Skip to content

panictriggers/henschotermeer-exploits-public

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits

PTG-2020-0008

PTG-2020-0008

 
 

PTG-2020-0009

PTG-2020-0009

 
 

PTG-2020-0010

PTG-2020-0010

 
 

PTG-2021-002

PTG-2021-002

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Repository files navigation

henschotermeer-exploits

Multiple exploits found while sniffing Henschotermeer site.

The exploits were found on July 31st (0008-0009) and August 12th (0010). The exploits were reported to Henschotermeer on August 13th following Coordinated Vulnerabilty Disclosure principles. PTG-2021-002 was found on 2021-02-13.

To our knowlegde, PTG-2020-0010 was fixed on 2020-09-07. PTG-2020-0008 and PTG-2020-0009 were fixed on an unknown date.

PTG-2021-002 was fixed on 2021-04-01.

The exploits

  1. PTG-2020-0008: Bypass of the ticket blockade
  2. PTG-2020-0009: Use of incremental ticket idenifiers
  3. PTG-2020-0010: Unsafe download link causes personal data leak
  4. PTG-2021-002: Client-side payment processing causes free tickets through code injection

About

Public repository of the exploits found on Henschotermeer site

Topics

exploits vulnerability

Resources

Readme

License

Unlicense license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Contributors 2

  •  
  •  

Languages