Showing 1 - 25 of 33

Files from SunCSR

First Active	2020-03-24
Last Active	2021-05-05

Hacking HTTP CORS: Posted May 5, 2021; Authored by SunCSR, Minh Tuan; Whitepaper called Hacking HTTP CORS.; tags | paper, web; MD5 | 9d7985ccaf0286004c923f116d47d946; Download | Favorite | View

HTTP Host Header Attacks: Posted Apr 22, 2021; Authored by SunCSR; This is a brief whitepaper that discuss HTTP Host header attacks.; tags | paper, web; MD5 | a1981f34582f6b20784bc27231fda231; Download | Favorite | View

GraphQL Attack: Posted Mar 30, 2021; Authored by SunCSR; This is a whitepaper that discusses attacking GraphQL.; tags | paper; MD5 | 026de2e7404899f64cdda0cb771a7df0; Download | Favorite | View

LiteSpeed Web Server Enterprise 5.4.11 Command Injection: Posted Feb 5, 2021; Authored by SunCSR, cmOs; LiteSpeed Web Server Enterprise version 5.4.11 suffers from an authenticated remote command injection vulnerability.; tags | exploit, remote, web; MD5 | 4ccb7816f0ee2cec9578a104021a7947; Download | Favorite | View

Malware Hunting 101: Posted Feb 1, 2021; Authored by SunCSR; Whitepaper called Malware Hunting 101. Written in Vietnamese.; tags | paper; MD5 | b494e839cb504d3ad4f845d155647ba4; Download | Favorite | View

Openlitespeed Web Server 1.7.8 Command Injection: Posted Jan 27, 2021; Authored by SunCSR, cmOs; Openlitespeed Web Server version 1.7.8 suffers from an authenticated command injection vulnerability.; tags | exploit, web; MD5 | 2e75a75342364422e92b5451204a799a; Download | Favorite | View

Android Application Vulnerabilities: Posted Jan 26, 2021; Authored by SunCSR; Whitepaper called Android Application Vulnerabilities. Written in Vietnamese.; tags | paper, vulnerability; MD5 | 65ca4065964d00a8f0b73e9520869d1c; Download | Favorite | View

Simple JobBoard Authenticated File Read: Posted Jan 21, 2021; Authored by SunCSR, Hoa Nguyen, Arcangelo Saracino | Site metasploit.com; This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress plugin Simple JobBoard versions prior to 2.9.3 to perform an arbitrary file read with the web server privileges.; tags | exploit, web, arbitrary; advisories | CVE-2020-35749; MD5 | f67aec0e1808a4048efded2042ded5a9; Download | Favorite | View

Laravel 8.4.2 Remote Code Execution: Posted Jan 14, 2021; Authored by SunCSR; Laravel version 8.4.2 suffers from a debug mode remote code execution vulnerability.; tags | exploit, remote, code execution; MD5 | 777a54e04861b26de13d508208e0dd5b; Download | Favorite | View

Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal: Posted Jan 8, 2021; Authored by SunCSR, Hoa Nguyen, 0rich1 | Site metasploit.com; This Metasploit module exploits an unauthenticated directory traversal vulnerability in Apache Flink version 1.11.0.; tags | exploit; advisories | CVE-2020-17519; MD5 | a8332e42d64ab8da484106f4450b83c2; Download | Favorite | View

Responsive FileManager 9.13.4 Path Traversal: Posted Jan 5, 2021; Authored by SunCSR; Responsive FileManager version 9.13.4 path traversal exploit. Original discovery of this finding is attributed to farisv in December of 2018.; tags | exploit, file inclusion; MD5 | 576b9b1598c826767542e7d40705bbc2; Download | Favorite | View

CSZ CMS 1.2.9 Cross Site Scripting: Posted Jan 5, 2021; Authored by SunCSR; CSZ CMS version 1.2.9 suffers from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; MD5 | 1ed4df9d15c3b3ca05832e0d79200b0a; Download | Favorite | View

Object Prototype Pollution Attack: Posted Dec 23, 2020; Authored by SunCSR; Whitepaper called Object Prototype Pollution Attack.; tags | paper; MD5 | 47102dc9d96a280fceb29bd1300d2a6a; Download | Favorite | View

