Showing 1 - 10 of 10

Files from Tim Schughart

Email address	t.schughart at prosec-networks.com
First Active	2015-10-06
Last Active	2019-10-08

RENPHO 3.0.0 Information Disclosure: Posted Oct 8, 2019; Authored by Tim Schughart; RENPHO version 3.0.0 fails to encrypt in transit and due to this can disclose sensitive information and allow for man-in-the-middle attacks.; tags | exploit, info disclosure; advisories | CVE-2019-14808; SHA-256 | 6a1c6c82f8f2d77c4029355706b177fb2a7b01fa5d30d65cf34b17238f45c6f0; Download | Favorite | View

Base Soundtouch 18.1.4 Cross Site Scripting: Posted Jan 7, 2019; Authored by Tim Schughart; Base Soundtouch iOS application version 18.1.4 suffers from a cross site scripting vulnerability.; tags | exploit, xss; systems | ios; advisories | CVE-2018-12638; SHA-256 | 67c8211022b176ba9ad191b333fa8db82dec6bea662fcf9aeb2fdd2a726d151c; Download | Favorite | View

Ubiquiti UniFi AP AC Lite 5.2.7 Improper Access Control: Posted Sep 30, 2016; Authored by Tim Schughart, Khanh Quoc Pham, Immanuel Bar; Ubiquiti UniFi AP AC Lite version 5.2.7 allows for direct modification of the database with no authentication.; tags | exploit; advisories | CVE-2016-7792; SHA-256 | f40eba146d3abfc3da878bf10eac9a021530c62f26eb11f3fb7cd42dd34d3ee2; Download | Favorite | View

Sophos UTM 9.405-5 / 9.404-5 Information Disclosure: Posted Sep 30, 2016; Authored by Tim Schughart, Khanh Quoc Pham; Sophos UTM versions 9.405-5 and 9.404-5 suffer from information disclosure vulnerabilities.; tags | exploit, vulnerability, info disclosure; advisories | CVE-2016-7397, CVE-2016-7442; SHA-256 | d41db865905127ac19f3ef1c4274c38fede90b47131595b8392634352dd0efc8; Download | Favorite | View

Abus Security Cams 0101a Cross Site Scripting: Posted Sep 30, 2016; Authored by Tim Schughart; Abus Security Cams version 0101a suffer from a cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | 648c480851032ffc3e2a82f73e241748f1cdb7c65fbc13387177b4b51e815d29; Download | Favorite | View

Vodafone EasyBox 804 Denial Of Service / Authentication Bypass: Posted Jul 17, 2016; Authored by Tim Schughart; Vodafone EasyBox 804 suffers from authentication bypass and denial of service vulnerabilities.; tags | exploit, denial of service, vulnerability, bypass; SHA-256 | f645c6a908861080432366b3dde886601bd41fb752174cd89a3b38fddbbe9a3c; Download | Favorite | View

Open-Xchange 7.8.0 Cross Site Scripting: Posted Apr 4, 2016; Authored by Satish Bommisetty, Tim Schughart; Open-Xchange versions 7.8.0 and below suffer from multiple cross site scripting vulnerabilities.; tags | advisory, vulnerability, xss; advisories | CVE-2016-2840; SHA-256 | 5273ac97746a41370e8a7259e9ccb912428c0fe5e29b9545c0ae6f750da37d5f; Download | Favorite | View

OpenXchange User Enumeration: Posted Feb 1, 2016; Authored by Tim Schughart; OpenXchange versions prior to 7.8 suffer from a user folder enumeration vulnerability.; tags | exploit; SHA-256 | 3ff4b70fb0d1ed89742ae760ed3791703e72698ab3a1710dea9f6eaeabf657fe; Download | Favorite | View

VMWare Zimbra Mailer Release 8.6.0.GA Replay Attack: Posted Feb 1, 2016; Authored by Tim Schughart; VMWare Zimbra Mailer Release 8.6.0.GA, latest patch and prior versions with DKIM implementation are vulnerable to longterm Mail Replay attacks. If the expiration header is not set, the signature never expires. This means, that the e-mail, perhaps caught while performing a man in the middle attack, can be replayed years after catching it.; tags | exploit; SHA-256 | 490724c2c6c71fba396ddb4a5b014b50c57e46f5a68bc5d679f1ecc3b14ba9ca; Download | Favorite | View

Liferay Portal 6.2 EE SP13 Cross Site Scripting: Posted Oct 6, 2015; Authored by Tim Schughart; Liferay Portal version 6.2 EE SP13 suffers from an administrator-inflicted cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | e137181199945439684e4ea7bf1d423e31ddc64173fd464c512550a84430d277; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days