exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 47 RSS Feed

Files from Martin Heiland

Email addressmartin.heiland at open-xchange.com
First Active2014-09-15
Last Active2024-09-10
OX App Suite Backend 7.10.6-rev66 / 8.24.7 Open Redirect
Posted Sep 10, 2024
Authored by Martin Heiland

An open redirection vulnerability has been reported for a version of the Spring Framework which is shipped with OX App Suite backend versions 7.10.6-rev66 and 8.24.7.

tags | advisory
advisories | CVE-2024-22243
SHA-256 | ea468f342f7a0408607b9ba93475fecd68d35bad982ae0c29036847c45ddb637
Download | Favorite | View
OX App Suite Cross Site Scripting / Denial Of Service
Posted Aug 23, 2024
Authored by Martin Heiland

OX App Suite frontend version 7.10.6-rev42 suffers from cross site scripting vulnerabilities. OX App Suite backend versions 7.10.6-rev61 and 8.22 suffer from a denial of service vulnerability.

tags | advisory, denial of service, vulnerability, xss
advisories | CVE-2021-41184, CVE-2024-25582, CVE-2024-25710
SHA-256 | 6e2623da412af99e461937edfe417e674fe26af8c59f680b4bb1489413794ba8
Download | Favorite | View
OX App Suite Frontend 7.10.6-rev44 Cross Site Scripting
Posted Aug 23, 2024
Authored by Martin Heiland

OX App Suite frontend version 7.10.6-rev44 suffers from a cross site scripting vulnerability.

tags | advisory, xss
advisories | CVE-2024-4367
SHA-256 | 1360b972ed80fc23c7c8b3b040403a512a3915dd0f5a8e6e9c5792c83a0e4c39
Download | Favorite | View
OX App Suite 8.21 Cross Site Scripting / Information Disclosure
Posted May 7, 2024
Authored by Martin Heiland

OX App Suite version 8.21 cross site scripting and information disclosure vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2024-23186, CVE-2024-23187, CVE-2024-23188, CVE-2024-23193
SHA-256 | ab18d35bc5d3677af88f7c327825d1007c6a7376fe5c5b0c3ee1c6a433e1e8b7
Download | Favorite | View
OX App Suite 7.10.6 Cross Site Scripting / Deserialization Issue
Posted Apr 11, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6 suffers from cross site scripting and deserialization vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-46604, CVE-2024-23189, CVE-2024-23190, CVE-2024-23191, CVE-2024-23192
SHA-256 | d67b15e5e463386e7b28cf5d7d03eebfcf3f668423493ad7f356fc890f038561
Download | Favorite | View
OX App Suite 7.10.6 Cross Site Scripting / Denial Of Service
Posted Feb 14, 2024
Authored by Martin Heiland

Varying revisions of OX App Suite version 7.10.6 suffer from cross site scripting and resource consumption vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-41703, CVE-2023-41704, CVE-2023-41705, CVE-2023-41706, CVE-2023-41707, CVE-2023-41708
SHA-256 | 32ea285b9f1d95b8d51ee4996b126ef6f484d7f18c109b4ccf06178533953e56
Download | Favorite | View
OX App Suite 7.10.6 Access Control / Cross Site Scripting
Posted Jan 9, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6-rev51 suffers from an access control vulnerability. Version 7.10.6-rev34 suffers from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2023-29051, CVE-2023-29052, CVE-2023-41710
SHA-256 | 80185f3d2633831b5738bc1126710375d2e7d24e073ff394c679caa4c61efc56
Download | Favorite | View
OX App Suite 7.10.6 XSS / Command Execution / LDAP Injection
Posted Jan 9, 2024
Authored by Martin Heiland

OX App Suite version 7.10.6-rev50 suffers from remote code execution and LDAP injection vulnerabilities. Version 7.10.6-rev33 suffers from a cross site scripting vulnerability.

tags | advisory, remote, vulnerability, code execution, xss
advisories | CVE-2023-29048, CVE-2023-29049, CVE-2023-29050
SHA-256 | 592f2b04fcdcc6f8a886a43ccea679f6723dca85956b3e11029cce5b8e4022ec
Download | Favorite | View
OX App Suite SSRF / SQL Injection / Cross Site Scripting
Posted Aug 3, 2023
Authored by Mehmet Ince, Martin Heiland, Tim Coen, Eldar Zeynalli

OX App Suite suffers from remote SQL injection, server-side request forgery, cross site scripting, improper neutralization, command injection, and exposure of sensitive information vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection
advisories | CVE-2023-26430, CVE-2023-26438, CVE-2023-26439, CVE-2023-26440, CVE-2023-26441, CVE-2023-26442, CVE-2023-26443, CVE-2023-26445, CVE-2023-26446, CVE-2023-26447, CVE-2023-26448, CVE-2023-26449, CVE-2023-26450, CVE-2023-26451
SHA-256 | 719567b07d01c758653bc54850b5ade966278aebda53de372168e4c5c9d605c8
Download | Favorite | View
OX App Suite SSRF / Resource Consumption / Command Injection
Posted Jun 22, 2023
Authored by Mehmet Ince, Martin Heiland, Tim Coen, Icare

