Skip to content

Instantly share code, notes, and snippets.

Testing CVE-2021-22214
@nenf
nenf / CVE-2019-7535
Last active February 9, 2019 11:53
CVE-2019-7535
[Description]
Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as
demonstrated by full path disclosure and the identification of PHP as the backend technology.
------------------------------------------
[Additional Information]
* Make sure that your web server does not send out response that
reveal information about the backend technology type or version.
@nenf
nenf / CVE-2018-15810
Last active April 7, 2021 19:58
CVE-2018-15810
[Description]
Visiology Flipbox Software Suite before 2.7.0 allows directory
traversal via %5c%2e%2e%2f because it does not sanitize filename
parameters.
------------------------------------------
[Vulnerability Type]
Directory Traversal