerability, xss
advisories | CVE-2022-29851, CVE-2022-29852, CVE-2022-29853, CVE-2022-31468
SHA-256 | df934839b9bb30ae7abcc52dec7595f09a5e03c04493af0116b03ecf48aee33b
OX App Suite 7.10.5 Cross Site Scripting
Posted Mar 21, 2022
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-44208, CVE-2021-44209, CVE-2021-44210, CVE-2021-44211, CVE-2021-44212, CVE-2021-44213
SHA-256 | 439326d231827e72e3d0872c060c5c62dddd34691c556c0825bfa59c8c7f1d96
OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure
Posted Nov 22, 2021
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2021-38374, CVE-2021-38375, CVE-2021-38376, CVE-2021-38377, CVE-2021-38378
SHA-256 | c99f2e36cd127fb981a5512d68d67833a23fbcadee9ad6f6f9c134c3632fb7ef
OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting
Posted Apr 30, 2021
Authored by Martin Heiland

OX App Suite versions 7.10.4 and below suffer from cross site scripting and server-side request forgery vulnerabilities. OX Guard versions 2.10.4 and below suffer from a denial of service vulnerability.

tags | exploit, denial of service, vulnerability, xss
advisories | CVE-2020-28943, CVE-2020-28944, CVE-2020-28945
SHA-256 | f79fdb3de2e0adf5d96f8bd0f53e9ea78572bc1ad06052cccf66726ab09192b0
Open-Xchange OX App Suite SSRF / XSS / Information Disclosure / Access Controls
Posted Oct 14, 2019
Authored by MantiS, Martin Heiland, Michael Medvedev, Manas Gupta, hd7exploit

Various Open-Xchange OX App Suite versions suffer from server-side request forgery, cross site scripting, information disclosure, and improper access control vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2019-14225, CVE-2019-14226, CVE-2019-14227
SHA-256 | 6bbc17512735cd2e68b49123c22dd4e31db09620ca1cc4d07081dd51dda4894a
Ox App Suite 7.8.4 / 7.8.3 XSS / CSRF / Information Disclosure
Posted Jan 7, 2019
Authored by Secator

Ox App Suite versions 7.8.4 and 7.8.3 suffer from cross site scripting, cross site request forgery, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion, info disclosure, csrf
advisories | CVE-2018-12609, CVE-2018-12610, CVE-2018-12611
SHA-256 | ffdbe5e04f303db5e8ad0da091038bf8976a3f72b1e572115af58f427a4f8073
OX App Suite 7.8.4 XSS / XML Injection / Information Disclosure
Posted Jul 2, 2018
Authored by Secator, Michael Reizelman, Antonio

OX App Suite version 7.8.5 suffers from XML external entity injection, information disclosure, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2018-9997, CVE-2018-9998
SHA-256 | c70d8220abd64fcb08a298d9510add6aeba463a05de8fedbb79e7b7f24e8956b
OX App Suite 7.8.4 XSS / Privilege Management / SSRF / Traversal
Posted Jun 8, 2018
Authored by Martin Heiland

OX App Suite versions 7.8.4 and below suffer from cross site scripting, improper privilege management, content spoofing, server-side request forgery, and path traversal vulnerabilities.

tags | exploit, spoof, vulnerability, xss
advisories | CVE-2017-17062, CVE-2018-5751, CVE-2018-5752, CVE-2018-5753, CVE-2018-5754, CVE-2018-5755, CVE-2018-5756
SHA-256 | b05b1425ad2ad09c94d5f8ea14683797a289d6404376b147dc5a8333076d15fc
OX App Suite 7.6.0 SQL Injection
Posted Nov 7, 2014
Authored by Martin Heiland

OX App Suite versions 7.6.0 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-7871
SHA-256 | e90b305cda305ae3ab8aaa3cf59b529eb43f81db98e02e577ac0b8865f49f4a4
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close