exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 24 of 24 RSS Feed

Files from Andrey Stoykov

First Active2019-07-15
Last Active2024-06-10
FengOffice 3.11.1.2 SQL Injection
Posted Jun 10, 2024
Authored by Andrey Stoykov

FengOffice version 3.11.1.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a4d631d58217a0dbbc02735845f2ba3b26d4f99ae6e147a480b6f0cfcdae05fe
Concrete CMS 9.2.7 Cross Site Scripting / Open Redirect
Posted Apr 11, 2024
Authored by Andrey Stoykov

Concrete CMS version 9.2.7 suffers from information disclosure, open redirection, and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | a4e09ec269b6fd6e7d21fa37778ad6cc59fa7c6ed21097b3b6e52c179ba94e14
BoidCMS 2.0.1 Cross Site Scripting
Posted Mar 4, 2024
Authored by Andrey Stoykov

BoidCMS version 2.0.1 suffers from multiple cross site scripting vulnerabilities. Original discovery of cross site scripting in this version is attributed to Rahad Chowdhury in December of 2023, though this advisory provides additional vectors of attack.

tags | exploit, vulnerability, xss
SHA-256 | 399c7d150c74e14ff960b4352508c5f4a2a59bf2bfe1f4f390b71685d91640df
XAMPP 5.6.40 SQL Injection
Posted Mar 4, 2024
Authored by Andrey Stoykov

XAMPP version 5.6.40 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 388ddb4dde51e1972477265a1ca501e1b0ccc13ac7cdae3357edbf821cc9e47b
Adapt CMS 3.0.3 Cross Site Scripting / Shell Upload
Posted Feb 14, 2024
Authored by Andrey Stoykov

Adapt CMS version 3.0.3 suffers from persistent cross site scripting and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss
SHA-256 | ec4109d350da52c327fa8e68529d724cdbaf75ad4605a394f2c19b7289932d0a
Introduction To Web Pentesting
Posted Aug 2, 2023
Authored by Andrey Stoykov

This archive holds a whitepaper called Introduction to Web Pentesting. It provides basic configuration for Burpsuite Proxy along with basic exploitation cross site scripting, SQL injection, cross site request forgery, and open redirects. Two copies of the whitepaper are included. One is in English and one is in Bulgarian.

tags | paper, web, xss, sql injection, csrf
SHA-256 | 1f0745a5f6bf458420ce54f01247d5149ab58cb8886e6f6c015a8dbfc0d9a6de
Perch CMS 3.2 Cross Site Scripting
Posted Aug 2, 2023
Authored by Andrey Stoykov

Perch CMS version 3.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 586bd1206b838db2276e13fced4b53256b8b848641a29e35a78967042d604683
Availability Booking Calendar PHP XSS / Arbitrary File Upload
Posted Jul 26, 2023
Authored by Andrey Stoykov

Availability Booking Calendar PHP suffers from cross site scripting and arbitrary file upload vulnerabilities. This was tested in July of 2023 but it is unclear what versions are affected.

tags | exploit, arbitrary, php, vulnerability, xss, file upload
SHA-256 | e67ac34384ab2be0d18a5bd94e4c7187126859aaf2b755a195aa0c55fd5cf914
WBCE 1.6.1 Cross Site Scripting
Posted Jul 17, 2023
Authored by Andrey Stoykov

WBCE version 1.6.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c17b616715baffae3d84e0d4550487c0ddcd5bf0f23819f9fafe7404baa9ed74
XAMPP 8.2.4 Unquoted Service Path
Posted Jul 12, 2023
Authored by Andrey Stoykov

XAMPP version 8.2.4 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 013b0dbd256f27abaa69c15d5aeec4553beac733154cfc7e150b3559ea0da2d5
Faculty Evaluation System 1.0 SQL Injection
Posted Jul 10, 2023
Authored by Andrey Stoykov

