Showing 1 - 9 of 9

Files from Pichaya Morimoto

First Active	2014-01-28
Last Active	2015-04-03

phpSFP Schedule Facebook Posts 1.5.6 SQL Injection: Posted Apr 3, 2015; Authored by Pichaya Morimoto; phpSFP Schedule Facebook Posts version 1.5.6 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 7673a25237bdf3cd6bc1787a2b3327ccc77b90c595451e0afce62021f734c275; Download | Favorite | View

PHPMoAdmin 1.1.2 Remote Code Execution: Posted Mar 5, 2015; Authored by Pichaya Morimoto, Ricardo Jorge Borges de Almeida | Site metasploit.com; This Metasploit module exploits an arbitrary PHP command execution vulnerability due to a dangerous use of eval() in PHPMoAdmin.; tags | exploit, arbitrary, php; advisories | CVE-2015-2208; SHA-256 | 43bfbffff5d1e36ceaddf5208eb24878f7af288011fe86125d3c0b9b57630af2; Download | Favorite | View

PHPMoAdmin Remote Code Execution: Posted Mar 3, 2015; Authored by Xelenonz, Pichaya Morimoto, Pistachio, pe3z; PHPMoAdmin suffers from a remote unauthorized code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 21fd0804381c2fc8afe336341dc8f589c36c03b5a3b2a911e3090c797c847697; Download | Favorite | View

Laravel 2.1 Hash::make() bcrypt Truncation: Posted Sep 16, 2014; Authored by Pichaya Morimoto; Laravel version 2.1 fails to check length prior to password hash creation allowing for possible hash collisions for secrets over 72 characters.; tags | exploit; SHA-256 | c326cc304eeacde84a1ea946f533f0c9f4c6ce9cfb4ff9339cbc8e8cbada6457; Download | Favorite | View

HybridAuth install.php PHP Code Execution: Posted Aug 20, 2014; Authored by Pichaya Morimoto | Site metasploit.com; This Metasploit module exploits a PHP code execution vulnerability in HybridAuth versions 2.0.9 to 2.2.2. The install file 'install.php' is not removed after installation allowing unauthenticated users to write PHP code to the application configuration file 'config.php'. Note: This exploit will overwrite the application configuration file rendering the application unusable.; tags | exploit, php, code execution; SHA-256 | d1dd2c445125a3aa376f980484e9db24bee803b7e9f5542cfd557664181fc723; Download | Favorite | View

HybridAuth 2.1.2 Remote Code Execution: Posted Aug 5, 2014; Authored by Pichaya Morimoto; HybridAuth versions 2.1.2 and below suffer from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | b4a2c10f7402a9aa4df106939ba9ab80577ac3249e5e9f2dc6910440f71a315e; Download | Favorite | View

TimThumb 2.8.13 Remote Code Execution: Posted Jun 24, 2014; Authored by Pichaya Morimoto; TimThumb version 2.8.13 with WebShot enabled suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 6c1a5f9fe02b211531e8610b366ae5ef5647ad9b838030ad32e7a11481a4ccac; Download | Favorite | View

MediaWiki 1.22.1 PdfHandler Remote Code Execution: Posted Feb 3, 2014; Authored by Xelenonz, Pichaya Morimoto; MediaWiki versions 1.22.1 and below PdfHandler remote code execution exploit.; tags | exploit, remote, code execution; advisories | CVE-2014-1610; SHA-256 | b8f79be011bdbd02e08ab7955ce6c1818acfb3f8c4507dda03c263a152a80c2f; Download | Favorite | View

pfSense 2.1 Inclusion / Traversal / Escalation: Posted Jan 28, 2014; Authored by Pichaya Morimoto; pfSense version 2.1 suffers from local file inclusion, privilege escalation, and directory traversal vulnerabilities.; tags | exploit, local, vulnerability, file inclusion; SHA-256 | a196c8dbe2940fca23547db68328ab1e0aa1e282b862808dd145f9ca266b2404; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days