Twenty Year Anniversary
Showing 1 - 6 of 6 RSS Feed

Files from Netanel Rubin

First Active2014-02-19
Last Active2016-06-03
Magento 2.0.6 Unserialize Remote Code Execution
Posted Jun 3, 2016
Authored by agix, Netanel Rubin | Site metasploit.com

This Metasploit module exploits a PHP object injection vulnerability in Magento 2.0.6 or prior.

tags | exploit, php
advisories | CVE-2016-4010
MD5 | 578a6e790b423535100fd362749b57c8
vBulletin 5.1.2 Unserialize Code Execution
Posted Nov 13, 2015
Authored by Netanel Rubin, cutz, Julien (jvoisin) Voisin | Site metasploit.com

This Metasploit module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9

tags | exploit, php
advisories | CVE-2015-7808
MD5 | 5f61a73548cbcc043c7dc16675b4a160
Bugzilla Unauthorized Account Creation
Posted Sep 10, 2015
Authored by Frederic Buclin, Byron Jones, Netanel Rubin | Site bugzilla.org

Bugzilla versions 2.0 to 4.2.14, 4.3.1 to 4.4.9, and 4.5.1 to 5.0 suffer from an unauthorized account creation vulnerability.

tags | advisory
advisories | CVE-2015-4499
MD5 | 53df4eefd8d46a7e139089eeb1c05da4
TWiki Debugenableplugins Remote Code Execution
Posted Mar 19, 2015
Authored by h0ng10, Netanel Rubin | Site metasploit.com

TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution.

tags | exploit, remote, perl, code execution
advisories | CVE-2014-7236
MD5 | 861350151f1243072a1bf5d32e992c39
Bugzilla Account Creation / XSS / Information Leak
Posted Oct 7, 2014
Authored by Frederic Buclin, Byron Jones, David Lawrence, Netanel Rubin, Simon Green, James Kettle, Matt Tyson | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2014-1571, CVE-2014-1572, CVE-2014-1573
MD5 | f2be692d17f3a25b9e524791db3e36bb
MediaWiki Thumb.php Remote Command Execution
Posted Feb 19, 2014
Authored by Brandon Perry, Ben Harris, Netanel Rubin | Site metasploit.com

MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote unauthenticated users to execute arbitrary commands via shell metacharacters. If no target file is specified this module will attempt to log in with the provided credentials to upload a file (.DjVu) to use for exploitation.

tags | exploit, remote, arbitrary, shell, file upload
advisories | CVE-2014-1610
MD5 | 1b245a0dcb1be275b10e57e681783903
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

April 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    5 Files
  • 2
    Apr 2nd
    17 Files
  • 3
    Apr 3rd
    11 Files
  • 4
    Apr 4th
    21 Files
  • 5
    Apr 5th
    17 Files
  • 6
    Apr 6th
    12 Files
  • 7
    Apr 7th
    1 Files
  • 8
    Apr 8th
    6 Files
  • 9
    Apr 9th
    21 Files
  • 10
    Apr 10th
    18 Files
  • 11
    Apr 11th
    42 Files
  • 12
    Apr 12th
    7 Files
  • 13
    Apr 13th
    14 Files
  • 14
    Apr 14th
    1 Files
  • 15
    Apr 15th
    1 Files
  • 16
    Apr 16th
    15 Files
  • 17
    Apr 17th
    20 Files
  • 18
    Apr 18th
    24 Files
  • 19
    Apr 19th
    20 Files
  • 20
    Apr 20th
    7 Files
  • 21
    Apr 21st
    10 Files
  • 22
    Apr 22nd
    2 Files
  • 23
    Apr 23rd
    17 Files
  • 24
    Apr 24th
    36 Files
  • 25
    Apr 25th
    15 Files
  • 26
    Apr 26th
    31 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close