exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 16 of 16 RSS Feed

Files from Kyle Lovett

Email addresskrlovett at gmail.com
First Active2013-06-24
Last Active2018-08-17
ADM 3.1.2RHG1 Remote Code Execution
Posted Aug 17, 2018
Authored by Kyle Lovett, Matthew Fulton

ADM versions 3.1.2RHG1 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-11510
SHA-256 | 9a46e6052ab21077d8fb2a00c396c5a222221fa0ed30b081f7a21a733bacdd33
ASUSTOR NAS ADM 3.1.0 Remote Command Execution / SQL Injection
Posted Aug 14, 2018
Authored by Kyle Lovett

ASUSTOR NAS ADM version 3.1.0 suffers from code execution and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, code execution, sql injection
advisories | CVE-2018-11509, CVE-2018-11510, CVE-2018-11511
SHA-256 | 1644681fa9ff008830ac7ddad2b94c3263d391b10d2e6962b1b9eaf1341a36be
WordPress Social-Stream 1.6.0 Twitter API Secret Disclosure
Posted May 27, 2017
Authored by Kyle Lovett

WordPress Social-Stream versions 1.6.0 and below suffer from a Twitter API OAuth secret disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | d9397402a5e15bf1dfe27b9c6cfe4a24c02c4ffc37e440343f5c6850e3501b41
Easy Hosting Control Panel 0.37.9 Bypass / File Upload / Disclosure
Posted Mar 30, 2016
Authored by Kyle Lovett

Easy Hosting Control Panel versions 0.29 through 0.37.9 suffer from information disclosure, authentication bypass, clear text password storage, and remote file upload vulnerabilities.

tags | exploit, remote, vulnerability, bypass, info disclosure, file upload
SHA-256 | 92d027b491a0587f69c8ac9a28d8b652868ac013c1ddd4a5765f2af4ee55d67e
D-Link Cross Site Scripting / Information Disclosure
Posted May 22, 2014
Authored by Kyle Lovett

D-Link DIR-652, DIR-835, DIR-855L, DGL-500, and DHP-1565 suffer from clear text storage of passwords, cross site scripting, and sensitive information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | a7668e84297d67c97f777a5d017f21ef288453a895bebdf304e432fe59637710
D-Link DAP-1320 Directory Traversal / Cross Site Scripting
Posted Apr 17, 2014
Authored by Kyle Lovett

D-Link DAP-1320 wireless range extenders suffer from cross site scripting and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion
SHA-256 | 77b810526b2243160b03793dfdb3c3585e5ec7325808307c5d7dc5f0e4ec20bd
Linksys EA2700, EA3500, E4200, EA4500 Authentication Bypass
Posted Feb 17, 2014
Authored by Kyle Lovett, Matt Claunch

Linksys products EA2700, EA3500, E4200, and EA4500 suffer from having an unauthenticated interface on port 8083 periodically.

tags | advisory
advisories | CVE-2013-5122
SHA-256 | c93dc6b97572e7b9d7273d159d461be3bb7465f6b1ea286140fabecda91500c0
ASUS RT Router Anonymous FTP Access
Posted Feb 14, 2014
Authored by Kyle Lovett

Five ASUS RT series routers suffer from a vendor vulnerability that default FTP service to anonymous access with full read/write permissions.

tags | advisory
SHA-256 | df94c3881f58c3d90e3c87a3f4f3cb75a7ea84051aaa9d0bf12a4e0118b66733
ASUS Authentication Bypass / File Disclosure
Posted Feb 9, 2014
Authored by Kyle Lovett

ASUS routers are vulnerable to authetnnication bypass and sensitive file disclosure vulnerabilities.

tags | advisory, vulnerability, bypass, info disclosure
SHA-256 | 1821f52b283817610673596a7d3b56a3508d4306d82118292130a704086d8da1
Zoom Telephonics Bypass / Traversal / Improper Handling
Posted Sep 2, 2013
Authored by Kyle Lovett

Five models of the Zoom Telephonics ADSL modem/router line suffers from authentication bypass, plain-text credential storage, improper handling, and traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion, info disclosure
advisories | CVE-2013-5622, CVE-2013-5627, CVE-2013-5624, CVE-2013-5623, CVE-2013-5628, CVE-2013-5631, CVE-2013-5632, CVE-2013-5633, CVE-2013-5620, CVE-2013-5626, CVE-2013-5629, CVE-2013-5621, CVE-2013-5625, CVE-2013-5630
SHA-256 | 44c6fde6671c4ea90e34564c3f3a20d93c0520abfb5edcbfb3a4dc36ffa44802
Linksys Access Bypass
Posted Aug 15, 2013
Authored by Kyle Lovett

On various Linksys devices, an unspecified bug can cause an unsafe/undocumented TCP port to open allowing for unauthenticated remote access to the device.

tags | advisory, remote, tcp, bypass
advisories | CVE-2013-5122
SHA-256 | 498c65c860fe5d919123b02b7dda83e1dd02868d0b1adb1db402354c60007bd1
Western Digital My Net Password Disclosure
Posted Aug 1, 2013
Authored by Kyle Lovett

Western Digital My Net Series wireless routers suffer from a clear text password disclosure. The N600, N750, N900, and N900C are affected. This is an update to the prior advisory and has proof of concept information included.

tags | exploit, proof of concept, info disclosure
advisories | CVE-2013-5006
SHA-256 | c393ae6ab531915e2acb692f6020047cdc37cf5d9d3b83c4a942acc19474f947
Western Digital My Net Credential Disclosure
Posted Jul 19, 2013
Authored by Kyle Lovett

Due to a unspecified bug in the Western Digital My Net N600, N750, N900 and N900C routers, administrative credentials are stored in plain text and are easily accessible from a remote location on the WAN side of the router.

tags | advisory, remote, info disclosure
SHA-256 | bf88aed4d696455490d5a2c74cfe20b56aa34c64165c1b2bd7b7ccbb82331b9b
Zoom X4 / X5 SQL Injection / Authentication Bypass
Posted Jul 9, 2013
Authored by Kyle Lovett

Zoom X4 and X5 modems suffers from authentication bypass and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, bypass
SHA-256 | e6d22d7021bfb287cc6ae6f292362183cb62e754091ade52c2acd1b0086f7d72
Linksys EA2700 / EA3500 / E4200 / EA4500 Unauthenticated Access
Posted Jul 3, 2013
Authored by Kyle Lovett

Linksys versions EA2700, EA3500, E4200, EA4500 using lighttpd 1.4.28 and Utopia on Linux 2.6.22 suffer from an unauthenticated access vulnerability.

tags | advisory, bypass
systems | linux
SHA-256 | 266da9dd8a7b398661ea49b23a60a0543c4ac5cb9c8e7faecc5ce203cbee23b6
ASUS RT-N66U Directory Traversal
Posted Jun 24, 2013
Authored by Kyle Lovett

ASUS RT-N66U when HTTPS WebService via AiCloud is enabled suffers from a remote directory traversal vulnerability.

tags | exploit, remote, web, file inclusion
SHA-256 | 49327cffa6d3c90aec45f8ddba02a4c2918c77baa0ce204bd262799e2497c4bb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close