13 matches found
CVE-2020-37215
MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the 'User Name and...
CVE-2020-37192
MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system...
CVE-2020-37215
CVE-2020-37215 affects MSN Password Recovery version 1.30. The issue is a denial-of-service caused by an oversized input in the registration code field, where an attacker can paste a 9000-byte buffer of repeated characters into the "User Name and Registration Code" field to crash the application....
CVE-2020-37215 MSN Password Recovery 1.30 - Denial of Service
MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the application by supplying an oversized input in the registration code field. Attackers can generate a 9000-byte buffer of repeated characters and paste it into the 'User Name and...
CVE-2020-37192
MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system...
CVE-2020-37192
MSN Password Recovery 1.30 is affected by an XML External Entity (XXE) vulnerability that allows a local attacker to read local system files by supplying crafted XML input. The attack targets the Favorites tab via XML references to external entities, exposing sensitive configuration information. ...
CVE-2020-37192 MSN Password Recovery 1.30 - XML External Entity Injection
MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system...
CVE-2020-37192 MSN Password Recovery 1.30 - XML External Entity Injection
MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system...
PT-2026-7690
MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system...
MSN Password Recovery 1.30 - XML External Entity Injection
Exploit Title: MSN Password Recovery 1.30 - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2020-01-08 Vendor Homepage : https://www.top-password.com/ Software Link: https://www.top-password.com/download/MSNPRSetup.exe Tested on OS: Windows 10 + Exploit : PoC =================== 1...
MSN Password Recovery 1.30 - XML External Entity Injection
MSN Password Recovery 1.30 - XML External Entity Injection Exploit Title: MSN Password Recovery 1.30 - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2020-01-08 Vendor Homepage : https://www.top-password.com/ Software Link: https://www.top-password.com/download/MSNPRSetup.exe...
MSN Password Recovery 1.30 - Denial of Service Exploit
Exploit Title: MSN Password Recovery 1.30 - Denial of Service PoC Vendor Homepage: https://www.top-password.com/ Software Link: https://www.top-password.com/download/MSNPRSetup.exe Exploit Author: Gokkulraj Tested Version: v1.30 Tested on: Windows 7 x64 1.- Download and install MSN Password...
MSN Password Recovery 1.30 Denial Of Service
Exploit Title: MSN Password Recovery 1.30 - Denial of Service PoC Date: 2020-01-02 Vendor Homepage: https://www.top-password.com/ Software Link: https://www.top-password.com/download/MSNPRSetup.exe Exploit Author: Gokkulraj Tested Version: v1.30 Tested on: Windows 7 x64 1.- Download and install M...