OX App Suite suffers from server-side request forgery, command injection, uncontrolled resource consumption, code injection, authorization bypass, and insecure storage vulnerabilities. Various versions in the 7.10.x and 8.x branches are affected.

tags | advisory, vulnerability
advisories | CVE-2023-26427, CVE-2023-26428, CVE-2023-26429, CVE-2023-26431, CVE-2023-26432, CVE-2023-26433, CVE-2023-26434, CVE-2023-26435, CVE-2023-26436
SHA-256 | a27979ae3ae36aed54def31f404e98c49b579e2113420246b0b046bb9f32e18d
Download | Favorite | View
OX App Suite XSS / Information Disclosure / Authorization Bypass
Posted May 9, 2023
Authored by Martin Heiland

OX App Suite has patched for sensitive information disclosure, cross site scripting, improper access control, authorization bypass, and resource consumption vulnerabilities. Some of the issues affect OX App Suite frontend version 7.10.6-rev23 and some affect OX App Suite backend version 7.10.6-rev36.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2023-24597, CVE-2023-24598, CVE-2023-24599, CVE-2023-24600, CVE-2023-24601, CVE-2023-24602, CVE-2023-24603, CVE-2023-24604, CVE-2023-24605
SHA-256 | 155ec55f6da0ebb83ce88e1e80511fb3da026e9c6a7fd7336c4fe3969b7e009a
Download | Favorite | View
OX App Suite Cross Site Scripting / Server-Side Request Forgery
Posted Feb 15, 2023
Authored by Martin Heiland

OX App Suite suffers from cross site scripting and server-side request forgery vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2022-37306, CVE-2022-42889, CVE-2022-43696, CVE-2022-43697, CVE-2022-43698, CVE-2022-43699
SHA-256 | 5da321216ffd148c932f83887a1cd3f3515a69d20e80fbfd6a71cda91af29547
Download | Favorite | View
OX App Suite 7.10.6 Cross Site Scripting / SSRF / Resource Consumption
Posted Nov 30, 2022
Authored by Martin Heiland

OX App Suite versions 7.10.6 and below suffer from cross site scripting, server-side request forgery, and resource exhaustion vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2022-31469, CVE-2022-37307, CVE-2022-37308, CVE-2022-37309, CVE-2022-37310, CVE-2022-37311, CVE-2022-37312, CVE-2022-37313
SHA-256 | ba6b2cbc7f4a93851df3e4965e0195411ca754b70e55778fee524c5fadf9d260
Download | Favorite | View
OX App Suite Cross Site Scripting / Command Injection
Posted Sep 2, 2022
Authored by Martin Heiland

OX App Suite versions 8.2 and earlier suffer from multiple cross site scripting vulnerabilities. Versions 7.10.6 and earlier suffer from a command injection vulnerability.

tags | advisory, vulnerability, xss
advisories | CVE-2022-29851, CVE-2022-29852, CVE-2022-29853, CVE-2022-31468
SHA-256 | df934839b9bb30ae7abcc52dec7595f09a5e03c04493af0116b03ecf48aee33b
Download | Favorite | View
Open-Xchange App Suite 7.10.x Cross Site Scripting / Command Injection
Posted Jul 22, 2022
Authored by Martin Heiland

Open-Xchange App Suite versions 7.10.6 and below suffer from OS command injection and cross site scripting vulnerabilities. One particular cross site scripting issue only affects versions 7.10.5 and below.

tags | advisory, vulnerability, xss
advisories | CVE-2021-42550, CVE-2022-23099, CVE-2022-23100, CVE-2022-23101, CVE-2022-24405, CVE-2022-24406
SHA-256 | 145c2f74cfe9370dfbec4b0f72f06c5a67138afef07940be7a7e97d9a4b1f072
Download | Favorite | View
OX App Suite 7.10.5 Cross Site Scripting
Posted Mar 21, 2022
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2021-44208, CVE-2021-44209, CVE-2021-44210, CVE-2021-44211, CVE-2021-44212, CVE-2021-44213
SHA-256 | 439326d231827e72e3d0872c060c5c62dddd34691c556c0825bfa59c8c7f1d96
Download | Favorite | View
OX App Suite 7.10.5 Cross Site Scripting / Information Disclosure
Posted Nov 22, 2021
Authored by Martin Heiland

