EUVD-2019-17184

Malware in sbrugna...

EUVD-2018-12793

Malware in sbrugna...

S1EM - This Project Is A SIEM With SIRP And Threat Intel, All In One

Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM ...

TheHive Project Cortex 2.1.3 Server Side Request Forgery

Exploit Title: SSRF in TheHive Project Cortex = 2.1.3 Date: 2/26/2019 Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex = 2.1.3 Tested on: 2.1.3 CVE : CVE-2019-7652 Exploit description TheHi...

TheHive Project Cortex < 1.15.2 - Server-Side Request Forgery Vulnerability

Exploit for multiple platform in category web applications Exploit Title: SSRF in TheHive Project Cortex = 2.1.3 Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex = 2.1.3 Tested on: 2.1.3 CV...

Cortex Unshortenlink Analyzer &lt; 1.1 - Server-Side Request Forgery

Exploit Title: Cortex Unshortenlink Analyzer 1.1 - Server-Side Request Forgery Date: 2/26/2019 Exploit Author: Alexandre Basquin Vendor Homepage: https://blog.thehive-project.org Software Link: https://github.com/TheHive-Project/Cortex Version: Cortex = 2.1.3 Tested on: 2.1.3 CVE : CVE-2019-7652...

CVE-2019-7652

TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like "http://127.0.0.1:22" in the Data parameter. The result can be...

CVE-2019-7652

TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like "http://127.0.0.1:22" in the Data parameter. The result can be...

CVE-2019-7652

TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. To exploit the vulnerability, an attacker must create a new analysis, select URL for Data Type, and provide an SSRF payload like "http://127.0.0.1:22" in the Data parameter. The result can be...

CVE-2018-20226

An organization administrator can add a super administrator in THEHIVE PROJECT Cortex before 2.1.3 due to the lack of overriding the Role.toString method...

CVE-2018-20226

An organization administrator can add a super administrator in THEHIVE PROJECT Cortex before 2.1.3 due to the lack of overriding the Role.toString method...

CVE-2018-20226

The vulnerability CVE-2018-20226 affects THEHIVE PROJECT Cortex up to version 2.1.3, caused by not overriding Role.toString. This enables an organization administrator to add a super administrator (privilege escalation). Exploitation details are not provided in the supplied documents. Remediation...