| Real Name | Bobby Cooke |
|---|---|
| Email address | private |
| First Active | 2019-12-13 |
| Last Active | 2020-09-29 |
CloudMe version 1.11.2 exploit that uses MSVCRT.System to create a new user (boku:0v3R9000!) and add the new user to the Administrators group. A requirement of successful exploitation is the CloudMe.exe process must be running as administrator.
ee00ae19cbee8ea397dcd21d71b0c0f1Tailor MS version 1.0 suffers from a cross site scripting vulnerability.
8b140ec9d3e79e50039c0fd163119144GetSimple CMS Multi User plugin version 1.8.2 suffers from multiple cross site request forgery vulnerabilities.
b7868197fa770b7cffbd822964b7f528Travel Management System version 1.0 unauthenticated remote code execution exploit.
481e294a5c3b19ae9308d1e27f22aeceTravel Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c518e2efaa06ce2e1007f8bacde5aec9Warehouse Inventory System version 1.0 suffers from a cross site request forgery vulnerability.
01290f1430fc0c874d2441c5bbeb39f0Tailor MS version 1.0 reflected cross site scripting key logger exploit.
e7c6a76445ffac2108a614abbaec5d98BarracudaDrive version 6.5 suffers from a privilege escalation vulnerability.
46d297f212c73f78372745c92dba3e78House Rental version 1.0 SQL injection exploit that changes the administrative password. Written in python.
4835e335cf4e574990008b7767ccd72aCar Rental Management System version 1.0 unauthenticated persistent cross site scripting session harvester exploit.
af3f86a5e983da7361832c54ce227ebdStock Management System version 1.0 suffers from a cross site request forgery vulnerability.
3c5b73ade86e8add863d011533c5b13bStock Management System version 1.0 cross site scripting credential harvesting exploit.
e446b8905eecb3fea89495e9af42d485Online Bike Rental version 1.0 suffers from an authenticated remote shell upload vulnerability.
c24d92ba32b907f53df823c312feb8d2Daily Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4f5a24a83647c98bdc4387fb5214ec35LibreHealth version 2.0.0 authenticated remote code execution exploit.
c21b4b511f291e76d1d84cb98e90cd06LibreHealth version 2.0.0 authentication remote code execution exploit that leverages file upload.
fdb429c0607ceadf1536570f0e8ac8d9Online Course Registration version 1.0 unauthenticated remote code execution exploit.
29323f09b2dcf8094d31e62a8ddf175910-Strike Bandwidth Monitor version 3.9 services Svc10StrikeBandMontitor, Svc10StrikeBMWD, and Svc10StrikeBMAgent suffer from unquoted service path vulnerabilities.
9c7f67a912da09530ade02dbff2d9187Bandwidth Monitor version 3.9 full ROP buffer overflow exploit with SEH, DEP, and ASLR taken into consideration.
e485411f8850c19591908825d56fde0f10-Strike Bandwidth Monitor version 3.9 ROP VirtualAlloc buffer overflow exploit with SEH, DEP, and ASLR.
62c59edf3af57cd07c3c6f2a164c81b8198 bytes small macOS/x64 RickRolling shellcode.
629ad7b064b5d84ed3f906842421a4f2Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.
ce64ae85eae1a7a26c36e368e636d47bACal version 2.2.6 suffers from a one-click remote code execution vulnerability.
168d9516623ec5c828c45bf6cbea0151WebTareas version 2.0p8 suffers from a cross site scripting vulnerability.
1e1b18d6abc7bfaf1594a5ee92f4b133Pisay Online E-Learning System version 1.0 suffers from remote SQL Injection and code execution vulnerabilities.
c0c573cce24cfaa86ad1d9b4c0ba79e7
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed