what you don't know can hurt you
Showing 1 - 9 of 9 RSS Feed

Files from Pichaya Morimoto

First Active2014-01-28
Last Active2015-04-03
phpSFP Schedule Facebook Posts 1.5.6 SQL Injection
Posted Apr 3, 2015
Authored by Pichaya Morimoto

phpSFP Schedule Facebook Posts version 1.5.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 281b3bba6ccd6a270386a4a3cbce6c81
PHPMoAdmin 1.1.2 Remote Code Execution
Posted Mar 5, 2015
Authored by Pichaya Morimoto, Ricardo Jorge Borges de Almeida | Site metasploit.com

This Metasploit module exploits an arbitrary PHP command execution vulnerability due to a dangerous use of eval() in PHPMoAdmin.

tags | exploit, arbitrary, php
advisories | CVE-2015-2208
MD5 | f9a825a8b25f5f94dd3a3368cc0c6afb
PHPMoAdmin Remote Code Execution
Posted Mar 3, 2015
Authored by Xelenonz, Pichaya Morimoto, Pistachio, pe3z

PHPMoAdmin suffers from a remote unauthorized code execution vulnerability.

tags | exploit, remote, code execution
MD5 | f0308af8a2c056f4ec495c780d5586bf
Laravel 2.1 Hash::make() bcrypt Truncation
Posted Sep 16, 2014
Authored by Pichaya Morimoto

Laravel version 2.1 fails to check length prior to password hash creation allowing for possible hash collisions for secrets over 72 characters.

tags | exploit
MD5 | 9a659860179b16a04dd973d4cb76d967
HybridAuth install.php PHP Code Execution
Posted Aug 20, 2014
Authored by Pichaya Morimoto | Site metasploit.com

This Metasploit module exploits a PHP code execution vulnerability in HybridAuth versions 2.0.9 to 2.2.2. The install file 'install.php' is not removed after installation allowing unauthenticated users to write PHP code to the application configuration file 'config.php'. Note: This exploit will overwrite the application configuration file rendering the application unusable.

tags | exploit, php, code execution
MD5 | aee28f6089b3d5d557b8022ff8250c0b
HybridAuth 2.1.2 Remote Code Execution
Posted Aug 5, 2014
Authored by Pichaya Morimoto

HybridAuth versions 2.1.2 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 010ed119bb7f283a583416e1f988bf53
TimThumb 2.8.13 Remote Code Execution
Posted Jun 24, 2014
Authored by Pichaya Morimoto

TimThumb version 2.8.13 with WebShot enabled suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 82d159d9e6dedda4178f66f2d48b9fc7
MediaWiki 1.22.1 PdfHandler Remote Code Execution
Posted Feb 3, 2014
Authored by Xelenonz, Pichaya Morimoto

MediaWiki versions 1.22.1 and below PdfHandler remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2014-1610
MD5 | 65cb01c471b9acc2235e507d5f48f976
pfSense 2.1 Inclusion / Traversal / Escalation
Posted Jan 28, 2014
Authored by Pichaya Morimoto

pfSense version 2.1 suffers from local file inclusion, privilege escalation, and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
MD5 | 2236c37d41c83964641aa9cb11395907
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    1 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    1 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close