Skip to content

Instantly share code, notes, and snippets.

barrett092

Block or report user

Report or block barrett092

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View CVE-2019-17526
# Exploit Title: SageCell Python Web Injection Vulnerability
# Google Dork:
# Date: 10/13/19
# Exploit Author: Christopher J. Barretto @ Advoqt
# Vendor Homepage: www.advoqt.com
# Software Link: https://sagecell.sagemath.org/
# Version: SageCell - ALL VERSIONS
# Tested on: Unix
# CVE : CVE-2019-17526 (issued in progress)
@barrett092
barrett092 / gist:c70752ca6960b8b9616a03006f291a28
Last active Jun 1, 2018
EMS Master Calendar Reflected XSS Vulnerability (<8.0.0.20180520)
View gist:c70752ca6960b8b9616a03006f291a28
Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters are not properly sanitized, allowing malicious attackers to send a crafted URL and execute code in the context of the user's browser.
------------------------------------------
Additional Information:
CVE-Reference: CVE-2018-11628
Product: EMS Master Calendar
Vendor: EMS Software
Vulnerable Version: Before 8.0.0.20180521
You can’t perform that action at this time.