Le projet Hershell a pour but de réaliser un payload de type reverse shell multi-plate-forme, en utilisant un code source unique réalisé en Go.

Il peut ainsi s'intégrer au framework Metasploit avec un bon niveau de furtivité vis-à-vis des solutions antivirales.

Lire la suite


Gespage is web solution providing a printer portal. Official Website: http://www.gespage.com/

The web application does not properly filter several parameters sent by users, allowing XSS code injection. These vulnerabilities allow attackers to inject code inside the client web browser, such as malicious scripts in Javascript. Exploitation leads to a full takeover of the web browser, and potentially the operating system.

Lire la suite


Gespage is a web solution providing a printer portal. Official Website: http://www.gespage.com/

The web application does not properly filter several parameters sent by users, allowing authenticated SQL code injection (Stacked Queries - comment).

These vulnerabilities could allow attackers to retrieve / update data from the database through the application.

Lire la suite




FortiWeb is a Web Application Firewall (WAF) produced by the Fortinet company. It enables users to set security filters between unsecured networks and Web applications.

Official website: https://www.fortinet.com/products/application-security/fortiweb.html

We found a password disclosure inside the UI of the appliance.

Lire la suite