Faculty Evaluation System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7bc59cd66aeba7e9b21206240985c2d932ac5f46cc03f4460693c631b14c393d
myBB forums 1.8.26 Cross Site Scripting
Posted Mar 30, 2023
Authored by Andrey Stoykov

myBB forums version 1.8.26 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 49b4fc9b3db0a04ca44a9ec1d64e1ec281a090a818f848111b735b27147db2e9
Fastly Secret Disclosure
Posted Mar 13, 2023
Authored by Andrey Stoykov

Fastly suffers from the poor practice of sending a temporary password in plaintext.

tags | exploit, info disclosure
SHA-256 | 09181b45538cae9f3688cd0f1f65f20913277a3c96827c11f9df3ad8004ab8bc
Shopify Cross Site Scripting
Posted Mar 13, 2023
Authored by Andrey Stoykov

Shopify suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dcca389f2f44bc6e6960d4aefe61cbb9c3906a55351986f2a658754795ce9f62
4images 1.9 Remote Command Execution
Posted Dec 22, 2022
Authored by Andrey Stoykov

4images version 1.9 suffers from a remote command execution vulnerability.

tags | exploit, remote
SHA-256 | d876d4e5b40a274d6db099e265423f9f96e10557a0bc7523e13fbd5618f59557
Shoplazza 1.1 Cross Site Scripting
Posted Dec 14, 2022
Authored by Andrey Stoykov

Shoplazza version 1.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 45b096fd0c06d29314c47d3820cded151b1d0ea4c399a761b64fcc8eebcca9fe
4images 1.8 SQL Injection
Posted Aug 13, 2021
Authored by Andrey Stoykov

4images version 1.8 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | c9c2aa91ec745bbdba6b1c78ba101be04ed9dc59fee041d1a36097cb86d846a9
Practical PHP Security
Posted Jan 8, 2021
Authored by Andrey Stoykov

Whitepaper called Practical PHP Security.

tags | paper, php
SHA-256 | 197e4ac0326bbfca74f1394ddd7a80a6c26652441548adc45d5fc3339e7c5fd7
CMS Made Simple 2.2.15 Remote Command Execution
Posted Jan 5, 2021
Authored by Andrey Stoykov

CMS Made Simple version 2.2.15 suffers from an authenticated remote command execution vulnerability.

tags | exploit, remote
SHA-256 | f81ab1c1e2ff5e2fa026def00f13ab6e4b6c7c7b23c69a25b39e1e7b1af8c1c3
BlogEngine 3.3.8 Cross Site Scripting
Posted Nov 6, 2020
Authored by Andrey Stoykov

BlogEngine version 3.3.8 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | aa9030bfadf39927f86c29d447c3d4d846efbfc9fa4bf002e5a8f9a03481201f
BoltWire 6.03 Local File Inclusion
Posted May 4, 2020
Authored by Andrey Stoykov

BoltWire version 6.03 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 5bccddcdf955aa9e8c8ca3bf0f7f17107851ff49aa2ae6656444a81d38391290
Cyberoam Authentication Client 2.1.2.7 Buffer Overflow
Posted Mar 2, 2020
Authored by Andrey Stoykov

Cyberoam Authentication Client version 2.1.2.7 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | 8de7e2da3c8e229cd09e1484f910a5e1e10dde2d8754d786bf6d3a031f64da4f
ATutor 2.2.4 SQL Injection
Posted Feb 23, 2020
Authored by Andrey Stoykov

ATutor version 2.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | e1926912b31ec559709af89d502a88acfe99b72aab9f35f9d21f289e65d21149
Streamripper 2.6 Buffer Overflow
Posted Jul 15, 2019
Authored by Andrey Stoykov

Streamripper version 2.6 Song Pattern buffer overflow exploit.

tags | exploit, overflow
SHA-256 | ef83fc76efb2de2e63f756763b24c71a9ec0d5274e3cb615c01c2164e72a8401
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close