what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 35 RSS Feed

Files from Kaustubh G. Padwad

First Active2015-01-30
Last Active2021-05-04
Shenzhen Skyworth RN510 Information Disclosure
Posted May 4, 2021
Authored by Kaustubh G. Padwad

Shenzhen Skyworth RN510 suffers from an unauthenticated sensitive information disclosure vulnerability.

tags | exploit, info disclosure
advisories | CVE-2021-25326
SHA-256 | 7f26e9706a9282668f82475d29e2552e812bbb3bd068893eb424f30e0d699c6d
Shenzhen Skyworth RN510 Cross Site Request Forgery / Cross Site Scripting
Posted May 4, 2021
Authored by Kaustubh G. Padwad

Shenzhen Skyworth RN510 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2021-25327
SHA-256 | 70d4b29f86b8a386559ce1885039111a11ce3147edcb6cc01fd5a7adda137f43
Shenzhen Skyworth RN510 Buffer Overflow
Posted May 4, 2021
Authored by Kaustubh G. Padwad

Shenzhen Skyworth RN510 suffers from a buffer overflow vulnerability that allows for remote code execution.

tags | exploit, remote, overflow, code execution
advisories | CVE-2021-25328
SHA-256 | 93aaa64937baf7f896bc583390423bd6be7254ef45979a7f1e67273873d3d9df
TP-Link Cross Site Scripting
Posted Mar 26, 2021
Authored by Kaustubh G. Padwad, Smriti Gaba

Multiple TP-Link devices suffer from an unauthenticated persistent cross site scripting vulnerability. Affected models include TD-W9977, TL-WA801ND, TL-WA801N, TL-WR802N, and Archer-C3150.

tags | exploit, xss
advisories | CVE-2021-3275
SHA-256 | e35e1937104dc66eacb185dee5eb8adeeab2b99d9f05fd8364987d6dd5a729bd
Unibox 2.4 CSRF / Remote Code Execution
Posted Feb 8, 2021
Authored by Kaustubh G. Padwad

Unibox version 2.4 suffers from remote code execution and cross site request forgery vulnerabilities.

tags | exploit, remote, vulnerability, code execution, csrf
SHA-256 | 8dd77b322f43636d3235c2c88700453adfa9865970ffd5dd3a39a083974ecbb8
Unibox Cross Site Request Forgery
Posted Feb 8, 2021
Authored by Kaustubh G. Padwad

Various Unibox products suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b2ad463fe05cca881eb2aaa2883ee1d6b019cd543a3dfca94efb14e2e27c91e8
Nokia 8810 Denial Of Service
Posted Feb 13, 2019
Authored by Kaustubh G. Padwad

A denial of service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices. When a crafted web page is visited with the internal browser, the Gecko process crashes with a segfault. Successful exploitation could lead to the remote code execution on the device.

tags | exploit, remote, web, denial of service, code execution
advisories | CVE-2019-7386
SHA-256 | 41ed47df5f0cb6c76f6d18138f1661d9ed68c2bbe0c204c4e5369cd7ff9e62fd
Raisecom Technology GPON-ONU HT803G-07 Command Injection
Posted Feb 13, 2019
Authored by Kaustubh G. Padwad

Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the newpass and confpass parameters in /bin/WebMGR.

tags | exploit
advisories | CVE-2019-7385
SHA-256 | e7ecf5fa2c6f869e62d82c9df7399dbcbd72c48e427d4b22e50975a3e101f661
Raisecom Technology GPON-ONU HT803G-07 Command Injection
Posted Feb 13, 2019
Authored by Kaustubh G. Padwad

Raisecom Technology GPON-ONU HT803G-07 suffers from an authenticated command injection vulnerability in the fmgpon_loid parameter.

tags | exploit
advisories | CVE-2019-7384
SHA-256 | 20c807e8e9b1420883bb9554d5567b9aa797cbf1aa083b30b34637600361e93f
SYSTORME ISG Command Injection
Posted Feb 13, 2019
Authored by Kaustubh G. Padwad

SYSTORME ISG products ISG-600C, ISG-600H, and ISG-800W suffer from an authenticated command injection vulnerability.

tags | exploit
advisories | CVE-2019-7383
SHA-256 | 74184a70ebca4b40a63ba803ab0d7c6c1d3778f3752608a8f155df9f97e121c8
SYSTORME ISG Cross Site Request Forgery
Posted Feb 13, 2019
Authored by Kaustubh G. Padwad

SYSTORME ISG products ISG-600C, ISG-600H, and ISG-800W suffer from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2018-19525
SHA-256 | 3afd770ed7f96641d003de944e95ad53a06c7f7713c9c607fef61adfddd70330
Skyworth GPON HomeGateways / Optical Network Stack Overflow
Posted Feb 11, 2019
Authored by Kaustubh G. Padwad

