what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from W. Schober

First Active2016-04-22
Last Active2022-05-13
Konica Minolta bizhub MFP Printer Terminal Sandbox Escape
Posted May 13, 2022
Authored by W. Schober, Johannes Kruchem | Site sec-consult.com

Multiple Konica Minolta bizhub MFP printer terminals suffer from a sandbox escape with root access and have clear-text password vulnerabilities.

tags | exploit, root, vulnerability
advisories | CVE-2022-29586, CVE-2022-29587, CVE-2022-29588
SHA-256 | 57e210f71bf42a3b11e36e7813fbbb82fccbd07555cd2d876285ea9c410da45c
Download | Favorite | View
Miele Benchmark Programming Tool 1.1.49 / 1.2.71 Privilege Escalation
Posted Apr 27, 2022
Authored by W. Schober, Johannes Kruchem | Site sec-consult.com

Miele Benchmark Programming Tool versions 1.1.49 and 1.2.71 suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2022-22521
SHA-256 | d9c54518c9774d14210fa309ae32ce7bf54eac2d1ed82cd249dec9506f8662c7
Download | Favorite | View
SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass
Posted Dec 2, 2019
Authored by W. Schober | Site sec-consult.com

SALTO ProAccess SPACE versions 5.5 and below suffer from path traversal, arbitrary file write, persistent cross site scripting, privilege escalation, and clear text transmission of sensitive data vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss
advisories | CVE-2019-19457, CVE-2019-19458, CVE-2019-19459, CVE-2019-19460
SHA-256 | 5ed47986bbc0d66aaf57c91633e6ec7ae2e1882ae76361c2429b36bdf3d0fc38
Download | Favorite | View
Cisco VoIP Script Insertion / Weak Passwords / Undocumented Functionality
Posted Jan 10, 2019
Authored by W. Schober | Site sec-consult.com

Cisco VoIP phone such as models 88XX suffer from script insertion, weak and hard-coded passwords, undocumented debug functionality, and various outdated components with known vulnerabilities.

tags | exploit, vulnerability
systems | cisco
advisories | CVE-2018-0461
SHA-256 | 41a1b9784b878fa08044f5ed9bf633aed22e9a1c597ac51d8518b8c652c3cb84
Download | Favorite | View
WSO2 Identity Server 5.3.0 Cross Site Scripting
Posted Apr 24, 2018
Authored by W. Schober | Site sec-consult.com

WSO2 Identity Sever version 5.3.0 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-8716
SHA-256 | 4990846341d76b6fb9e53aeae7fb7c68f1253c3a015c256315cf5ff03976dd38
Download | Favorite | View
Sonatype Nexus Repository Manager OSS/Pro 2.14.5 / 3.7.1 XSS
Posted Feb 8, 2018
Authored by W. Schober, Daniel Ostovary | Site sec-consult.com

Sonatype Nexus Repository Manager OSS/Pro versions 2.14.5 and below and 3.7.1 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2018-5306, CVE-2018-5307
SHA-256 | 3b80587bce0be93510d9991ad9cba5f6fb982d17a3ece5321a6148deded4146c
Download | Favorite | View
Whole Vibratissimo Smart Sex Toy XSS / Disclosure / Authentication
Posted Feb 1, 2018
Authored by W. Schober | Site sec-consult.com

Multiple versions of Whole Vibratissimo Smart Sex Toy suffer from credential disclosure, exposed administrative interface, cleartext storage of passwords, unauthenticated bluetooth LE connection, and other vulnerabilities. These devices screw you in more way than one.

tags | exploit, vulnerability
SHA-256 | 403b854be58e2556751dd002c7f0a562d2d43e1248c002ec974b81219a814700
Download | Favorite | View
Portrait Display SDK Service Privilege Escalation
Posted Apr 26, 2017
Authored by W. Schober | Site sec-consult.com

Portrait Display SDK Service suffers from a privilege escalation vulnerability due to an insecure service configuration.

tags | exploit
advisories | CVE-2017-3210
SHA-256 | bb0d1b7787b6ec46caf94bb51f129ccffd1be7a7a0ce6cb68b3a93e46de94b3a
Download | Favorite | View
Digitalstrom Konfigurator 1.10.0 CSRF / Cross Site Scripting
Posted Apr 22, 2016
Authored by W. Schober | Site sec-consult.com

Digitalstrom Konfigurator version 1.10.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss, csrf
SHA-256 | c1222ada6c904eee3c1aae5b05d9e712fcff0d0139e72dc176f4270549e20f32
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close