what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Fabian Densborn

Boomerang Parental Control App Cross Site Scripting / Privilege Escalation

Posted Jul 11, 2023

Authored by Fabian Densborn, Bernhard Grundling | Site sec-consult.com

Boomerang Parental Control App versions prior to 13.83 suffer from cross site scripting and privilege escalation vulnerabilities.

tags | exploit, vulnerability, xss

advisories | CVE-2023-36620, CVE-2023-36621

SHA-256 | 36d9a4ce808b543a35f028f7b83b69cd74e5758e476b4d02cd6aa7de664767d3

Download | Favorite | View

Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens

Posted May 30, 2023

Authored by Fabian Densborn | Site sec-consult.com

Serenity and StartSharp Software versions prior to 6.7.1 suffer from file upload to cross site scripting, user enumeration, and reusable password reset token vulnerabilities.

tags | exploit, vulnerability, xss, file upload

advisories | CVE-2023-31285, CVE-2023-31286, CVE-2023-31287

SHA-256 | 0c6c4576c7182cef60f1720011b706cffbe6a3ce7cde23ea97cdccf7a4dc0430

Download | Favorite | View

Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload

Posted May 16, 2023

Authored by Fabian Densborn, Bernhard Grundling | Site sec-consult.com

Kiddoware Kids Place Parental Control Android App versions 3.8.49 and below suffer from weak hashing, cross site request forgery, cross site scripting, and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss, file upload, csrf

advisories | CVE-2023-28153, CVE-2023-29078, CVE-2023-29079

SHA-256 | b33a2a364778cd72fba75e79c7bdf844aa87c6638b73e7e53fb94bf760948718

Download | Favorite | View