4 matches found
CVE-2019-7652
creationtimestamp| type| source ---|---|--- 2019-05-10 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46820...
Cortex Unshortenlink Analyzer < 1.1 - Server-Side Request Forgery Vulnerability
Exploit for multiple platform in category web applications Exploit Title: Cortex Unshortenlink Analyzer 1.1 - Server-Side Request Forgery Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex =...
Cortex Unshortenlink Analyzer < 1.1 - Server-Side Request Forgery
Exploit Title: Cortex Unshortenlink Analyzer 1.1 - Server-Side Request Forgery Date: 2/26/2019 Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex = 2.1.3 Tested on: 2.1.3 CVE : CVE-2019-7652...
CVE-2019-7652
The CVE-2019-7652 affects TheHive Project’s UnshortenLink analyzer (pre-1.1) included in Cortex analyzers (pre-1.15.2). It enables SSRF via the Data parameter when selecting URL, allowing an attacker to supply an SSRF payload (for example, http://127.0.0.1:22) and observe results on the dashboard...