what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 25 RSS Feed

Files from Manish Tanwar

Email addressmanish.1046 at gmail.com
First Active2014-03-28
Last Active2019-06-03
TestLink 1.9.19 Server-Side Request Forgery
Posted Jun 3, 2019
Authored by Manish Tanwar

TestLink versions 1.9.19 and below suffers from a server side request forgery vulnerability.

tags | exploit
SHA-256 | 4135c5cf334226208cc17b50f9d53094a3a71aef0f049cd1dbf262a2fcbfaf8a
TestLink Open Source Test Management Code Execution
Posted Mar 28, 2018
Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 remote proof of concept code execution exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2018-7466
SHA-256 | 7f1cec95295792a263ea245ef75d239589db9afc06b5a1a8e021fc6d031a4154
MSSQL Error-Based SQL Injection
Posted Mar 26, 2018
Authored by Manish Tanwar

Whitepaper that discusses error-based SQL injection in "Order By" clause in MSSQL.

tags | paper, sql injection
SHA-256 | 851cfd618bf84f5c291b9f234d0aa06c3d0654bfd229ffe4a04e78ae9f52e471
TestLink Open Source Test Management Remote Code Execution
Posted Mar 2, 2018
Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-7466
SHA-256 | 8ad9056ec040b407f63167dc210d68bdd226dc758f6f0755a6f5a3ad4e538f97
WordPress Polls 1.2.4 SQL Injection
Posted Oct 22, 2017
Authored by Manish Tanwar

WordPress Polls plugin version 1.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a6ba9010e04933cab84af84ab72bdfc4866a13c72509317287f71e3ee5be2651
Local File Disclosure Via SQL Injection
Posted Mar 13, 2017
Authored by Manish Tanwar

Whitepaper discussing local file disclosure attacks via remote SQL injection.

tags | paper, remote, local, sql injection
SHA-256 | 940d4b6633aae1d9c2af7031f2faf416054ec79ee99ea8bae458b1ec6d9ba112
Injecting SQLite Database-Based Application
Posted Feb 19, 2017
Authored by Manish Tanwar

This is a whitepaper that discusses leveraging SQL injection attacks against SQLite databases.

tags | paper, sql injection
SHA-256 | 2d25bf7c68c93856be515e7d7f9ce1c5e31d0ff0e1c4c03ba1d67a61f385507e
POSNIC Unauthenticated Remote Code Execution
Posted Feb 1, 2017
Authored by Manish Tanwar

POSNIC versions prior to 1.03 suffer from a code execution vulnerability when set up to trust data from a compromised mysql instance.

tags | exploit, code execution
SHA-256 | 6b1d8a0103ae8c1d7b1d530a97bb15e67e0c90b1715bc898577bf76f338778cd
PHPback Cross Site Scripting / SQL Injection
Posted Jan 27, 2017
Authored by Manish Tanwar

PHPback versions prior to 1.3.1 suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 9c34fbd117127a3840b2442b7d3bfb24a58fe4b805b2f7a9213ddb4100a8aff6
vBulletin 4.2.3 SQL Injection
Posted Nov 11, 2016
Authored by Manish Tanwar

vBulletin versions 4.2.3 and below suffer from a remote SQL injection vulnerability in the forumrunner add-on.

tags | exploit, remote, sql injection
SHA-256 | c52ff5beedbd614d5ea96f159e21d95f2550dcd2a7551bccca3ddefeb3ca20a7
WordPress S3 Video Remote Shell Upload
Posted Dec 11, 2015
Authored by Manish Tanwar

WordPress S3 Video plugin suffers from a remote shell upload vulnerability. Versions prior to 0.91 are affected.

tags | exploit, remote, shell
SHA-256 | 563b4cd0c2c6daa144905e2889e1612af5145d83c473ba6fede7862ab1e6634c
WordPress Car Rental System SQL Injection
Posted Aug 26, 2015
Authored by Manish Tanwar

WordPress Car Rental System plugin versions prior to 3.1 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a2cdab0c11366b52adaafd94afcce39eacb22aff6f7f1ff06b4f931c4a631ffa
Magento Add Administrator Account
Posted Aug 26, 2015
Authored by Manish Tanwar

