8 matches found
CVE-2020-35775
CITSmart before 9.1.2.23 allows LDAP Injection...
CITSmart ITSM 9.1.2.22 - LDAP Injection Vulnerability
Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the username field of login...
CITSmart ITSM 9.1.2.22 LDAP Injection
Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...
CITSmart ITSM 9.1.2.22 - LDAP Injection
Exploit Title: CITSmart ITSM 9.1.2.22 - LDAP Injection Google Dork: "citsmart.local" Date: 29/12/2020 Exploit Author: skysbsb Vendor Homepage: https://docs.citsmart.com/pt-br/citsmart-platform-9/get-started/about-citsmart/release-notes.html Version: = 9.1.2.23 Using this LDAP query in the usernam...
CVE-2020-35775
creationtimestamp| type| source ---|---|--- 2021-02-15 18:46:45+00:00| seen| https://t.me/cibsecurity/23600 2021-09-21 06:42:48+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/166 2021-09-21 06:42:48+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/165 2024-11-14...
CVE-2020-35775
CITSmart before 9.1.2.23 allows LDAP Injection...
CVE-2020-35775
CVE-2020-35775 affects CITSmart ITSM prior to 9.1.2.23. The issue is an LDAP injection leading to authentication bypass: the login logic returns the last user from an LDAP search instead of the intended one, allowing login with a known account without the target password. Affected versions are = ...
CVE-2020-35775
CITSmart before 9.1.2.23 allows LDAP Injection...