8 matches found
LISTSERV 17 - Insecure Direct Object Reference (IDOR) Vulnerability
Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Google Dork: inurl:/scripts/wa.exe Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019 CVE :...
LISTSERV 17 - Insecure Direct Object Reference (IDOR)
Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Google Dork: inurl:/scripts/wa.exe Date: 12/02/2022 Exploit Author: Shaunt Der-Grigorian Vendor Homepage: https://www.lsoft.com/ Software Link: https://www.lsoft.com/download/listserv.asp Version: 17 Tested on: Windows Server 2019...
CVE-2022-40319
creationtimestamp| type| source ---|---|--- 2023-01-18 00:15:27+00:00| seen| https://t.me/cibsecurity/56624...
LISTSERV 17 Insecure Direct Object Reference Vulnerability
Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Exploit Author: Shaunt D Vendor Homepage: https://www.lsoft.com/ Version: 17 Tested on: Windows Server 2019 CVE : CVE-2022-40319 Steps to replicate 1. Create two accounts on your LISTSERV 17 installation, logging into each one in ...
CVE-2022-40319
The CVE-2022-40319 affects LISTSERV 17 web interface and is an Insecure Direct Object Reference (IDOR) vulnerability where remotes can modify a victim’s account by altering the email in the wa.exe URL (e.g., wa.exe?INDEX&X&Y). Root cause is improper access control on user identifiers exposed via ...
CVE-2022-40319
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References IDOR attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account...
LISTSERV 17 Insecure Direct Object Reference
Exploit Title: LISTSERV 17 - Insecure Direct Object Reference IDOR Exploit Author: Shaunt D Vendor Homepage: https://www.lsoft.com/ Version: 17 Tested on: Windows Server 2019 CVE : CVE-2022-40319 Steps to replicate 1. Create two accounts on your LISTSERV 17 installation, logging into each one in ...
CVE-2022-40319
The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References IDOR attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account...