Skip to content

panictriggers/henschotermeer-exploits-public

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
PTG-2020-0008
PTG-2020-0008
 
 
PTG-2020-0009
PTG-2020-0009
 
 
PTG-2020-0010
PTG-2020-0010
 
 
PTG-2021-002
PTG-2021-002
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

henschotermeer-exploits

Multiple exploits found while sniffing Henschotermeer site.

The exploits were found on July 31st (0008-0009) and August 12th (0010). The exploits were reported to Henschotermeer on August 13th following Coordinated Vulnerabilty Disclosure principles. PTG-2021-002 was found on 2021-02-13.

To our knowlegde, PTG-2020-0010 was fixed on 2020-09-07. PTG-2020-0008 and PTG-2020-0009 were fixed on an unknown date.

PTG-2021-002 was fixed on 2021-04-01.

The exploits

  1. PTG-2020-0008: Bypass of the ticket blockade
  2. PTG-2020-0009: Use of incremental ticket idenifiers
  3. PTG-2020-0010: Unsafe download link causes personal data leak
  4. PTG-2021-002: Client-side payment processing causes free tickets through code injection

About

Public repository of the exploits found on Henschotermeer site

Topics

exploits vulnerability

Resources

Readme

License

Unlicense license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •  

Languages