Security Advisories and Researches
Ruby
Latest commit 75707c5 Aug 19, 2014 @epinna Update README.md

README.md

Advisories

Security advisories I've published in the latest years.

VMTurbo Operations Remote Command Execution

VMTurbo Operations Manager appliance can be exploited by an unauthenticated attacker to execute unauthenticated arbitrary remote commands.

25-07-2014 | CVE-2014-5073 | Original advisory | Advisory details | Metasploit Module | Status: Fixed in 4.6-28657

Moodle XSS and File Deletion exploiting a PHP object injection

Moodle CMS passes the unsanitized user-supplied input to the PHP unserialize() function and can be exploited to delete arbitrary files and to conduct reflected XSS attacks.

16-09-2013 | CVE-2013-5674 | Advisory | Status: Fixed in 2.5.2

Joomla Core Reflected XSS Vulnerability

Joomla core suffers from reflected XSS vulnerability that can be exploited to steal cookies, session tokens, and other sensitive information in the context of the affected website.

04-09-2013 | CVE-2013-5583 | Advisory | Status: Fixed after version 3.1.5

Alice Gate CSRF Reconfiguration Security Bypass

The ADSL routers Telecom ADSL Alice Gate VoIP 2 Plus Wi-Fi and ADSL2+ Wi-Fi N suffer from a CSRF attack that can be exploited to manipulate internal configuration and e.g. replace DNS addresses, open the telnet service to the WAN side, change the traffic routing, reconfigure the VoIP, etc. leading to a complete takeover of the system and the LAN. This can also be exploited to enable hidden administrative features.

02-09-2012 | Main advisory (ITA) | Technical advisory (ITA) | Status: Mitigated in next versions.

KusabaX Reflected XSS and CSRF Vulnerabilites

KusabaX suffers from reflected XSS vulnerability that can be exploited to steal cookies, session tokens, and other sensitive information in the context of the website embedding the vulnerable editor. This also suffers from CSRF vulnerability that can be exploited to execute arbitray SQL statements.

27-04-2011 | Advisory | Status: Fixed in 0.9.2

Fastweb XSS and Myfastpage Authentication Security Bypass

Fastweb website suffers from an XSS vulnerability that can be exploited to steal the authentication token. This can be exploited to access to the Fastweb account control panels bypassing the proper authentication and IP checks.

03-06-2010 | Advisory (ITA) | Status: Fixed