barrett092
barrett092
/ gist:9ed092e4b14b9145f4d046556eb9dab7
Last active
July 25, 2023 09:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Author: Christopher J. Barretto | |
| Organization: GraVoc | |
| CVE ID: CVE-2023-33524 | |
| Name of Product: Advent/SSC Inc. Tamale RMS | |
| Affection Version: Tamale RMS - All versions under 23.1 |
barrett092
/ CVE-2019-17526
Created
October 13, 2019 17:54
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: SageCell Python Web Injection Vulnerability | |
| # Google Dork: | |
| # Date: 10/13/19 | |
| # Exploit Author: Christopher J. Barretto @ Advoqt | |
| # Vendor Homepage: www.advoqt.com | |
| # Software Link: https://sagecell.sagemath.org/ | |
| # Version: SageCell - ALL VERSIONS | |
| # Tested on: Unix | |
| # CVE : CVE-2019-17526 (issued in progress) |
barrett092
/ gist:c70752ca6960b8b9616a03006f291a28
Last active
June 1, 2018 15:14
EMS Master Calendar Reflected XSS Vulnerability (<8.0.0.20180520)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters are not properly sanitized, allowing malicious attackers to send a crafted URL and execute code in the context of the user's browser. | |
| ------------------------------------------ | |
| Additional Information: | |
| CVE-Reference: CVE-2018-11628 | |
| Product: EMS Master Calendar | |
| Vendor: EMS Software | |
| Vulnerable Version: Before 8.0.0.20180521 |