Skip to content
/ CVE Public

Here, we document vulnerabilities discovered during penetration testing with PWNCAT

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ka0x-offsec/CVE

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
SQLi
SQLi
 
 
XSS
XSS
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

CVE

This repository contains documented CVEs discovered during ethical hacking and security assessments.

Vulnerability Type CVE ID Description
Cross-Site Scripting (XSS) CVE-2024-8750 Cross-site Scripting (XSS) vulnerability in idoit pro version 28. This vulnerability allows an attacker to retrieve session details of an authenticated user due to lack of proper sanitization of the following parameters (id,lang,mNavID,name,pID,treeNode,type,view).
SQL Injection (SQLi) CVE-2024-8749 Vulnerabilidad de inyección SQL en idoit pro versión 28. Esta vulnerabilidad podría permitir a un atacante enviar una consulta especialmente manipulada al parámetro ID en /var/www/html/src/classes/modules/api/model/cmdb/isys_api_model_cmdb_objects_by_relation.class.php y recuperar toda la información almacenada en la base de datos.

About

Here, we document vulnerabilities discovered during penetration testing with PWNCAT

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published