what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from Craig Arendt

MODx Blind SQL Injection

Posted Apr 21, 2014

Authored by Craig Arendt

MODx versions prior to 2.2.14 suffer from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection

advisories | CVE-2014-2736

SHA-256 | a84cca3678d0f02e7b3a1804e3f4327edab97c10b9f96e8170afc5599859b43b

Download | Favorite | View

KnowledgeTree Blind SQL Injection

Posted Apr 20, 2014

Authored by Craig Arendt

KnowledgeTree suffers from a remote blind SQL injection vulnerability.

tags | advisory, remote, sql injection

advisories | CVE-2014-2737

SHA-256 | bbb44bd25380c52fe1e34e818d3abcfdd3b9e10202ba5a16e1abdb012f75404a

Download | Favorite | View

SeedDMS XSS / Traversal / Shell Upload

Posted Mar 14, 2014

Authored by Craig Arendt

SeedDMS versions prior to 4.3.4 suffer from cross site scripting, remote shell upload, and path traversal vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, file inclusion

advisories | CVE-2014-2278, CVE-2014-2279, CVE-2014-2280

SHA-256 | 7222df803d22b5fb30d93e08afd977dc6a9b8b835ad9c5ef8d67af0e94f245cb

Download | Favorite | View

Pydio / AjaXplorer 5.0.3 Shell Upload

Posted Nov 11, 2013

Authored by Craig Arendt

Pydio / AjaXplorer versions 5.0.3 and below suffer from an unrestricted upload functionality that allows for remote code execution.

tags | exploit, remote, code execution

advisories | CVE-2013-6227

SHA-256 | 4be5d190daa8b3fcada9f61cced7e8b97fa83b63d6ef89628b5c0394edde5bb1

Download | Favorite | View