exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files from Sipke Mellema

First Active2016-08-01
Last Active2019-11-12
FlexAir Access Control 2.3.38 Command Injection
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

FlexAir Access Control versions 2.3.38 and below remote root command injection exploit.

tags | exploit, remote, root
advisories | CVE-2019-7669
MD5 | bda839dcfe5896e2d89cbe0e3d1f28f1
I Own Your Building (Management System)
Posted Nov 12, 2019
Authored by LiquidWorm, Sipke Mellema | Site applied-risk.com

Whitepaper called I Own Your Building (Management System). It discusses various systems used to manage buildings and associated vulnerabilities with them.

tags | paper, vulnerability
MD5 | 8692e82de5e87a163782764b7bbeaff7
Linear eMerge50P/5000P 4.6.07 Remote Code Execution
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

Linear eMerge50P/5000P 4.6.07 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-7266, CVE-2019-7267, CVE-2019-7268, CVE-2019-7269
MD5 | 2789c6b2f40bbe8a15601a4c42957f1d
Computrols CBAS-Web 19.0.0 Command Injection
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below unauthenticated remote command injection exploit.

tags | exploit, remote, web
MD5 | 50d03aaede914ca877d49bdec4da6d01
VTech DigiGo 83.60630 Browser Overlay Attack
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware 83.60630 suffers from a browser overlay attack vulnerability.

tags | exploit
MD5 | 77cea9e9382eded61fbed8053c84a2ad
VTech DigiGo 83.60630 Broken TLS Certificate Validation
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware version 83.60630 fails to perform validation of TLS certificates.

tags | exploit
MD5 | 59ddde2caff6394072eed1459a12fd42
VTech DigiGo 83.60630 Certificate Pinning
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware version 83.60630 fails to perform certificate pinning in some flows.

tags | advisory
MD5 | b42e1511b7ec7a18c5d96a398e4d3d07
Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read
Posted Jul 5, 2017
Authored by Securify B.V., Sipke Mellema

Virtuozzo Power Panel (VZPP) and Automator version 6.1.2 suffers from a buffer over-read vulnerability.

tags | advisory
MD5 | 2af4bc88b18673fd24ac2f529c2fd96b
WordPress 4.5.3 Press This Function CSRF / Denial Of Service
Posted Mar 7, 2017
Authored by Securify B.V., Sipke Mellema

WordPress version 4.5.3 Press This Function suffers from a cross site request forgery vulnerability that can cause a denial of service condition.

tags | exploit, denial of service, csrf
MD5 | 83fd7fe78cebb4f12e22a40081367585
WordPress Image Gallery 1.9.65 Cross Site Scripting
Posted Nov 24, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0348155d964562c5432c19dd743820e2
WordPress Instagram Feed 1.4.6.2 Cross Site Scripting / Cross Site Request Forgery
Posted Nov 20, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Instagram Feed plugin version 1.4.6.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | cefe4eda32f9bf6dfd4b119a654b8251
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress W3 Total Cache plugin version 0.9.4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 540b8fa59c92fee27670136b915841aa
WordPress W3 Total Cache 0.9.4.1 Race Condition
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the support form. Version 0.9.4.1 is affected.

tags | exploit, info disclosure
MD5 | f4944a81070ec53fc3f9cc16169fd2f0
WordPress Google Maps 6.3.14 Cross Site Request Forgery
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Google Maps plugin version 6.3.14 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 4b176c3c006c97fe472b49e1045f1114
WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected.

tags | exploit, denial of service
MD5 | 530b6c7891343fb9d1140ce5cbda0d8a
WordPress Woocommerce 2.6.2 API Cross Site Scripting
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Woocommerce version 2.6.2 suffers from an API related cross site scripting vulnerability.

tags | exploit, xss
MD5 | c37b485881fa1b91c27088e2d7717d70
WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress InfiniteWP Admin Panel version 2.8.0 suffers from an authorization bypass vulnerability.

tags | exploit, bypass
MD5 | cc1e49310d62cb94080934ef694354d4
WordPress InfiniteWP Admin Panel 2.8.0 Command Injection
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress InfiniteWP Admin Panel version 2.8.0 suffers from a command injection vulnerability.

tags | exploit
MD5 | 887f0ed6e301bc620514d8b242b87f9b
WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress MailPoet Newsletters 2.7.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9692fad3cc8b9bf6560fa72171b54215
WordPress All-In-One Security / Firewall 4.1.2 CAPTCHA Bypass
Posted Aug 1, 2016
Authored by Securify B.V., Sipke Mellema

WordPress All-In-On Security and Firewall plugin version 4.1.2 suffers from multiple CAPTCHA bypass vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | eadcee9144c7f7cbaad656157117c8dc
Page 1 of 1
Back1Next

File Archive:

August 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    3 Files
  • 2
    Aug 2nd
    2 Files
  • 3
    Aug 3rd
    32 Files
  • 4
    Aug 4th
    22 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    19 Files
  • 7
    Aug 7th
    6 Files
  • 8
    Aug 8th
    1 Files
  • 9
    Aug 9th
    2 Files
  • 10
    Aug 10th
    27 Files
  • 11
    Aug 11th
    11 Files
  • 12
    Aug 12th
    11 Files
  • 13
    Aug 13th
    17 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close