what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from Simon Uvarov

OCS Inventory NG ocsreports Shell Upload

Posted Nov 14, 2018

Authored by Simon Uvarov

OCS Inventory NG suffers from an ocsreports authenticated remote code execution vulnerability via a shell upload.

tags | exploit, remote, shell, code execution

advisories | CVE-2018-15537

SHA-256 | 24d22f114a3cf7d6004bf89c7745ac2a396b3daec40452cab1bc1b32f0c94835

Download | Favorite | View

Cockpit CMS CSRF / XSS / Path Traversal

Posted Oct 12, 2018

Authored by Simon Uvarov

Cockpit CMS suffers from cross site request forgery, cross site scripting, and traversal vulnerabilities. Version 0.6.2 should address these issues.

tags | exploit, vulnerability, xss, file inclusion, csrf

advisories | CVE-2018-15538, CVE-2018-15539, CVE-2018-15540

SHA-256 | df06cf06712dc4427222b72d1c1d4ba09f0aa9874a1d8f29577a2e40ea44e7a8

Download | Favorite | View

Responsive FileManager 9.13.4 Path Traversal

Posted Aug 23, 2018

Authored by Simon Uvarov

Responsive FileManager version 9.13.4 suffers from multiple path traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion

advisories | CVE-2018-15535, CVE-2018-15536

SHA-256 | 1c0b5e62101ed7a3b0bbaf833ad6aaf9db23b235f9be4b1afcc438fd06376308

Download | Favorite | View

OCS Inventory NG Webconsole Shell Upload

Posted Aug 6, 2018

Authored by Simon Uvarov

OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

tags | exploit, php, file upload

advisories | CVE-2018-14857

SHA-256 | 2f71b923fd12139847ac2ff8144d07a7250e7131bad2b3d7db85ba17ff41bf94

Download | Favorite | View