[FD] Nokia BTS Authentication Bypass

-31932 by: Cristiano Maruti (@cmaruti) [EXECUTIVE SUMMARY] The TRS web console allows an authenticated user to remotely manage the BTS and its configuration. The analysis discovered an authentication bypass vulnerability (CWE-289) in the web management console. A malicious

[FD] Tuleap SQL Injection

: High found: 2018-02-24 by: Cristiano Maruti (@cmaruti) === [EXECUTIVE SUMMARY] Enalean Tuleap is a project management system for application lifecycles management, agile development

[FD] ClearPass Policy Manager Stored XSS

severity: Medium found: 2014-11-24 by: Cristiano Maruti (@cmaruti) === [EXECUTIVE SUMMARY] The analysis discovered a stored cross site scripting vulnerability (OWASP OTG-INPVAL-002

[FD] Network Solutions Webmail - A tale about chained web vulnerabilities

severity: Low to High found: 2015-01-16 by: Cristiano Maruti (@cmaruti) === [EXECUTIVE SUMMARY] While reviewing the Network Solutions webmail, I identified various

[FD] Barracuda Load Balancer ADC VM multiple vulnerabilities

High found: 2013-12-13 by: Cristiano Maruti (@cmaruti) === [EXECUTIVE SUMMARY] While reviewing the virtual appliance, five major security issues were identified: 1) Ability to recover