Twenty Year Anniversary
Showing 1 - 9 of 9 RSS Feed

Files from Ishaq Mohammed

Email addressshaikhishaq201 at gmail.com
First Active2017-09-21
Last Active2018-07-11
Monstra CMS Authenticated Arbitrary File Upload
Posted Jul 11, 2018
Authored by Touhid M.Shaikh, Ishaq Mohammed | Site metasploit.com

Monstra CMS 3.0.4 allows users to upload arbitrary files which leads to remote command execution on the remote server. An attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against Monstra CMS 3.0.4.

tags | exploit, remote, arbitrary, php
advisories | CVE-2017-18048
MD5 | 7dbdf348dbb60d19f6dfcb69ab4f25d5
SilverStripe CMS 3.6.2 CSV Excel Macro Injection
Posted Dec 26, 2017
Authored by Ishaq Mohammed

SilverStripe CMS version 3.6.2 suffers from a CSV excel macro injection vulnerability.

tags | exploit
MD5 | 3a26a8f7ddb60fce91ed660e9db18dbe
Monstra CMS 3.0.4 Remote Shell Upload
Posted Dec 17, 2017
Authored by Ishaq Mohammed

Monstra CMS version 3.0.4 suffers from a remote shell upload vulnerability that allows for remote code execution.

tags | exploit, remote, shell, code execution
MD5 | 232ceeef3d1b599e0679a64c3c4ba7f7
KirbyCMS Cross Site Scripting
Posted Nov 13, 2017
Authored by Ishaq Mohammed

KirbyCMS versions prior to 2.5.7 suffer from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-16807
MD5 | ab1434ceb1cd9757d687ad7f73ee0cca
KeystoneJS 4.0.0-beta.5 Unauthenticated Stored Cross Site Scripting
Posted Oct 25, 2017
Authored by Ishaq Mohammed

KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-15878
MD5 | b25bac8103481cb0935773ae248e5749
KeystoneJS 4.0.0-beta.5 Unauthenticated CSV Injection
Posted Oct 25, 2017
Authored by Ishaq Mohammed

KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated CSV injection vulnerability in admin/server/api/download.js and lib/list/getCSVData.js.

tags | exploit
advisories | CVE-2017-15879
MD5 | ed1bbf3e8a789e547a2f12819275971f
phpMyFAQ 2.9.8 Cross Site Scripting
Posted Oct 13, 2017
Authored by Ishaq Mohammed

phpMyFAQ version 2.9.8 suffers from a persistent cross site scripting vulnerability where an attacker can embed malicious script code in the title of the faq.

tags | exploit, xss
advisories | CVE-2017-14619
MD5 | 6642a0d4af122419de48faf1002027e6
OctoberCMS 1.0.425 Cross Site Scripting
Posted Oct 12, 2017
Authored by Ishaq Mohammed

OctoberCMS version 1.0.425 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-15284
MD5 | f858f84c1697f98f8c75cd03f41c39b5
phpMyFAQ 2.9.8 Cross Site Scripting
Posted Sep 21, 2017
Authored by Ishaq Mohammed

phpMyFAQ version 2.9.8 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2017-14618
MD5 | dd7b07c8ceb84bd510329997ef39de84
Page 1 of 1
Back1Next

File Archive:

November 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    10 Files
  • 2
    Nov 2nd
    15 Files
  • 3
    Nov 3rd
    2 Files
  • 4
    Nov 4th
    2 Files
  • 5
    Nov 5th
    32 Files
  • 6
    Nov 6th
    27 Files
  • 7
    Nov 7th
    8 Files
  • 8
    Nov 8th
    9 Files
  • 9
    Nov 9th
    17 Files
  • 10
    Nov 10th
    2 Files
  • 11
    Nov 11th
    2 Files
  • 12
    Nov 12th
    33 Files
  • 13
    Nov 13th
    29 Files
  • 14
    Nov 14th
    23 Files
  • 15
    Nov 15th
    45 Files
  • 16
    Nov 16th
    1 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close