Lucene search
K

16 matches found

ripstech
ripstech
added 2017/10/17 12:0 p.m.30 views

flatCore CMS 1.4.6: Remote Code Execution and Easteregg

RIPS Analysis The 74,000 lines of code of the flatCore CMS were analyzed in less than 3 minutes. RIPS discovered multiple vulnerabilities ranging from open redirection CVE-2017-11205 and cross-site scripting CVE-2017-11204 to SQL injection CVE-2017-11207, many of them being exploitable as...

8.1AI score
Exploits0
ripstech
ripstech
added 2016/12/23 11:0 a.m.19 views

e107 2.1.2: SQL Injection through Object Injection

RIPS Analysis The e107 CMS consists of 317,356 lines of code and was analyzed in about 2 minutes. Many of the vulnerabilities found by RIPS are exploitable, despite a few exceptions. The main reason for this is that e107 contains a lot of unused code from previous releases and thus not all affect...

8.2AI score
Exploits0
ripstech
ripstech
added 2016/12/21 12:0 p.m.10 views

AbanteCart 1.2.8 - Multiple SQL Injections

RIPS Analysis The analysis with RIPS of the well over 200,000 lines of code took 4 minutes to complete. The most critical issues were primarily located in the language manager of the application and could thus be fixed as a bundle. The truncated analysis results are available in our RIPS demo...

7.2AI score
Exploits0
ripstech
ripstech
added 2016/12/20 12:0 p.m.13 views

Kliqqi 3.0.0.5: From Cross-Site Request Forgery to Code Execution

RIPS Analysis RIPS analysis of the 77,000 lines of Kliqqi code took only 31 seconds to complete and was able to discover several risks within the application. There were no critical vulnerabilities found directly but it is possible to escalate one high-rated security issue to a critical one - as ...

7.3AI score
Exploits0
ripstech
ripstech
added 2016/12/19 12:0 p.m.10 views

osClass 3.6.1: Remote Code Execution via Image File

RIPS Analysis RIPS was able to scan the 156,000 lines of code in just 23 seconds. Looking at the scan results, a high number of vulnerabilities were detected in this project. Especially high-rated vulnerabilities seem to make the race. However, there is no critical-rated vulnerability found on th...

7.1AI score
Exploits0
ripstech
ripstech
added 2016/12/16 12:0 p.m.16 views

Redaxo 5.2.0: Remote Code Execution via CSRF

RIPS Analysis When inspecting the charts generated by RIPS, a code execution vulnerability indicated as critical catches our eye. Investigating this issue closer quickly reveals that the vulnerability lies in the administrator panel, seemingly nulling the severity of the vulnerability. We will se...

7.7AI score
Exploits0
ripstech
ripstech
added 2016/12/15 11:0 a.m.21 views

Guest Post: Vtiger 6.5.0 - SQL Injection

RIPS Analysis RIPS analyzed the 27,371 files with around 650,000 lines of code in only 6 minutes. Due to the nature of a CRM system, it is necessary to have a valid user account to access any of the provided features. Nevertheless, the discovered issues allowed low-privileged users to access high...

7AI score
Exploits0
ripstech
ripstech
added 2016/12/13 12:0 p.m.39 views

phpBB 2.0.23 - From Variable Tampering to SQL Injection

RIPS Analysis The forum phpBB2 consists of only 50,000 lines of code and RIPS took only 19 seconds for its in-depth security analysis to complete. It found various PHP object injection vulnerabilities which are less severe due to missing gadget chains. Further, many SQL injections are reported du...

8.1AI score
Exploits0
ripstech
ripstech
added 2016/12/09 12:0 p.m.12 views

Precurio 2.1: Remote Command Execution via Xinha Plugin

RIPS Analysis RIPS detected many security vulnerabilities, such as SQL injection and cross-site scripting issues. In order to exploit most of these vulnerabilities in Precurios code base, a user account is required. Precurio also includes a lot of third-party code though that is directly...

7.6AI score
Exploits0
ripstech
ripstech
added 2016/12/08 11:0 a.m.13 views

PHPKit 1.6.6: Code Execution for Privileged Users

RIPS Analysis Within only 24 seconds, the analysis with RIPS completed and uncovered critical security vulnerabilities, mainly in the administration section of the application. As we demonstrated in multiple previous calendar posts, these vulnerabilities can be chained with other vulnerabilities...

7.3AI score
Exploits0
ripstech
ripstech
added 2016/12/07 12:0 p.m.7 views

Serendipity 2.0.3: From File Upload to Code Execution

RIPS Analysis The analysis of Serendipity with RIPS took 67 seconds to complete. The total amount of issues is reasonable for a web application of this size. Most of the 36 low severe issues detected are information leakage issues, for example, when an error message leaks the DBMS system of a...

6.8AI score
Exploits0
ripstech
ripstech
added 2016/12/06 12:0 p.m.14 views

Roundcube 1.2.2: Command Execution via Email

The mirror on SourceForge counts more than 260,000 downloads for Roundcube in the last 12 months1 which is only a small fraction of the actual users. Once Roundcube is installed on a server, it provides a web interface for authenticated users to send and receive emails with their web browser. RIP...

6.9AI score
Exploits0
ripstech
ripstech
added 2016/12/05 12:0 p.m.9 views

Expression Engine 3.4.2: Code Reuse Attack

RIPS Analysis The analysis with RIPS took about 4 minutes. Overall, the code of Expression Engine seems to be very robust. Still our analysis results point out some vulnerabilities. RIPS detected mainly possibilities for a malicious user to embed HTML and JavaScript code via the administration...

7AI score
Exploits0
ripstech
ripstech
added 2016/12/04 11:27 a.m.11 views

Introducing the RIPS analysis engine

History 2007 - 2009 Almost 10 years ago, a simple PHP Scanner was developed during popularity gaining Capture The Flag CTF hacking battles of university teams. The scanner based on regular expressions and identified simple connections between user input that is first assigned to a variable and th...

7AI score
Exploits0
ripstech
ripstech
added 2016/12/03 11:0 a.m.13 views

eFront 3.6.15: Steal your professors password

RIPS Analysis Our SAST tool RIPS analyzed the whole application in only 1m 32s and uncovered many severe security issues. Most of them are straight-forward SQL Injections that can be used to extract confidential user data, such as passwords, private messages, course results, and personal...

7.5AI score
Exploits0
ripstech
ripstech
added 2016/12/02 12:0 p.m.7 views

Coppermine 1.5.42: Second-Order Command Execution

RIPS Analysis The analysis with RIPS took only 53 seconds to complete and it uncovered a lot of security vulnerabilities - although most of them require authentication. Nonetheless, these issues are severe because they can be combined with other security vulnerabilities that allow an attacker to...

7.8AI score
Exploits0
Rows per page
Query Builder