As I 'promised': Vendor received the details but after all* - to this day - I have no idea what's goin on now... No response, no feedback, so "Vendor don't care" in my opinion. Full disclosure.
wtorek, 12 grudnia 2017
wtorek, 5 grudnia 2017
czwartek, 30 listopada 2017
Ok. Here we go again... During last few days after I had a pleasure to received some 'results' from CVE Team (1,2,3). I decided that it should be good ('enough';]) idea to create a small 'poc script' (again) to automate a little bit the process of 'finding bugs' (for example: like those mentioned in CVE's reference(s)). Below you will find few details collected after few days of 'research' and pinging the Vendors...
poniedziałek, 20 listopada 2017
This time I decided to sit for a while with Horde Groupware (5.2.19). “Ready to go” virtual machine we can find at Bitnami’s webpage (big thanks!) so using for example VirtualBox – you can set all things up very quickly. Below you will find few publicly disclosed bugs found during last few days...
piątek, 17 listopada 2017
czwartek, 16 listopada 2017
Last time we saw few bugs found in latest ManageEngine Applications Manager 13. Today I decided to publish another 6 (so called ;] '0day') exploits (found between 6-7.11.2017). Details below...