CVE-2019-14365

The CVE-2019-14365 entry concerns the WordPress Intercom plugin (versions around 1.2.1/1.2.2). The vulnerability is a leakage of a Slack Access Token embedded in the plugin’s source code, enabling an attacker to access Slack-related data (channels, members, etc.). Details across connected sources...

CVE-2019-14365

The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...

WP Intercom Slack <= 1.2.2 - Slack Access Token Disclosure

The Intercom plugin through 1.2.2 leaks a Slack Access Token in source code. An attacker can obtain a lot of information about the victim's Slack channels, members, etc...

BEWARD Intercom 2.3.1 - Credentials Disclosure

!/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions above 2.2.11: The application data directory, whic...

BEWARD Intercom 2.3.1 - Credentials Disclosure Exploit

Exploit for windows platform in category local exploits !/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For...

BEWARD Intercom Detection (Windows SMB Login)

SMB login-based detection of BEWARD Intercom. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

BEWARD Intercom 2.3.1 - Credentials Disclosure

BEWARD Intercom 2.3.1 - Credentials Disclosure !/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions abo...

BEWARD Intercom 2.3.1 Credential Disclosure

!/usr/bin/env python -- coding: utf8 -- BEWARD Intercom 2.3.1 Credentials Disclosure Vendor: Beward R&D Co., Ltd Product web page: https://www.beward.net Affected version: 2.3.1.34471 2.3.0 2.2.11 2.2.10.5 2.2.9 2.2.8.9 2.2.7.4 Note: For versions above 2.2.11: The application data directory, whic...

BEWARD Intercom <= 2.3.4 Security Bypass Vulnerability - Windows

BEWARD Intercom on Windows is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

BEWARD Intercom 2.3.1 Credentials Disclosure

Summary Multiaccessible User Operation, Electronic Lock Control, Real-Time Video, Two-Way Audio. The software is used for BEWARD IP video door stations control. Description The application stores logs and sensitive information in an unencrypted binary file called BEWARD.INTERCOM.FDB. A local...

Insecure Logout

intercom-rails is vulnerable to insecure logouts. The library does not delete cookies on a user logging out, meaning that users aren't properly signed out, allowing a malicious user to access the system as a different user...

Intercom MaLion for Windows and Mac SQL Injection Vulnerability

Intercom MaLion for Windows and MaLion for Mac are both products of Intercom Japan. Intercom MaLion for Windows is an IT asset management solution based on the Windows platform. maLion for Mac is a version based on the Mac platform. A SQL injection vulnerability exists in Intercom MaLion versions...

Intercom MaLion for Mac Information Disclosure Vulnerability

Intercom MaLion for Mac is a Mac-based IT asset management solution from Intercom Japan. A security vulnerability exists in Intercom MaLion versions 4.3.0 through 5.2.1 for Mac-based platforms, which originates from the program failing to properly validate certificates. An attacker could exploit...

Intercom MaLion for Windows and Mac Authentication Bypass Vulnerability

Intercom MaLion for Windows and MaLion for Mac are both products of Intercom Japan. Intercom MaLion for Windows is an IT asset management solution based on the Windows platform. maLion for Mac is a version based on the Mac platform. A security vulnerability exists in Intercom MaLion versions 5.0....

Intercom MaLion for Windows and MaLion for Mac Authentication Bypass Vulnerability

Intercom MaLion for Windows and MaLion for Mac are both products of Intercom Japan. Intercom MaLion for Windows is an IT asset management solution based on the Windows platform. maLion for Mac is a version based on the Mac platform. A security vulnerability exists in Intercom MaLion 5.2.1 and...

Legal Robot: Intercom chat session information persists after logout

Hi team, While testing i look for session related issues but It seems that The Site is Will protected For such problems But a little Issue related to that i wanted to mention here... When A user Sign-In to his account he can see a Little chat button on Bottom right corner of the page After...

Cuvva: Sensitive Support Mail Disclosure

An issue with our handling of Intercom sessions existed in one of our partner dashboards. Exact details being kept under wraps for now, as it's an issue which exists in a large number of Intercom installations...

Comelit Intercom Master Detection

Binary data comelitmasterdetect.nbin...

Comelit Intercom Detection

Binary data comelitdetect.nbin...

Cross-site Scripting (XSS)

intercom-rails is vulnerable to cross-site scripting XSS attacks. These attacks are possible through the script tags in intercom settings...