from:"Georg Ph E Heise via Fulldisclosure"

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update packages are downloaded via unencrypted HTTP [CVE-2020-11718]

2020-12-18 Thread Georg Ph E Heise via Fulldisclosure

Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update packages are downloaded via unencrypted HTTP === Identifiers - CVE-2020-11718 Vendor

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-8995]

2020-12-18 Thread Georg Ph E Heise via Fulldisclosure

Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key === Identifiers - CVE-2020-8995 Vendor

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Multiple SQL Injections [CVE-2020-11717]

2020-12-18 Thread Georg Ph E Heise via Fulldisclosure

Programi Bilanc - Build 007 Release 014 31.01.2020 - Multiple SQL Injections = Identifiers - CVE-2020-11717 Vendor -

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-11719]

2020-12-18 Thread Georg Ph E Heise via Fulldisclosure

Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key === Identifiers - CVE-2020-11719 Vendor

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default Password - CVE-2020-11720

2020-12-18 Thread Georg Ph E Heise via Fulldisclosure

Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default Password === Identifiers - CVE-2020-11720 Vendor

[FD] Matrix42 Workspace Management 9.1.2.2765 – Reflected Cross-Site Scripting

2020-04-14 Thread Georg Ph E Heise via Fulldisclosure

Matrix42 Workspace Management 9.1.2.2765 – Reflected Cross-Site Scripting === Identifiers - * CVE-2019-19913 CVSSv3 score

[FD] Workspace Management 9.1.2.2765 - Stored Cross-Site Scripting

2020-04-14 Thread Georg Ph E Heise via Fulldisclosure

Matrix42 Workspace Management 9.1.2.2765 – Stored Cross-Site Scripting === Identifiers - CVE-2019-19500 CVSSv3 score -

[FD] CVE-2019-19913

2020-03-27 Thread Georg Ph E Heise via Fulldisclosure

codeBeamer – Stored Cross-Site Scripting === Identifiers - * CVE-2019-19913 CVSSv3 score - 6.4

[FD] Reflected XSS – HRworks Login (v1.16.1)

2019-09-20 Thread Georg Ph E Heise via Fulldisclosure

# Exploit Title: Reflected XSS – HRworks Login (v1.16.1) # Vendor Homepage: https://www.hrworks.de # Exploit Author: Georg Philipp Erasmus Heise / Lufthansa Industry Solutions # Contact: https://twitter.com/gpheheise # Website: https://www.lufthansa-industry-solutions.com # Category: webapps

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update packages are downloaded via unencrypted HTTP [CVE-2020-11718]

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-8995]

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Multiple SQL Injections [CVE-2020-11717]

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-11719]

[FD] Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default Password - CVE-2020-11720

[FD] Matrix42 Workspace Management 9.1.2.2765 – Reflected Cross-Site Scripting

[FD] Workspace Management 9.1.2.2765 - Stored Cross-Site Scripting

[FD] CVE-2019-19913

[FD] Reflected XSS – HRworks Login (v1.16.1)

9 matches

Site Navigation

Mail list logo

Footer information