exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files from Amirhossein Bahramizadeh

First Active2023-06-20
Last Active2024-03-28
Dell Security Management Server Privilege Escalation
Posted Mar 28, 2024
Authored by Amirhossein Bahramizadeh

Dell Security Management Server versions prior to 11.9.0 suffer from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2023-32479
SHA-256 | 265530e02c210729e3640de0f5f23192ea5b21cae936f5ed87be61a93898f695
LBT-T300-mini1 Buffer Overflow
Posted Mar 26, 2024
Authored by Amirhossein Bahramizadeh

LBT-T300-mini1 suffers from a remote buffer overflow vulnerability.

tags | exploit, remote, overflow
SHA-256 | 0d5605d4bf931abe29807024d5f54120a110b26a29b7d0372e0c12e6e2b5b118
TPC-110W Missing Authentication
Posted Mar 4, 2024
Authored by Amirhossein Bahramizadeh

TPC-110W suffers from a missing authentication vulnerability.

tags | exploit
SHA-256 | a465de4bea0a0f0a26e4a6e310952a40f118cba393cb00abfccd1bb894d688f8
WordPress RSVPMaker 9.3.2 SQL Injection
Posted Jan 15, 2024
Authored by Amirhossein Bahramizadeh

WordPress RSVPMaker plugin versions 9.3.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2022-1768
SHA-256 | 66e514c92c46238d6305ed7cb7d15ec7a2822168dde570f73013b430aa0764fc
Taokeyun SQL Injection
Posted Jan 15, 2024
Authored by Amirhossein Bahramizadeh

Taokeyun versions up to 1.0.5 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2024-0480
SHA-256 | 1f422c49bad5c6f9ab4afd9b61892e4f89f1c8e3f531ea9bd64603a009bccfa3
HaoKeKeJi YiQiNiu Server-Side Request Forgery
Posted Jan 15, 2024
Authored by Amirhossein Bahramizadeh

HaoKeKeJi YiQiNiu versions up to 3.1 suffer from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2024-0510
SHA-256 | 801b655eed6286d9fcfe47d883a75477216cba6d270053e5bc32cef9f76a18c8
Android DeviceVersionFragment.java Privilege Escalation
Posted Jan 10, 2024
Authored by Amirhossein Bahramizadeh

Proof of concept exploit for a privilege escalation issue in Android. In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

tags | exploit, java, local, proof of concept
advisories | CVE-2023-48418
SHA-256 | db6bf38c923aa8b48f087c92b0b649720e01af632d0cbebfd3cb67803d0a4bf9
FreeSWITCH Denial Of Service
Posted Jan 8, 2024
Authored by Amirhossein Bahramizadeh

FreeSWITCH versions prior to 1.10.11 remote denial of service exploit that leverages a race condition in the hello handshake phase of the DTLS protocol.

tags | exploit, remote, denial of service, protocol
advisories | CVE-2023-51443
SHA-256 | c9c3686ee337d8542426ced66a1b6b5eb7140101aed0bc4ec11b15ee6a810dab
Apache 2.4.55 mod_proxy HTTP Request Smuggling
Posted Jan 2, 2024
Authored by Amirhossein Bahramizadeh

Some mod_proxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow for an HTTP request smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.

tags | exploit, web
advisories | CVE-2023-25690
SHA-256 | fc8ce9f7d7e0b4e319fdc0f93ae787aa27d06febf30e2dbe83382cd573c9565d
Lost And Found Information System 1.0 SQL Injection
Posted Jul 7, 2023
Authored by Amirhossein Bahramizadeh

Lost and Found Information System version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2023-33592
SHA-256 | 26d0f1deb4fda9d9af13364671a7e8c2b6885870a63d654ccb53313326691e2a
TP-Link TL-WR940N 4 Buffer Overflow
Posted Jul 3, 2023
Authored by Amirhossein Bahramizadeh

TP-Link TL-WR940N version 4 suffers from a buffer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2023-36355
SHA-256 | 62f6eb49aaff40c54f96a31ba99f72a2f49bc9ddd44b7739ad50c5bb0a02efb2
Sales Of Cashier Goods 1.0 Cross Site Scripting
Posted Jul 3, 2023
Authored by Amirhossein Bahramizadeh

Sales of Cashier Goods version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-36346
SHA-256 | 69b13d3920936bb0509672577e9c22b2d306090fb12206c2e0a868d73e40847b
PrestaShop Winbiz Payment Improper Limitation
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

PrestaShop Winbiz Payment module suffers from an improper limitation of a Pathname to a restricted directory.

tags | exploit
advisories | CVE-2023-30198
SHA-256 | fd9d9b41b3b106776bf4bded355ea6effd89622c59564f7bfb574cd7059f7f60
Microsoft Windows 11 22h2 Kernel Privilege Escalation
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

Microsoft Microsoft Windows 11 version 22h2 suffers from a kernel privilege escalation vulnerability.

tags | exploit, kernel
systems | windows
advisories | CVE-2023-28293
SHA-256 | be4c5e79f9cf0b40f7b8ba9b4538a14f5731f19051d96808d39f4233d0d4064d
Azure Apache Ambari 2302250400 Spoofing
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

Azure Apache Ambari version 2302250400 suffers from a spoofing vulnerability.

tags | exploit, spoof
advisories | CVE-2023-23408
SHA-256 | a59f6776d4aacfdd02dcb83d8333b2b5e421a9df5ff2079e452c760ede563817
Microsoft SharePoint Enterprise Server 2016 Spoofing
Posted Jun 27, 2023
Authored by Amirhossein Bahramizadeh

Microsoft SharePoint Enterprise Server 2016 suffers from a spoofing vulnerability.

tags | exploit, spoof
advisories | CVE-2023-28288
SHA-256 | dc69c8a196ae434905235f744cfdcbe0d497ed7ab1caa764b015de4a98a1e4d1
Nokia ASIKA 7.13.52 Private Key Disclosure
Posted Jun 21, 2023
Authored by Amirhossein Bahramizadeh

Nokia ASIKA version 7.13.52 suffers from a hard-coded private key disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2023-25187
SHA-256 | ba290e4ad8f61e25e13991a6b32e0f12e28123576ee71b01dfcecb7262302d64
WordPress Super Socializer 7.13.52 Cross Site Scripting
Posted Jun 21, 2023
Authored by Amirhossein Bahramizadeh

WordPress Super Socializer plugin version 7.13.52 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2023-2779
SHA-256 | 500b777953696c9fdb839937351514402c8d413e3650f3e88f7299c12594f542
WordPress WP Sticky Social 1.0.1 CSRF / Cross Site Scripting
Posted Jun 21, 2023
Authored by Amirhossein Bahramizadeh

WordPress WP Sticky Social plugin version 1.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2023-3320
SHA-256 | 479e92cf55475922a543143a9c1fe4f295337a3f7b58ea422c35e1964de638fd
WordPress Theme Medic 1.0.0 Weak Password Recovery Mechanism
Posted Jun 20, 2023
Authored by Amirhossein Bahramizadeh

WordPress Theme Medic theme version 1.0.0 suffers from having a weak password recovery mechanism for the forgot password flow.

tags | exploit
advisories | CVE-2020-11027
SHA-256 | b147ff47c6abbe8687a844e863552bae22ffcc1e8adf8de22f822ba1a2cb9382
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    12 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close