what you don't know can hurt you

Register | Login

Home Files News Services About Contact Add New

Showing 1 - 7 of 7

Files from Leandro Barragan

First Active	2017-05-24
Last Active	2018-06-26

Quest KACE Systems Management Command Injection: Posted Jun 26, 2018; Authored by Brendan Coles, Leandro Barragan, Guido Leo | Site metasploit.com; This Metasploit module exploits a command injection vulnerability in Quest KACE Systems Management Appliance version 8.0.318 (and possibly prior). The download_agent_installer.php file allows unauthenticated users to execute arbitrary commands as the web server user www. A valid Organization ID is required. The default value is 1. A valid Windows agent version number must also be provided. If file sharing is enabled, the agent versions are available within the \\kace.local\client\agent_provisioning\windows_platform Samba share. Additionally, various agent versions are listed on the KACE website. This Metasploit module has been tested successfully on Quest KACE Systems Management Appliance K1000 version 8.0 (Build 8.0.318).; tags | exploit, web, arbitrary, local, php; systems | windows; advisories | CVE-2018-11138; MD5 | 48ba6b06f4b01737a61a9c63d90ba594; Download | Favorite | Comments (0)

Quest KACE System Management Appliance 8.0 (Build 8.0.318) XSS / Traversal / Code Execution / SQL Injection: Posted May 31, 2018; Authored by Core Security Technologies, Leandro Barragan, Guido Leo | Site coresecurity.com; Quest KACE System Management Appliance version 8.0 (Build 8.0.318) suffers from code execution, cross site scripting, path traversal, remote SQL injection, and various other vulnerabilities.; tags | exploit, remote, vulnerability, code execution, xss, sql injection; advisories | CVE-2018-11132, CVE-2018-11133, CVE-2018-11134, CVE-2018-11135, CVE-2018-11136, CVE-2018-11137, CVE-2018-11138, CVE-2018-11139, CVE-2018-11140, CVE-2018-11141, CVE-2018-11142; MD5 | 40e0fc0c417670b30bccdf9097a9a547; Download | Favorite | Comments (0)

Trend Micro Email Encryption Gateway XSS / Code Execution: Posted Feb 21, 2018; Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com; Trend Micro Email Encryption Gateway suffers from cleartext transmission of sensitive information, missing authentication, cross site request forgery, cross site scripting, and various other vulnerabilities.; tags | exploit, vulnerability, xss, csrf; advisories | CVE-2018-6219, CVE-2018-6220, CVE-2018-6221, CVE-2018-6222, CVE-2018-6223, CVE-2018-6224, CVE-2018-6225, CVE-2018-6226, CVE-2018-6227, CVE-2018-6228, CVE-2018-6229, CVE-2018-6230; MD5 | 223e4ef70d15bf9047b6fde86990def0; Download | Favorite | Comments (0)

Kaspersky Secure Mail Gateway 1.1.0.379 CSRF / Code Execution: Posted Feb 6, 2018; Authored by Core Security Technologies, Leandro Barragan | Site coresecurity.com; Kaspersky Secure Mail Gateway version 1.1.0.379 suffers from code execution and cross site request forgery vulnerabilities.; tags | exploit, vulnerability, code execution, csrf; MD5 | 04398c48a2c352c40a07dcb4a1897e4f; Download | Favorite | Comments (0)

Trend Micro Smart Protection Server 3.2 XSS / Access Control / Disclosure: Posted Dec 22, 2017; Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com; Trend Micro Smart Protection Server version 3.2 suffers from access control bypass, cross site scripting, information disclosure, and various other vulnerabilities.; tags | exploit, vulnerability, xss, info disclosure; advisories | CVE-2017-11398, CVE-2017-14094, CVE-2017-14095, CVE-2017-14096, CVE-2017-14097; MD5 | 0e10fe92b1e5418787878b2ed8d69361; Download | Favorite | Comments (0)

Kaspersky Anti-Virus File Server 8.0.3.297 XSS / CSRF / Code Execution: Posted Jun 29, 2017; Authored by Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com; Kaspersky Anti-Virus for Linux File Server version 8.0.3.297 suffers from remote code execution, cross site request forgery, cross site scripting, security bypass, information disclosure, and path traversal vulnerabilities.; tags | exploit, remote, vulnerability, code execution, virus, xss, info disclosure, csrf; systems | linux; advisories | CVE-2017-9810, CVE-2017-9811, CVE-2017-9812, CVE-2017-9813; MD5 | 834309bd7c681fce682800c2b27a31c0; Download | Favorite | Comments (0)

Trend Micro ServerProtect Disclosure / CSRF / XSS: Posted May 24, 2017; Authored by Alberto Solino, Core Security Technologies, Maximiliano Vidal, Leandro Barragan | Site coresecurity.com; Trend Micro ServerProtect suffers from information disclosure, manipulation, cross site request forgery, cross site scripting, and various other vulnerabilities.; tags | exploit, vulnerability, xss, info disclosure, csrf; advisories | CVE-2017-9032, CVE-2017-9033, CVE-2017-9034, CVE-2017-9035, CVE-2017-9036, CVE-2017-9037; MD5 | 351e7980ee3be97f07ceb95ec237ce90; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 80 files
Ubuntu 56 files
boku 23 files
Debian 21 files
Google Security Research 21 files
Apple 8 files
Ihsan Sencan 6 files
saelo 6 files
Slackware Security Team 6 files
J3rryBl4nks 6 files

File Tags

File Archives

Systems

AIX (416)
Apple (1,703)
BSD (366)
Cisco (1,884)
Debian (5,943)
Fedora (1,687)
FreeBSD (1,239)
Gentoo (3,733)
HPUX (870)
iOS (240)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (36,890)
Mac OS X (662)
Mandriva (3,105)
NetBSD (255)
OpenBSD (468)
RedHat (8,086)
Slackware (941)
Solaris (1,587)
SUSE (1,444)
Ubuntu (6,566)
UNIX (8,595)
UnixWare (177)
Windows (5,596)
Other

packet storm

© 2016 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec