SilentGrid Security
  • Home

SilentGrid Security

CVE-2021-37749 - Hexagon GeoMedia WebMap 2020 Blind SQL Injection
cve

CVE-2021-37749 - Hexagon GeoMedia WebMap 2020 Blind SQL Injection

Overview SilentGrid identified a blind SQL injection vulnerability in Hexagon's GeoMedia WebMap 2020 solution. This vulnerability can be exploited by unauthenticated attackers to interfere with the SQL query the application is using to interact with the backend database. While a hotfix is available, due to lack of response from the vendor, SilentGrid cannot confirm if the patch is implemented in the latest GeoMedia WebMap 2020 Update 2. Technical Details The “Id” parameter within the "sourceIt

  • Claudio (redr2e) Moletta
Claudio (redr2e) Moletta23 Aug 2021 • 2 min read
Trial by Internet

Trial by Internet

Who tries to knock on your server's door(s)

  • Erik Dul
Erik Dul21 Sep 2020 • 10 min read
IE11 Exploit for Windows 7 x64

IE11 Exploit for Windows 7 x64

CVE-2017-[0037 and 0059]

  • Claudio (redr2e) Moletta
Claudio (redr2e) Moletta17 Feb 2020 • 5 min read
CVE to PoC – CVE-2017-0037

CVE to PoC – CVE-2017-0037

PoC exploit for a type confusion issue in Internet Explorer 10, 11 and Edge

  • Claudio (redr2e) Moletta
Claudio (redr2e) Moletta17 Feb 2020 • 5 min read
CVE to PoC – CVE-2017-0059

CVE to PoC – CVE-2017-0059

PoC exploit for an use-after-free bug in IE

  • Claudio (redr2e) Moletta
Claudio (redr2e) Moletta17 Feb 2020 • 4 min read
SilentGrid Security
  • Home
SilentGrid Security © 2021
Latest PostsTwitter
You've successfully subscribed to SilentGrid Security!