Categoria: Researches

Authenticated SQL Injection in Centreon 3.4.x

I found the SQL Injection in the “searchH’ POST parameter.    

Path traversal in 3cx

We constantly choose some well known apps to take a closer look here in the lab. Besides the learning factor we take joy in attacking and observing different plataforms. 3CX was the target this time. 3CX is an open source

Information Disclosure – ForgeRock OpenIDM 4.0.0 and 4.5.0

Security vulnerabilities have been discovered in OpenIDM components including the Info Service, Self-Service UI and Admin UI. These issues are present in versions of OpenIDM including 4.0.0 and 4.5.0. This advisory provides guidance on how to ensure your deployments can be secured.

XSS – Simple Photo Gallery

BYPASS on TREND MICRO OfficeScan.

Top