Magento shoplift exploit that adds an administrator account. Flaw originally discovered by CheckPoint.

tags | exploit
SHA-256 | a0b1053cf090b751b7847bc8312657f3d98e988645e6d4a2d846df5e19b0cf8a
Joomla EQ Event Calendar SQL Injection
Posted Jun 8, 2015
Authored by Manish Tanwar

Joomla EQ Event Calendar component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 76a3371129a71f9cb4b04572956cea23364589c89e791a42bed428d1adccc645
WordPress Windows Desktop And iPhone Photo Uploader File Upload
Posted Apr 9, 2015
Authored by Manish Tanwar

WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
systems | windows, apple, iphone
SHA-256 | 4066792653efe187fcf02429adee45b20e2c070fa70ff0034e4116b8ff3d3b8b
Joomla Spider FAQ SQL Injection
Posted Mar 23, 2015
Authored by Manish Tanwar

The Joomla Spider FAQ component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 1e2762eb2b150084329622dc9717ba845a0ba6a848ed72061df848c3e499db2b
ecommerceMajor SQL Injection
Posted Jan 23, 2015
Authored by Manish Tanwar

ecommerceMajor suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 130972cbcc57088872f5ad921761903a21a4ffdef387d6ce66b050a87a8f21e4
PHP Address Book Cross Site Scripting / SQL Injection
Posted Jan 3, 2015
Authored by Manish Tanwar

PHP Address Book suffers from cross site scripting and remote SQL injection vulnerabilities, the latter allowing for authentication bypass.

tags | exploit, remote, php, vulnerability, xss, sql injection
SHA-256 | 5fd0d5967e528f419f41cbe2953fcf73cd0a1606e22cab21ab174e8d90448048
PBBoard CMS Cross Site Scripting
Posted Dec 8, 2014
Authored by Manish Tanwar

PBBoard CMS suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 3aae1355b65d98ebb4790fa14d3f10eb7b0d748fd10dda959c3e8deca35ca87a
User Friendly SVN Cross Site Scripting
Posted Jun 21, 2014
Authored by Manish Tanwar

User Friendly SVN versions prior to 1.0.7 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2563320161d0c04a3683751b1af8691a3a5d0135333e64fcb8888672f2dd61c4
ntop Cross Site Scripting
Posted Jun 11, 2014
Authored by Manish Tanwar

ntop suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 35b20d152d65e04c2c54cd3dc5116e2a46f202ebdc20bb9c7b03b74554c6c04c
Clipperz Password Manager Code Execution
Posted May 20, 2014
Authored by Manish Tanwar

Clipperz Password Manager suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | a389dff208c61b443364f2e6e4129153bf3222246ff2df01244a949c8e244afe
BarracudaDrive 6.7.2 Cross Site Scripting
Posted May 16, 2014
Authored by Manish Tanwar

BarracudaDrive version 6.7.2 suffers from multiple reflective and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d41472b73eb1e68306169abb69831256e5000c2d91afe4d895f79081b2bd8cb6
WordPress Formidable Forms Remote Code Execution
Posted May 11, 2014
Authored by Manish Tanwar

WordPress Formidable Forms plugin versions prior to 1.06.03 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | b16a0ff1ee72bc7cbc62b95ba719d380830cab01b91c82b060de619b30d131d2
WordPress Business Intelligence 1.0.6 Shell Upload
Posted Mar 28, 2014
Authored by Manish Tanwar

WordPress wp-business-intelligence plugin version 1.0.6 suffers from a remote shell upload vulnerability due to including ofc_upload_image.php.

tags | exploit, remote, shell, php
SHA-256 | cfc6ca57ddaae7ce436b3f1dd3b109d8d363bf14d5bbb4a97697b3c2cec8fbff
Page 1 of 1
Back1Next

File Archive:

July 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    52 Files
  • 2
    Jul 2nd
    0 Files
  • 3
    Jul 3rd
    0 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    8 Files
  • 6
    Jul 6th
    8 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    0 Files
  • 9
    Jul 9th
    0 Files
  • 10
    Jul 10th
    0 Files
  • 11
    Jul 11th
    0 Files
  • 12
    Jul 12th
    0 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close