exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Pichaya Morimoto

First Active2014-01-28
Last Active2024-08-31
Limesurvey Unauthenticated File Download
Posted Aug 31, 2024
Authored by Christian Mehlmauer, Pichaya Morimoto | Site metasploit.com

This Metasploit module exploits an unauthenticated file download vulnerability in limesurvey between 2.0+ and 2.06+ Build 151014. The file is downloaded as a ZIP and unzipped automatically, thus binary files can be downloaded.

tags | exploit
SHA-256 | 30ad0929e6b5c744fd9ac77f7ee226b311b36f66dca118f93f088a4d54c365cb
Download | Favorite | View
phpSFP Schedule Facebook Posts 1.5.6 SQL Injection
Posted Apr 3, 2015
Authored by Pichaya Morimoto

phpSFP Schedule Facebook Posts version 1.5.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7673a25237bdf3cd6bc1787a2b3327ccc77b90c595451e0afce62021f734c275
Download | Favorite | View
PHPMoAdmin 1.1.2 Remote Code Execution
Posted Mar 5, 2015
Authored by Pichaya Morimoto, Ricardo Jorge Borges de Almeida | Site metasploit.com

This Metasploit module exploits an arbitrary PHP command execution vulnerability due to a dangerous use of eval() in PHPMoAdmin.

tags | exploit, arbitrary, php
advisories | CVE-2015-2208
SHA-256 | 43bfbffff5d1e36ceaddf5208eb24878f7af288011fe86125d3c0b9b57630af2
Download | Favorite | View
PHPMoAdmin Remote Code Execution
Posted Mar 3, 2015
Authored by Xelenonz, Pichaya Morimoto, Pistachio, pe3z

PHPMoAdmin suffers from a remote unauthorized code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 21fd0804381c2fc8afe336341dc8f589c36c03b5a3b2a911e3090c797c847697
Download | Favorite | View
Laravel 2.1 Hash::make() bcrypt Truncation
Posted Sep 16, 2014
Authored by Pichaya Morimoto

Laravel version 2.1 fails to check length prior to password hash creation allowing for possible hash collisions for secrets over 72 characters.

tags | exploit
SHA-256 | c326cc304eeacde84a1ea946f533f0c9f4c6ce9cfb4ff9339cbc8e8cbada6457
Download | Favorite | View
HybridAuth install.php PHP Code Execution
Posted Aug 20, 2014
Authored by Pichaya Morimoto | Site metasploit.com

This Metasploit module exploits a PHP code execution vulnerability in HybridAuth versions 2.0.9 to 2.2.2. The install file 'install.php' is not removed after installation allowing unauthenticated users to write PHP code to the application configuration file 'config.php'. Note: This exploit will overwrite the application configuration file rendering the application unusable.

tags | exploit, php, code execution
SHA-256 | d1dd2c445125a3aa376f980484e9db24bee803b7e9f5542cfd557664181fc723
Download | Favorite | View
HybridAuth 2.1.2 Remote Code Execution
Posted Aug 5, 2014
Authored by Pichaya Morimoto

HybridAuth versions 2.1.2 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b4a2c10f7402a9aa4df106939ba9ab80577ac3249e5e9f2dc6910440f71a315e
Download | Favorite | View
TimThumb 2.8.13 Remote Code Execution
Posted Jun 24, 2014
Authored by Pichaya Morimoto

TimThumb version 2.8.13 with WebShot enabled suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | 6c1a5f9fe02b211531e8610b366ae5ef5647ad9b838030ad32e7a11481a4ccac
Download | Favorite | View
MediaWiki 1.22.1 PdfHandler Remote Code Execution
Posted Feb 3, 2014
Authored by Xelenonz, Pichaya Morimoto

MediaWiki versions 1.22.1 and below PdfHandler remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-1610
SHA-256 | b8f79be011bdbd02e08ab7955ce6c1818acfb3f8c4507dda03c263a152a80c2f
Download | Favorite | View
pfSense 2.1 Inclusion / Traversal / Escalation
Posted Jan 28, 2014
Authored by Pichaya Morimoto

pfSense version 2.1 suffers from local file inclusion, privilege escalation, and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
SHA-256 | a196c8dbe2940fca23547db68328ab1e0aa1e282b862808dd145f9ca266b2404
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close