Twenty Year Anniversary
Showing 1 - 24 of 24 RSS Feed

Files from Manish Tanwar

Email addressmanish.1046 at gmail.com
First Active2014-03-28
Last Active2018-03-28
TestLink Open Source Test Management Code Execution
Posted Mar 28, 2018
Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 remote proof of concept code execution exploit.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2018-7466
MD5 | f90fdf250474d1a15abda8d3c859b51e
MSSQL Error-Based SQL Injection
Posted Mar 26, 2018
Authored by Manish Tanwar

Whitepaper that discusses error-based SQL injection in "Order By" clause in MSSQL.

tags | paper, sql injection
MD5 | 65b9edfba25966175a4c63746a36bb30
TestLink Open Source Test Management Remote Code Execution
Posted Mar 2, 2018
Authored by Manish Tanwar

TestLink Open Source Test Management versions prior to 1.9.16 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2018-7466
MD5 | 40910cbcf1e8ab75e88a90a24e42fce2
WordPress Polls 1.2.4 SQL Injection
Posted Oct 22, 2017
Authored by Manish Tanwar

WordPress Polls plugin version 1.2.4 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | e1e3b4c479d0946e2296b490351e6c39
Local File Disclosure Via SQL Injection
Posted Mar 13, 2017
Authored by Manish Tanwar

Whitepaper discussing local file disclosure attacks via remote SQL injection.

tags | paper, remote, local, sql injection
MD5 | dba854d85b85d2a54ff8aebeba6b9d29
Injecting SQLite Database-Based Application
Posted Feb 19, 2017
Authored by Manish Tanwar

This is a whitepaper that discusses leveraging SQL injection attacks against SQLite databases.

tags | paper, sql injection
MD5 | 5d5a3664bfa800fd6c41493052b37555
POSNIC Unauthenticated Remote Code Execution
Posted Feb 1, 2017
Authored by Manish Tanwar

POSNIC versions prior to 1.03 suffer from a code execution vulnerability when set up to trust data from a compromised mysql instance.

tags | exploit, code execution
MD5 | d237daeb59142a52310c4201ceeaac15
PHPback Cross Site Scripting / SQL Injection
Posted Jan 27, 2017
Authored by Manish Tanwar

PHPback versions prior to 1.3.1 suffer from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 36d2f17833b22d7574f32b307bd40ad4
vBulletin 4.2.3 SQL Injection
Posted Nov 11, 2016
Authored by Manish Tanwar

vBulletin versions 4.2.3 and below suffer from a remote SQL injection vulnerability in the forumrunner add-on.

tags | exploit, remote, sql injection
MD5 | 29cdaddccd60287215d37c62c2e7baeb
WordPress S3 Video Remote Shell Upload
Posted Dec 11, 2015
Authored by Manish Tanwar

WordPress S3 Video plugin suffers from a remote shell upload vulnerability. Versions prior to 0.91 are affected.

tags | exploit, remote, shell
MD5 | ed3870c05a6c68f7c3594e9d5833022a
WordPress Car Rental System SQL Injection
Posted Aug 26, 2015
Authored by Manish Tanwar

WordPress Car Rental System plugin versions prior to 3.1 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 28cd7b85021f62f10ac68a6a90830ea1
Magento Add Administrator Account
Posted Aug 26, 2015
Authored by Manish Tanwar

Magento shoplift exploit that adds an administrator account. Flaw originally discovered by CheckPoint.

tags | exploit
MD5 | f7cbc08fbc353fe56b130e24d0add82c
Joomla EQ Event Calendar SQL Injection
Posted Jun 8, 2015
Authored by Manish Tanwar

Joomla EQ Event Calendar component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 2795f33319eeb7bd7334c88e96f43f3c
WordPress Windows Desktop And iPhone Photo Uploader File Upload
Posted Apr 9, 2015
Authored by Manish Tanwar

WordPress Windows Desktop and iPhone Photo Uploader plugin suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
systems | windows, apple, iphone
MD5 | d2e3e65707fc84afa1933bd0dcd2d5ca
Joomla Spider FAQ SQL Injection
Posted Mar 23, 2015
Authored by Manish Tanwar

The Joomla Spider FAQ component suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a40d03f58f0d2bbdc9c2565bc91a8471
ecommerceMajor SQL Injection
Posted Jan 23, 2015
Authored by Manish Tanwar

ecommerceMajor suffers from remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | a03e11efd85b83053f5a366ebc35fa1a
PHP Address Book Cross Site Scripting / SQL Injection
Posted Jan 3, 2015
Authored by Manish Tanwar

PHP Address Book suffers from cross site scripting and remote SQL injection vulnerabilities, the latter allowing for authentication bypass.

tags | exploit, remote, php, vulnerability, xss, sql injection
MD5 | 62f6c030eb447d21c0c6c5dbdfffb7a7
PBBoard CMS Cross Site Scripting
Posted Dec 8, 2014
Authored by Manish Tanwar

PBBoard CMS suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | a37de307173926cf36bd3b2d8e6c40b6
User Friendly SVN Cross Site Scripting
Posted Jun 21, 2014
Authored by Manish Tanwar

User Friendly SVN versions prior to 1.0.7 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ddb0146ec97bd0a2473cf3a9f73909b4
ntop Cross Site Scripting
Posted Jun 11, 2014
Authored by Manish Tanwar

ntop suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | ba330881979c5f0b1946e03d4a25e8b2
Clipperz Password Manager Code Execution
Posted May 20, 2014
Authored by Manish Tanwar

Clipperz Password Manager suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 568f0f961624aa0dc2dafb7dd7e44c6d
BarracudaDrive 6.7.2 Cross Site Scripting
Posted May 16, 2014
Authored by Manish Tanwar

BarracudaDrive version 6.7.2 suffers from multiple reflective and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 3ede9453d2bf05e21e0ab4ca3c18e0a1
WordPress Formidable Forms Remote Code Execution
Posted May 11, 2014
Authored by Manish Tanwar

WordPress Formidable Forms plugin versions prior to 1.06.03 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | f1ca185a8af4d173b3bc6e21f14e831d
WordPress Business Intelligence 1.0.6 Shell Upload
Posted Mar 28, 2014
Authored by Manish Tanwar

WordPress wp-business-intelligence plugin version 1.0.6 suffers from a remote shell upload vulnerability due to including ofc_upload_image.php.

tags | exploit, remote, shell, php
MD5 | 08b10dacca3c19abadcf9a52eed81ece
Page 1 of 1
Back1Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close