what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from F. Lukavsky

Oracle Application Express Cross Site Scripting

Posted Jul 17, 2015

Authored by F. Lukavsky | Site sec-consult.com

The gReport Controls Sort Widget in Oracle Application Express is prone to permanent cross site scripting. The setting "display as" of the column attributes is ignored for the filter list. Versions prior to 4.2.3.00.08 are affected.

tags | exploit, xss

advisories | CVE-2015-2655

SHA-256 | c9ce7cae929b2bfcfbbd561c21486f566a196d3064d30611bb77669161526837

Download | Favorite | View

IBM Algorithmics RICOS Disclosure / XSS / CSRF

Posted Jun 30, 2014

Authored by F. Lukavsky, A. Kolmann, V. Habsburg-Lothringen | Site sec-consult.com

IBM Algorithmics RICOS versions 4.5.0 through 4.7.0 suffer from cross site scripting, cross site request forgery, information disclosure, data manipulation, broken encryption, and various other vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure, csrf

advisories | CVE-2014-0864, CVE-2014-0865, CVE-2014-0866, CVE-2014-0867, CVE-2014-0868, CVE-2014-0869, CVE-2014-0870, CVE-2014-0871, CVE-2014-0894

SHA-256 | 945e5852d35d3f39d7bede3cae55f9fa93875250647822bf399c4895974db9cc

Download | Favorite | View

Oracle WebCenter Sites (AKA FatWire) XSS / SQL Injection / CSRF

Posted Oct 17, 2012

Authored by F. Lukavsky | Site sec-consult.com

Oracle WebCenter Sites (formerly FatWire Content Server) suffers from remote SQL injection, cross site scripting, cross site request forgery, and authorization vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf

advisories | CVE-2012-3183, CVE-2012-3184, CVE-2012-3185, CVE-2012-3186

SHA-256 | 2e58dbac366be3ceaec1dea852ec97d169c2fb12f50938bea3432feb91ee6b9b

Download | Favorite | View

EMC Documentum eRoom 7.33.498.98 Cross Site Scripting

Posted Mar 16, 2012

Authored by F. Lukavsky, B. Schildendorfer | Site sec-consult.com

EMC Documentum eRoom version 7.33.498.98 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 9339995995b0ec5644fade6d3de25a0a2a0bd885417c0336349031a156ec9ea2

Download | Favorite | View