Real Name | Bobby Cooke |
---|---|
Email address | private |
First Active | 2019-12-13 |
Last Active | 2020-11-25 |
House Rental version 1.0 remote SQL injection exploit that leverages the keywords variable.
c74de0bcdcb478a0ebbca36dac706cc0
CloudMe version 1.11.2 exploit that uses MSVCRT.System to create a new user (boku:0v3R9000!) and add the new user to the Administrators group. A requirement of successful exploitation is the CloudMe.exe process must be running as administrator.
ee00ae19cbee8ea397dcd21d71b0c0f1
Tailor MS version 1.0 suffers from a cross site scripting vulnerability.
8b140ec9d3e79e50039c0fd163119144
GetSimple CMS Multi User plugin version 1.8.2 suffers from multiple cross site request forgery vulnerabilities.
b7868197fa770b7cffbd822964b7f528
Travel Management System version 1.0 unauthenticated remote code execution exploit.
481e294a5c3b19ae9308d1e27f22aece
Travel Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
c518e2efaa06ce2e1007f8bacde5aec9
Warehouse Inventory System version 1.0 suffers from a cross site request forgery vulnerability.
01290f1430fc0c874d2441c5bbeb39f0
Tailor MS version 1.0 reflected cross site scripting key logger exploit.
e7c6a76445ffac2108a614abbaec5d98
BarracudaDrive version 6.5 suffers from a privilege escalation vulnerability.
46d297f212c73f78372745c92dba3e78
House Rental version 1.0 SQL injection exploit that changes the administrative password. Written in python.
4835e335cf4e574990008b7767ccd72a
Car Rental Management System version 1.0 unauthenticated persistent cross site scripting session harvester exploit.
af3f86a5e983da7361832c54ce227ebd
Stock Management System version 1.0 suffers from a cross site request forgery vulnerability.
3c5b73ade86e8add863d011533c5b13b
Stock Management System version 1.0 cross site scripting credential harvesting exploit.
e446b8905eecb3fea89495e9af42d485
Online Bike Rental version 1.0 suffers from an authenticated remote shell upload vulnerability.
c24d92ba32b907f53df823c312feb8d2
Daily Tracker System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4f5a24a83647c98bdc4387fb5214ec35
LibreHealth version 2.0.0 authenticated remote code execution exploit.
c21b4b511f291e76d1d84cb98e90cd06
LibreHealth version 2.0.0 authentication remote code execution exploit that leverages file upload.
fdb429c0607ceadf1536570f0e8ac8d9
Online Course Registration version 1.0 unauthenticated remote code execution exploit.
29323f09b2dcf8094d31e62a8ddf1759
10-Strike Bandwidth Monitor version 3.9 services Svc10StrikeBandMontitor, Svc10StrikeBMWD, and Svc10StrikeBMAgent suffer from unquoted service path vulnerabilities.
9c7f67a912da09530ade02dbff2d9187
Bandwidth Monitor version 3.9 full ROP buffer overflow exploit with SEH, DEP, and ASLR taken into consideration.
e485411f8850c19591908825d56fde0f
10-Strike Bandwidth Monitor version 3.9 ROP VirtualAlloc buffer overflow exploit with SEH, DEP, and ASLR.
62c59edf3af57cd07c3c6f2a164c81b8
198 bytes small macOS/x64 RickRolling shellcode.
629ad7b064b5d84ed3f906842421a4f2
Gym Management System version 1.0 suffers from an unauthenticated remote code execution vulnerability.
ce64ae85eae1a7a26c36e368e636d47b
ACal version 2.2.6 suffers from a one-click remote code execution vulnerability.
168d9516623ec5c828c45bf6cbea0151
WebTareas version 2.0p8 suffers from a cross site scripting vulnerability.
1e1b18d6abc7bfaf1594a5ee92f4b133