exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Charles FOL

First Active2017-03-09
Last Active2020-06-02
vBulletin 5.6.1 SQL Injection
Posted Jun 2, 2020
Authored by Charles FOL, Zenofex | Site metasploit.com

This Metasploit module exploits a SQL injection vulnerability found in vBulletin versions 5.6.1 and below. This module uses the getIndexableContent vulnerability to reset the administrator's password and it then uses the administrators login information to achieve remote code execution on the target. This module has been tested successfully on vBulletin version 5.6.1 on the Ubuntu Linux distribution.

tags | exploit, remote, code execution, sql injection
systems | linux, ubuntu
advisories | CVE-2020-12720
SHA-256 | ab383c3c011e7017caccbf3f14a2893505f109f7315cb558a626bdfe3e283ccb
Download | Favorite | View
PHP 7.2 imagecolormatch() Out-Of-Band Heap Write
Posted Apr 9, 2019
Authored by Charles FOL

PHP version 7.2 suffers from an imagecolormatch() out-of-band heap write vulnerability.

tags | exploit, php
advisories | CVE-2019-6977
SHA-256 | 69add42dde7d8d122571186cc4217258d5760ae073e9d96197a97e8666a28e27
Download | Favorite | View
CARPE (DIEM) Apache 2.4.x Local Privilege Escalation
Posted Apr 8, 2019
Authored by Charles FOL | Site cfreal.github.io

Apache versions 2.4.17 up to 2.4.38 apache2ctl graceful logrotate local privilege escalation exploit.

tags | exploit, local
advisories | CVE-2019-0211
SHA-256 | 3319265a25f9489c7617752a0f4a299d38530c30caf7932b9bb2b32075e9f1b7
Download | Favorite | View
Apache 2.4.38 Root Privilege Escalation
Posted Apr 4, 2019
Authored by Charles FOL | Site cfreal.github.io

Apache versions 2.4.17 through 2.4.38 suffer from a local root privilege escalation vulnerability due to an out-of-bounds array access leading to an arbitrary function call.

tags | exploit, arbitrary, local, root
advisories | CVE-2019-0211
SHA-256 | 9525ffd9aefbc06136c75f55edd33355815fc7df0b0f150a337892cfad9ed4bd
Download | Favorite | View
Magento 2.3.0 SQL Injection
Posted Mar 29, 2019
Authored by Charles FOL

Magento versions 2.2.0 through 2.3.0 unauthenticated remote SQL injection exploit.

tags | exploit, remote, sql injection
SHA-256 | fb8e5118d988e50510319ef6725fac056f280cc00faa123b19459e9412e70b6b
Download | Favorite | View
Drupal RESTful Web Services unserialize() Remote Code Execution
Posted Mar 6, 2019
Authored by wvu, Charles FOL, Jasper Mattsson, Rotem Reiss | Site metasploit.com

This Metasploit module exploits a PHP unserialize() vulnerability in Drupal RESTful Web Services by sending a crafted request to the /node REST endpoint. As per SA-CORE-2019-003, the initial remediation was to disable POST, PATCH, and PUT, but Ambionics discovered that GET was also vulnerable (albeit cached). Cached nodes can be exploited only once.

tags | exploit, web, php
advisories | CVE-2019-6340
SHA-256 | f0577a61447bee5c1e01e80e2168cbe148e2d1b04abd7c1f41da56482db6d02b
Download | Favorite | View
Drupal REST Module Remote Code Execution
Posted Feb 23, 2019
Authored by Charles FOL

Drupal versions prior to 8.6.10 and 8.5.11 suffer from a REST module remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-6340
SHA-256 | ae19653ae86e19e4205093659570141a9094d9c26cd09af8cb1673c93f03dc72
Download | Favorite | View
Oracle PeopleSoft Enterprise PeopleTools Remote Code Execution
Posted Nov 3, 2017
Authored by Charles FOL

Oracle PeopleSoft Enterprise PeopleTools versions prior to 8.55 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-3548
SHA-256 | e7ca7f1dfaf0427d15e6728d2323dfd98cf6d0d01d7466ab23ceea3a1e534852
Download | Favorite | View
TYPO3 News Module SQL Injection
Posted Apr 27, 2017
Authored by Charles FOL

The TYPO3 News module suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bb71657eaa7e4ca543ead5df7415208b7f27687d4255a45a2c042482a48a7805
Download | Favorite | View
Drupal 7.x Module Services Remote Code Execution
Posted Mar 9, 2017
Authored by Charles FOL

Drupal version 7.x module services remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 80a50821438fc6c1895f12fb121285719fc8d9b69c85fae539144f6a24a07158
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

March 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    13 Files
  • 3
    Mar 3rd
    15 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    16 Files
  • 7
    Mar 7th
    31 Files
  • 8
    Mar 8th
    16 Files
  • 9
    Mar 9th
    13 Files
  • 10
    Mar 10th
    9 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    10 Files
  • 14
    Mar 14th
    6 Files
  • 15
    Mar 15th
    17 Files
  • 16
    Mar 16th
    22 Files
  • 17
    Mar 17th
    13 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    16 Files
  • 21
    Mar 21st
    13 Files
  • 22
    Mar 22nd
    5 Files
  • 23
    Mar 23rd
    6 Files
  • 24
    Mar 24th
    47 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    50 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close