OX App Suite versions 7.10.5 and below suffer from cross site scripting and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2021-38374, CVE-2021-38375, CVE-2021-38376, CVE-2021-38377, CVE-2021-38378
SHA-256 | c99f2e36cd127fb981a5512d68d67833a23fbcadee9ad6f6f9c134c3632fb7ef
Download | Favorite | View
OX App Suite / Ox Documents 7.10.x XSS / Code Injection / Traversal
Posted Nov 22, 2021
Authored by Martin Heiland

OX App Suite and OX Documents suffer from cross site scripting, code injection, path traversal, and input validation vulnerabilities. Most of these issues affect 7.10.5 and below with one affecting 7.10.4 and below.

tags | exploit, vulnerability, xss
advisories | CVE-2021-33488, CVE-2021-33489, CVE-2021-33490, CVE-2021-33491, CVE-2021-33492, CVE-2021-33493, CVE-2021-33494, CVE-2021-33495
SHA-256 | 8ee4a4656fa2949ce351598464b1ce8aca906f19ee6d4f991c80fc45a41c8c4b
Download | Favorite | View
OX Documents 7.10.5 Improper Authorization
Posted Jul 20, 2021
Authored by Martin Heiland

OX Documents version 7.10.5 suffers from multiple improper authorization vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-28093, CVE-2021-28094, CVE-2021-28095
SHA-256 | fdc415c0e1479fc1bbd7c9da23f2c1893080132040e14750beb56328b7efaa61
Download | Favorite | View
OX App Suite / OX Guard / OX Documents SSRF / Cross Site Scripting
Posted Jul 16, 2021
Authored by Martin Heiland

Open-Xchange OX App Suite, OX Guard, and OX Documents suffer from server-side request forgery and cross site scripting vulnerabilities. Some of these issues only affect version 7.10.3 while some affect 7.10.4 and earlier.

tags | exploit, vulnerability, xss
advisories | CVE-2020-24700, CVE-2020-24701, CVE-2021-26698, CVE-2021-26699
SHA-256 | 264f5c37a41ec6bca16aeacc29650f3f157abec2e181ef828458e50fe0bc2740
Download | Favorite | View
OX App Suite / OX Guard SSRF / DoS / Cross Site Scripting
Posted Apr 30, 2021
Authored by Martin Heiland

OX App Suite versions 7.10.4 and below suffer from cross site scripting and server-side request forgery vulnerabilities. OX Guard versions 2.10.4 and below suffer from a denial of service vulnerability.

tags | exploit, denial of service, vulnerability, xss
advisories | CVE-2020-28943, CVE-2020-28944, CVE-2020-28945
SHA-256 | f79fdb3de2e0adf5d96f8bd0f53e9ea78572bc1ad06052cccf66726ab09192b0
Download | Favorite | View
OX App Suite / OX Documents 7.10.x XSS / SSRF
Posted Jan 8, 2021
Authored by Martin Heiland, notoriousrip, Stuart Redman

OX App Suite and OX Documents suffer from server-side request forgery and multiple cross site scripting vulnerabilities. Various versions are affected including 7.10.4 and 7.10.3.

tags | exploit, vulnerability, xss
advisories | CVE-2020-24700, CVE-2020-24701
SHA-256 | ba8c16584bc43d579279e941f2d796ec74153f6debe5a7df85b435f86196a43c
Download | Favorite | View
OX App Suite / OX Documents 7.10.3 XSS / Server-Side Request Forgery
Posted Oct 19, 2020
Authored by Martin Heiland, Zeeshan Khalid, Sreejith Krishnan R, MOGWAI LABS, notoriousrip

OX App Suite and OX Documents versions 7.10.3 and some prior versions suffer from information exposure, server-side request forgery, and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-15002, CVE-2020-15003, CVE-2020-15004
SHA-256 | 4fa6c054c00387a832592e2040a5da296d518180b40ccda03e95e88b581e3a1d
Download | Favorite | View
OX App Suite / OX Documents XSS / SSRF / Bypass
Posted Aug 21, 2020
Authored by Martin Heiland

OX App Suite and OX Documents suffer from access control bypass, cross site scripting, and improper input validation vulnerabilities. Multiple version ranges are affected.

tags | exploit, vulnerability, xss, bypass
advisories | CVE-2020-12643, CVE-2020-12644, CVE-2020-12645, CVE-2020-12646, CVE-2020-8542
SHA-256 | 51edab0377b8fe0d44554f6f7f4760f83af8457588e97679c30c8d3bae31cdc2
Download | Favorite | View
OX Guard 2.10.3 Cross Site Scripting / Server-Side Request Forgery
Posted Jun 12, 2020
Authored by Martin Heiland

OX Guard version 2.10.3 suffers from server-side request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2020-9426, CVE-2020-9427
SHA-256 | 893145b9db604b7ed2accebb80ae3b758c5c402c2edddeae5cf393b911b11fb3
Download | Favorite | View
Page 1 of 2
Back12Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close