A stack overflow vulnerability has been identified in multiple Skyworth GPON HomeGateways and Optical Network terminals. Affected products include 1.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 2.DT741 Converged Intelligent Terminal (G/EPON+IPTV), 3.DT721-cb GPON uplink home gateway (GPON+2FE+1POTS), 4.DT721-cb GPON Uplink Home Gateway (GPON+2FE+1POTS), 5.DT741-cb GPON uplink home gateway (GPON+4FE+1POTS+WIFI+USB), 6.DT741-cb GPON Uplink Home Gateway (GPON+4FE+1POTS+WIFI+USB), and 7.DT741-cbGPON uplink home gateway DT741-cb.

tags | exploit, overflow
advisories | CVE-2018-19524
SHA-256 | 4f48da3e8a78a9cf4093887c381e510d71c9c97ebafd060e27501d9e12a2e61d
Manage Engine OPutils 8.0 Authorization Bypass
Posted Feb 16, 2016
Authored by Kaustubh G. Padwad

Manage Engine OPutils version 8.0 suffers from an authorization bypass vulnerability due to a missing function level access control.

tags | exploit, bypass
SHA-256 | b9e7e86ebc2d1e55dc5329a95efdaca283be5268b1a3a03b374a5d737c611082
Manage Engine OPutils 8.0 Privilege Escalation
Posted Feb 16, 2016
Authored by Kaustubh G. Padwad

Manage Engine OPutils version 8.0 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | b977e013fda04f44e8af632bcc03cc1219b52ae3d3bd69ffba3b620b6a52c170
Manage Engine OPutils 8.0 Cross Site Request Forgery / Cross Site Scripting
Posted Feb 16, 2016
Authored by Kaustubh G. Padwad

Manage Engine OPutils version 8.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 733c28616c1891158bef1795b1d8b042f1e58ddc0cd0991868a9f08d50bd3559
ManageEngine Network Configuration Management Build 11000 Privilege Escalation
Posted Feb 10, 2016
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management build version 11000 suffers from a privilege escalation vulnerability.

tags | exploit
SHA-256 | b1e8ea1844311d691d035609460b77754f923da68c3f14f66c5c9e53051686e2
ManageEngine Network Configuration Management Build 11000 CSRF
Posted Jan 29, 2016
Authored by Kaustubh G. Padwad

ManageEngine Network Configuration Management build 11000 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | b4748784f8dee5785fb74729ebcd54c6263a9b3b6fefef6c72fb3f86e7114d00
WordPress Ad Buttons 2.3.1 CSRF / Cross Site Scripting
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Ad Buttons plugin version 2.3.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 38b043d0ddd6274052aa3b2235c087b0a5f86ffbd8a74ae736c9855251b13cd0
WordPress Ultimate Profile Builder 2.3.3 CSRF / Cross Site Scripting
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Ultimate Profile Builder plugin version 2.3.3 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | e306dde4e30a050baaee377e244ad54d920791bdf5e7dd8e595b3a7eaca44b37
WordPress ClickBank Ads 1.7 CSRF / Cross Site Scripting
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress ClickBank Ads plugin version 1.7 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 47910384921948b511a328ff8006171ac9d2ec58cab3173c9f2b6b746ca631eb
Manage Engine Asset Explorer 6.1.0 Build 6110 CSRF / XSS
Posted May 7, 2015
Authored by Kaustubh G. Padwad

Manage Engine Asset Explorer version 6.10 build 6110 suffers from cross site request forgery and persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 195e2f680ce1f1256efa4ca7d96a6455fb8bb335560c4ad2d9e348c0cd79ddb7
WordPress Ad Inserter 1.5.2 CSRF / XSS
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Ad Inserter plugin version 1.5.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | fc4d07d0daf390ca0c72e3db173c0a59ad0af1b9efa29d6fd45e91a1f202d286
WordPress Embed-Articles 7.0.3 CSRF / XSS
Posted May 7, 2015
Authored by Kaustubh G. Padwad

WordPress Embed-Articles plugin version 7.0.3 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | a8cef952b6cc90193465ca3ccb8b29e293b5fed101d0cdff61fab9964921ee33
WordPress WP Statistics 9.1.2 Cross Site Scripting
Posted Apr 16, 2015
Authored by Kaustubh G. Padwad

WordPress WP Statistics plugin version 9.1.2 suffers from stored cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7417199952c4f4c2dfe0f63ea7723e48742cb4ca58d9e91e2dd4096de4abde78
WordPress Google Map Travel 3.4 XSS / CSRF
Posted Mar 28, 2015
Authored by Kaustubh G. Padwad

WordPress AB Google Map Travel (AB-MAP) plugin version 4.0 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2015-2755
SHA-256 | dbd0939d53280d5f0c1443437fc3c64a3c5ad487379041dd2756ab5536b86ce4
Page 1 of 2
Back12Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close