Skip to content
  • Home
  • Blog

Tag: sahi pro

CVE-2019-15102 – Sahi pro ( <= 8.x ) Remote Code Execution

August 31, 2019 goutham madhwaraj

It was found in sahi web editor interface, we can set up password to protect from unauthenticated users to misuse…

Continue Reading →

Posted in: Sahi Pro(<=8.0) RCE Filed under: 6.x, 7.x, 8.0, cve-2019-15102, rce, sahi pro

CVE-2018-20472 – Sahi pro ( <= 8.x ) Stored XSS

June 11, 2019 goutham madhwaraj

Sahi Pro web interface is  vulnerable to a Stored XSS . Exploiting this bug needs a prior knowledge of the…

Continue Reading →

Posted in: disclosures, Sahi Pro(<=8.x) Stored XSS Filed under: 7.x, 8.x, disclosures, sahi pro

CVE-2018-20470 – Sahi pro ( <= 8.x ) Directory traversal

goutham madhwaraj

Sahi pro is a application automation tool which is quite popular among automation testers . (https://sahipro.com/ )   Being a former…

Continue Reading →

Posted in: disclosures, Sahi Pro (<=8.x) Directory traversal Filed under: 7.x, 8.x, automation tool, disclosure, sahi pro

CVE-2018-20468 – Sahi pro ( <= 8.x ) CSV Injection

goutham madhwaraj

This is one of the low risk bug which was found in Sahi Pro. Reports web interface allows a user…

Continue Reading →

Posted in: Sahi Pro (<=8.x) CSV Injection Filed under: 7.x, 8.x, disclosure, sahi pro

CVE-2018-20469 – Sahi pro ( <= 8.x ) SQL Injection

goutham madhwaraj

An issue was discovered in Tyto Sahi Pro ( <= 8.x ) A parameter in the web reports module is…

Continue Reading →

Posted in: Sahi Pro(<=8.x) SQL Injection Filed under: 7.x, 8.x, disclosure, sahi pro

Pawning misconfigured sahi pro automation servers

December 30, 2018 goutham madhwaraj

Hi All . Today I will explain how to pawn a misconfigured sahi pro automation server. What is sahi pro?…

Continue Reading →

Posted in: sahi pro automation server Filed under: exploit, misconfiguration, pawn, sahi pro

Categories

  • Appsec
    • Secrets Monitoring
  • Certifications
    • OSCE
    • OSCP
  • disclosures
    • Sahi Pro (<=8.x) CSV Injection
    • Sahi Pro (<=8.x) Directory traversal
    • Sahi Pro(<=8.0) RCE
    • Sahi Pro(<=8.x) SQL Injection
    • Sahi Pro(<=8.x) Stored XSS
  • hackthebox
    • Canape
    • Poison
    • Stratosphere
    • Sunday
    • tartarsauce
  • Linux System Administration
    • Introduction to Ansible Part 1
    • Introduction to Ansible Part 2
    • Introduction to Ansible Part 3
    • introduction to Initialization systems(systemd)
    • Introduction to iptables
  • mobile pentest
    • android app security checklist
  • pawning misconigurations
    • sahi pro automation server
  • shellcode(32-bit linux)
    • sudo systemctl start reboot
  • SLAE
    • bind shell
    • crypter
    • Custom Encoder
    • EggHunter
    • Polymorphic_shellcode
    • Reverse Shell
    • x/86 msfvenom adduser analysis
    • x/86 msfvenom exec analysis
  • Vulnserver
    • TRUN socket reconstruction
Get new posts by email
RSS
Follow by Email
Facebook
fb-share-icon
Twitter
Tweet
Copyright © 2021 — Primer WordPress theme by GoDaddy