Loading...

Explaining Mass Assignment Vulnerabilities

Programming frameworks have gained popularity due to their ability to make software development easier than using the underlying language alone. However, when developers don’t fully understand how framework functionality can be abused by [...]

By |2022-01-25T16:25:10+00:00January 25, 2022|

CVE-2020-24550: Open Redirect in Episerver Find

During the course of our work, we discovered an open redirect vulnerability in Episerver Find.  This has been assigned CVE-2020-24550. The Episerver platform includes content management, e-commerce functionality, marketing automation, and search and [...]

By |2022-01-18T21:19:40+00:00February 11, 2021|

CVE-2018-10956: Unauthenticated Privileged Directory Traversal in IPConfigure Orchid Core VMS

Affected Software: IPConfigure Orchid Core VMS (All versions < 2.0.6, tested on Linux and Windows) Vulnerability: Unauthenticated Privileged Directory Traversal CVE: CVE-2018-10956 Impact: Arbitrary File Read Access Metasploit module: https://github.com/nettitude/metasploit-modules/blob/master/orchid_core_vms_directory_traversal.rb Summary of Vulnerability IPConfigure Orchid Core VMS [...]

By |2018-06-14T13:33:15+00:00June 14, 2018|
Go to Top