79 matches found
PT-2026-48808
Summary Several Kolibri API endpoints accept an unvalidated baseurl parameter and fetch attacker-controlled URLs from the Kolibri server, reflecting the response body back to the caller. The original report identified two endpoints on the RemoteFacilityUser viewsets; remediation review found two...
CVE-2026-48053
creationtimestamp| type| source ---|---|--- 2026-05-27 17:45:47+00:00| published-proof-of-concept| https://github.com/learningequality/kolibri/security/advisories/GHSA-4mj9-pf4r-cqrc...
kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5174 via pypickle (=1.1.0)
pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5174 Source advisory: OSV:GHSA-5QWJ-342R-H886...
kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5175 via pypickle (=1.1.0)
pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5175 Source advisory: OSV:GHSA-QPXX-2CWH-R5VH...
kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5175 via pypickle (=1.1.0)
pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5175 Source advisory: OSV:PYSEC-2025-46...
kolibri-light (>=0.1.1 <=0.3.2) potentially affected by CVE-2025-5174 via pypickle (=1.1.0)
pypickle PYPI version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on pypickle and may be impacted: - kolibri-light =0.1.1, =0.3.2 Source cves: CVE-2025-5174 Source advisory: OSV:PYSEC-2025-45...
Kolibri 2.0 Buffer Overflow
!/usr/bin/python3 Exploit Title: Kolibri GET request buffer Overflow Stack Egghunter Date: 2 Augst 2023 Exploit Author: Mahmoud NourEldin @Engacker Vendor App: https://www.exploit-db.com/apps/4d4e15b98e105facf94e4fd6a1f9eb78-Kolibri-2.0-win.zip Version: Kolibri 2.0 Tested on: Windows 10...
Malicious Package
Overview @kolonialno/kolibri-web is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
CVE-2014-5289
Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request...
Buffer overflow
Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request...
CVE-2014-5289
CVE-2014-5289 is a stack/remote buffer overflow in SENKAS Kolibri Webserver 2.0 where improper validation of input in HTTP POST handling allows a remote attacker to execute arbitrary code. Public reports (SAINT, EXPLOIT-DB, Seebug) describe a user-supplied long URI in POST requests as the trigger...
CVE-2014-5289
Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a POST request...
Kolibri-WebServer-2.0-GET
Exploit Title : Kolibri WebServer 2.0 Get Request SEH Exploit Exploit Author : Revin Hadi S Date : 14/07/2014 Vendor : http://www.senkas.com Version : 2.0 import socket, sys help = """Kolibri WebServer 2.0 Get Request SEH Exploit Target 1Windows XP SP2 Eng & Windows 2003 SP2 Eng 2Windows 7 SP1 En...
Kolibri WebServer HTTP POST Request Handling Remote Stack Buffer Overflow
Added: 10/10/2014 CVE: CVE-2014-5289 BID: 69263 OSVDB: 110142 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...
Kolibri WebServer HTTP POST Request Handling Remote Stack Buffer Overflow
Added: 10/10/2014 CVE: CVE-2014-5289 BID: 69263 OSVDB: 110142 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...
Kolibri Webserver 2.0 Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass
No description provided by source. !/bin/python import socket, sys, re Exploit Title: Kolibri POST Buffer overflow with EMET 5.0 and EMET 4.1 Partial Bypass Date: September 30th 2014 Author: tekwizz123 Vendor Homepage: http://www.senkas.com Software Download:...
Kolibri WebServer HTTP POST Request Handling Remote Stack Buffer Overflow
Added: 10/10/2014 CVE: CVE-2014-5289 BID: 69263 OSVDB: 110142 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...
Kolibri WebServer HTTP POST Request Handling Remote Stack Buffer Overflow
Added: 10/10/2014 CVE: CVE-2014-5289 BID: 69263 OSVDB: 110142 Background SENKAS Kolibri Webserver is a free very simple web server for Microsoft Windows that supports serving static web content. Problem Kolibri Webserver is vulnerable to a stack buffer overflow as a result of failure to properly...
Kolibri WebServer 2.0 - Remote Buffer Overflow (EMET 5.0 / EMET 4.1 Partial Bypass)
!/bin/python import socket, sys, re Exploit Title: Kolibri POST Buffer overflow with EMET 5.0 and EMET 4.1 Partial Bypass Date: September 30th 2014 Author: tekwizz123 Vendor Homepage: http://www.senkas.com Software Download: http://www.senkas.com/kolibri/download.php Version: 2.0 Tested on: Windo...
Kolibri Webserver 2.0 Buffer Overflow with EMET 5.0 and EMET 4.1 Partial Bypass Exploit
Exploit for windows platform in category remote exploits !/bin/python import socket, sys, re Exploit Title: Kolibri POST Buffer overflow with EMET 5.0 and EMET 4.1 Partial Bypass Date: September 30th 2014 Author: tekwizz123 Vendor Homepage: http://www.senkas.com Software Download:...