what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 21 of 21 RSS Feed

Files from Wadeek

First Active2016-03-21
Last Active2024-09-01
WordPress Total Upkeep Unauthenticated Backup Downloader
Posted Sep 1, 2024
Authored by h00die, Wadeek | Site metasploit.com

This Metasploit module exploits an unauthenticated database backup vulnerability in WordPress plugin Boldgrid-Backup also known as Total Upkeep version < 1.14.10. First, env-info.php is read to get server information. Next, restore-info.json is read to retrieve the last backup file. That backup is then downloaded, and any sql files will be parsed looking for the wp_users INSERT statement to grab user creds.

tags | exploit, php
SHA-256 | 8ab619abe5830fc334f96aa44ebe91bf5262fbdf2d37942eb3a12c5a678f4e61
WordPress Backup Migration 1.2.8 Backup Disclosure
Posted May 24, 2023
Authored by Wadeek

WordPress Backup Migration plugin version 1.2.8 suffers from a database disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 54bfb2eecc242ef9dd0f6982f9909de6c5939c256b9a2ca0aed8bb82c04f7e1f
WordPress Total Upkeep 1.14.9 Backup Disclosure
Posted Dec 14, 2020
Authored by Wadeek

WordPress Total Upkeep plugin version 1.14.9 suffers from a backup disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 1a482567d665942d7b66e8c7097084e716aa6d3a91a0714cfe35cb036dc12072
Edimax Technology EW-7438RPn-v3 Mini 1.27 Remote Code Execution
Posted Apr 13, 2020
Authored by Wadeek

Edimax Technology EW-7438RPn-v3 Mini version 1.27 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | a7b3bfe170399993d098377d06aacc8404570738458254729c765989042ee70f
Netgear WiFi Router JWNR2010v5 / R6080 Authentication Bypass
Posted Jul 15, 2019
Authored by Wadeek

Netgear WiFi router versions JWNR2010v5 and R6080 suffer from authentication bypass vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | 034ed9038532a99e6b030d733d008140314fd60b1ed467dfb1ef4e92b0fb1609
TP-Link Archer C50 Wireless Router 171227 CSRF
Posted Nov 12, 2018
Authored by Wadeek

TP-Link Archer C50 Wireless Router 171227 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c1f76254a2e97860d49b81bac75298be01fc22fa01f719986d2291b7d85291ac
NETGEAR WiFi Router R6120 Credential Disclosure
Posted Oct 31, 2018
Authored by Wadeek

NETGEAR WiFi Router R6120 suffers from a credential disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | daf472c5d2611ddc71d425949ff533f742aebf7055faa072ae37de8c783cea0e
TP-Link C50 Wireless Router 3 Information Disclosure Cross Site Request Forgery
Posted Aug 9, 2018
Authored by Wadeek

TP-Link C50 Wireless Router 3 suffers from cross site request forgery vulnerability that allows for information disclosure.

tags | exploit, info disclosure, csrf
SHA-256 | 3ad2cf541878201e7c393421268aa259ed91ab56bf64fa043da52ad275e88aad
TP-Link C50 Wireless Router 3 Remote Reboot Cross Site Request Forgery
Posted Aug 9, 2018
Authored by Wadeek

TP-Link C50 Wireless Router 3 suffers from a remote reboot cross site request forgery vulnerability.

tags | exploit, remote, csrf
SHA-256 | f0ac329d6272aaebe3f0f19c17b7df64e30c1436a213fc5249f69284d57febf0
AsusWRT RT-AC750GF Cross Site Request Forgery
Posted Jun 25, 2018
Authored by Wadeek

AsusWRT RT-AC750GF suffers from a cross site request forgery vulnerability in the change admin password flow.

tags | exploit, csrf
SHA-256 | 363560f7c28221e14f216c3e9133cd294040a8d4e3874784d921d8085a9c6803
TP-Link Technologies TL-WA850RE Wi-Fi Range Extender Unauthorized Remote Reboot
Posted Apr 27, 2018
Authored by Wadeek

TP-Link Technologies TL-WA850RE Wi-Fi Range Extender suffers from an unauthorized remote reboot vulnerability.

tags | exploit, remote
SHA-256 | 970a5397e04acea93596c1622e954fa7cc0a100eb23d4a5bf1fa9ecac096aba5
WordPress WP With Spritz 1.0 File Inclusion
Posted Apr 26, 2018
Authored by Wadeek

WordPress WP with Spritz plugin version 1.0 suffers from local and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
SHA-256 | c6986cfbd78a92dae5c9a05da5db76c918141c17da17231a3ab998a61b73258d
Aastra 6755i SIP SP4 Denial Of Service
Posted Feb 19, 2018
Authored by Wadeek

Aastra 6755i SIP SP4 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | d2ff73305e2a0039c97109b1e937bfe8ded69b6860834e78acaa228ab9ffac71
Belkin N600DB Command Injection / Backdoor
Posted Jan 17, 2018
Authored by Wadeek

Belkin N600DB suffers from password disclosure, a backdoor shell, server-side request forgery, and command injection vulnerabilities.

tags | exploit, shell, vulnerability
SHA-256 | ad4deef8559fe9859dfa5db5bd48616568ccaac8491f724ab6019aa6c952893c
Belkin NetCam F7D7601 Remote Command Execution / Hard-Coded Passwords
Posted Jul 17, 2017
Authored by Wadeek

Belkin NetCam F7D7601 suffers from remote command execution, network fingerprinting, and hard-coded password vulnerabilities.

tags | exploit, remote, vulnerability
SHA-256 | 4bd2b5bb8c5fc1891523e53b3179f3ae7e600feacbf458153657ff0e4b2e1524
EC-CUBE 2.12.6 Server-Side Request Forgery
Posted Oct 24, 2016
Authored by Wadeek

EC-CUBE version 2.12.6 suffers from a server-side request forgery vulnerability.

tags | exploit
SHA-256 | c42ba6db20bf772a4bcc9224c08de1ef016065fe9006bd2eaeef8a403bde4674
NetBilleterie 2.8 SQL Injection / Information Disclosure
Posted Oct 13, 2016
Authored by Wadeek

NetBilleterie version 2.8 suffers from remote SQL injection and information disclosure vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure
SHA-256 | 67eb1173e9a47959be8afd57a92575f29b7bf96962b2ffe0ca8cac0b6a650b6a
OpenCimetiere 3.0.0-a5 Blind SQL Injection
Posted Oct 13, 2016
Authored by Wadeek

OpenCimetiere version 3.0.0-a5 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | a639b87a100bb79acb7fa238fdafd585bb41cb2eeca01298ac45bbec815d6771
Categorizator 0.3.1 SQL Injection
Posted Oct 13, 2016
Authored by Wadeek

Categorizator version 0.3.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 6f0636b8e9b2983f9ed51a6cdeac5aeada8788e8233a5f825bad75a107a1f925
WordPress eBook Download 1.1 Directory Traversal
Posted Mar 21, 2016
Authored by Wadeek

WordPress eBook Download plugin version 1.1 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 318fb4f76e3092c8ff33ac73fd09fc95ac7ed8b8879301abfb411e910e2b8bba
WordPress Import CSV 1.1 Directory Traversal
Posted Mar 21, 2016
Authored by Wadeek

WordPress Import CSV plugin version 1.1 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | 707a5fc82a6731639583d67130bd989dfed85f9b4b0f10af7dcc9e0f8b036b3c
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    0 Files
  • 5
    Nov 5th
    0 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close