CVE-2023-50786

Dradis through 4.16.0 allows referencing external images resources over HTTPS, instead of forcing the use of embedded uploaded images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network...

CVE-2023-50786

Dradis through 4.16.0 allows referencing external images resources over HTTPS, instead of forcing the use of embedded uploaded images. This can be leveraged by an authorized author to attempt to steal the Net-NTLM hashes of other authors on a Windows domain network...

PT-2023-30106

Name of the Vulnerable Software and Affected Versions FireFlow versions prior to A32.20 b570 FireFlow versions prior to A32.50 b390 FireFlow versions prior to A32.60 b220 Description The issue allows an attacker to obtain a victim's domain credentials and Net-NTLM hash via HTML injection in the...

SharpWebServer - HTTP And WebDAV Server With Net-NTLM Hashes Capture Functionality

A Red Team oriented simple HTTP & WebDAV server written in C with functionality to capture Net-NTLM hashes. To be used for serving payloads on compromised machines for lateral movement purposes. Requires .NET Framework 4.5 and System.Net and System.Net.Sockets references. Usage :: SharpWebServer ...

Claromentis Discuss 1.2.1 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Issue: Stored Cross site Scripting XSS on Discuss Module v1.2.1 in Claromentis intranet application Reserved CVE: CVE-2018-15903 Vulnerability OverviewThe Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to Stored Cross Site Scripting...