what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files from Metin Yunus Kandemir

First Active2019-04-03
Last Active2021-03-19
BRAdmin Professional 3.75 Unquoted Service Path
Posted Mar 19, 2021
Authored by Metin Yunus Kandemir

BRAdmin Professional version 3.75 suffers from an unquoted service path vulnerability.

tags | exploit
MD5 | 090ec9784264b7b2c1dc636e28fa7068
Klog Server 2.4.1 Command Injection
Posted Feb 15, 2021
Authored by Brendan Coles, Metin Yunus Kandemir, B3KC4T | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and prior. The authenticate.php file uses the user HTTP POST parameter in a call to the shell_exec() PHP function without appropriate input validation, allowing arbitrary command execution as the apache user.

tags | exploit, web, arbitrary, php
advisories | CVE-2020-35729
MD5 | 2fcde862940be1be38194631a27617e3
Openlitespeed WebServer 1.7.8 Command Injection
Posted Feb 11, 2021
Authored by Metin Yunus Kandemir

Openlitespeed WebServer version 1.7.8 remote command injection exploit. Original discovery of command injection in this version is attributed to cm0s from SunCSR in January of 2021.

tags | exploit, remote
MD5 | 544ac8117ecdf27be5df7ddb1c7cbc9c
Klog Server 2.4.1 Command Injection
Posted Feb 1, 2021
Authored by Metin Yunus Kandemir

Klog Server version 2.4.1 remote command injection exploit.

tags | exploit, remote
advisories | CVE-2021-3317
MD5 | 9d56395a42ddfd252a6c43a53b91eae7
Klog Server 2.4.1 Command Injection
Posted Jan 26, 2021
Authored by Metin Yunus Kandemir, B3KC4T | Site metasploit.com

This Metasploit module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and below.

tags | exploit
advisories | CVE-2020-35729
MD5 | bdaa705783090e05896aa7b814c48c3e
Cockpit 234 Server-Side Request Forgery
Posted Jan 8, 2021
Authored by Metin Yunus Kandemir

Cockpit version 234 suffers from an unauthenticated server-side request forgery vulnerability.

tags | exploit
MD5 | 08a5222d2042e7b178bdc08a8b512ecb
SuperMicro IPMI 03.40 Cross Site Request Forgery
Posted Jul 9, 2020
Authored by Metin Yunus Kandemir

SuperMicro IPMI version 03.40 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2020-15046
MD5 | c6d8021c22d652f56e1d92d8966b6e9a
CSZ CMS 1.2.7 HTML Injection
Posted Apr 21, 2020
Authored by Metin Yunus Kandemir

CSZ CMS version 1.2.7 suffers from an html injection vulnerability.

tags | exploit
MD5 | e290bb3d3ad91ab322e30869720d9789
CSZ CMS 1.2.7 Cross Site Scripting
Posted Apr 21, 2020
Authored by Metin Yunus Kandemir

CSZ CMS version 1.2.7 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | e25510fb8e80d1f7ec93c52dfd3126ac
Exagate Sysguard 6001 Cross Site Request Forgery
Posted Mar 20, 2020
Authored by Metin Yunus Kandemir

Exagate Sysguard 6001 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 59554a395f13761b8a07e12ef53b0dcc
Complaint Management System 4.0 Remote Code Execution
Posted Jan 7, 2020
Authored by Metin Yunus Kandemir

Complaint Management System version 4.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 899f0a810fb01422e2cc89623675f0fd
Online Course Registration 2.0 Remote Code Execution
Posted Jan 2, 2020
Authored by Metin Yunus Kandemir

Online Course Registration version 2.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | ae95616c78b2c6efd75e5e2af523ba4f
Hospital Management System 4.0 SQL Injection
Posted Jan 1, 2020
Authored by Metin Yunus Kandemir

Hospital Management System version 4.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | ab549370ce552db01ebc34eeba901d3d
Shopping Portal ProVersion 3.0 SQL Injection
Posted Jan 1, 2020
Authored by Metin Yunus Kandemir

Shopping Portal ProVersion version 3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
MD5 | c59845b1ff55e879521042a0439a2430
Snipe-IT Open Source Asset Management 4.7.5 Cross Site Scripting
Posted Dec 9, 2019
Authored by Metin Yunus Kandemir

Snipe-IT Open Source Asset Management version 4.7.5 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ab654a127618deb61eec45dcac220261
Dolibarr ERP-CRM 10.0.1 Cross Site Scripting
Posted Sep 13, 2019
Authored by Metin Yunus Kandemir

Dolibarr ERP-CRM version 10.0.1 suffers from a user-agent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-16197
MD5 | a1c1c6482827fcba803b9538335d0bb1
Dolibarr ERP-CRM 10.0.1 SQL Injection
Posted Sep 9, 2019
Authored by Metin Yunus Kandemir

Dolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 651b98a10f6da22baa060c0ef8e1faff
Dolibarr ERP-CRM 10.0.1 SQL Injection
Posted Sep 9, 2019
Authored by Metin Yunus Kandemir

Dolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 651b98a10f6da22baa060c0ef8e1faff
Dolibarr ERP-CRM 10.0.1 SQL Injection
Posted Sep 9, 2019
Authored by Metin Yunus Kandemir

Dolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | f12651030a096cade2e287dc096ca300
Ultimate Loan Manager 2.0 Cross Site Scripting
Posted Aug 1, 2019
Authored by Metin Yunus Kandemir

Ultimate Loan Manager version 2.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | f27079f7172ccf90318983a73a3d5689
dotProject 2.1.9 SQL Injection
Posted Jun 24, 2019
Authored by Metin Yunus Kandemir

dotProject version 2.1.9 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2019-11354
MD5 | 5a2091b567087cd399ac27529bcb8e97
Free SMTP Server 2.5 Denial Of Service
Posted May 29, 2019
Authored by Metin Yunus Kandemir

Free SMTP Server version 2.5 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
MD5 | 251cf82e96f4079a0c51f6fba20fe551
PhreeBooks ERP 5.2.3 Remote Command Execution
Posted Apr 3, 2019
Authored by Metin Yunus Kandemir

PhreeBooks ERP version 5.2.3 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 24ea20bd71ae32f8b6ef866dec82b0b7
Page 1 of 1
Back1Next

File Archive:

May 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    1 Files
  • 2
    May 2nd
    4 Files
  • 3
    May 3rd
    27 Files
  • 4
    May 4th
    17 Files
  • 5
    May 5th
    3 Files
  • 6
    May 6th
    32 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close