WordPress W3 Total Cache 0.9.3 File Read / Directory Traversal: Posted Dec 22, 2020; Authored by SunCSR, Hoa Nguyen, VinhJAXT | Site metasploit.com; This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress plugin W3 Total Cache version 0.9.2.6 through 0.9.3, allowing arbitrary file read with the web server privileges.; tags | exploit, web, arbitrary; advisories | CVE-2019-6715; MD5 | 7ead4511c9260d6098e2191ece098f61; Download | Favorite | View

Exploit WordPress Plugin Vulnerability Using Static Source Code Analysis Techniques: Posted Dec 18, 2020; Authored by SunCSR; Whitepaper called Exploit WordPress Plugin Vulnerability Using Static Source Code Analysis Techniques.; tags | paper; MD5 | 5547d9c5988fdab38bfb79b10e2532b8; Download | Favorite | View

Mobile App Security: Posted Dec 9, 2020; Authored by SunCSR, Nghia Van Le; This is a brief whitepaper discussing best practices in mobile application security.; tags | paper; MD5 | 077ad6207fbdc6a00700a76feb4cde0c; Download | Favorite | View

API Security Overview: Posted Dec 8, 2020; Authored by SunCSR; Whitepaper called API Security Overview that discusses different types of flaws and exploitation of API insecurities.; tags | paper; MD5 | 569e9618b5cbeac20e8fe78ab24f61fe; Download | Favorite | View

WonderCMS 3.1.3 Cross Site Scripting: Posted Nov 27, 2020; Authored by SunCSR; WonderCMS version 3.1.3 suffers from a persistent cross site scripting vulnerability. Original finding for persistent cross site scripting in this version of WonderCMS is attributed to Hemant Patidar.; tags | exploit, xss; MD5 | 0a86a07638c2bc4b20e96c08d1fd7f89; Download | Favorite | View

WordPress Accesspress Social Icons Theme 1.7.9 SQL Injection: Posted Nov 27, 2020; Authored by SunCSR; WordPress Accesspress Social Icons theme version 1.7.9 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; MD5 | d3cb5885976c55c92fedea658fd20a13; Download | Favorite | View

Apache OpenMeetings 5.0.0 Denial Of Service: Posted Nov 24, 2020; Authored by SunCSR; Apache OpenMeetings version 5.0.0 suffers from a denial of service vulnerability.; tags | exploit, denial of service; advisories | CVE-2020-13951; MD5 | 59eb8c12340cd20675e0710a793e9bcb; Download | Favorite | View

BigTree CMS 4.4.10 Remote Code Execution: Posted Sep 25, 2020; Authored by SunCSR; BigTree CMS version 4.4.10 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; MD5 | 353327fef903019f8b589b0223caf8ba; Download | Favorite | View

Symphony CMS 3.0.0 Cross Site Scripting: Posted Aug 28, 2020; Authored by SunCSR; Symphony CMS version 3.0.0 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; MD5 | 057fa5a8fd0169b62ab2a607007249aa; Download | Favorite | View

WordPress Autoptimize 2.7.6 Shell Upload: Posted Aug 28, 2020; Authored by SunCSR; WordPress Autoptimize plugin version 2.7.6 suffers from an authenticated remote shell upload vulnerability.; tags | exploit, remote, shell; MD5 | 07265bbb9062f5d7ecf6fa2ea1b61683; Download | Favorite | View

Exploit Command Injection Router Via Reverse Firmware Technique: Posted Jun 25, 2020; Authored by SunCSR; Whitepaper called Exploit Command Injection Router via reverse firmware technique.; tags | paper; MD5 | d656257a28af7647491580460f2f0396; Download | Favorite | View

Detect SQL Injection WordPress Plugin Using RegEx: Posted Jun 16, 2020; Authored by SunCSR; Whitepaper called Detect SQL Injection WordPress Plugin using RegEx.; tags | paper, sql injection; MD5 | 2f1d697338aa6cf05465453dbe6e9a2a; Download | Favorite | View

Page 1 of 2 Back 1 2 Next

Top Authors In Last 30 Days

Red Hat 112 files
Ubuntu 44 files
malvuln 41 files
Google Security Research 9 files
Vulnerability Laboratory 7 files
Yvan Genuer 6 files
nu11secur1ty 6 files
LiquidWorm 5 files
twseptian 4 files
Ron Jost 4 files

File Archives

Systems

AIX (423)
Apple (1,853)
BSD (368)
CentOS (55)
Cisco (1,909)
Debian (5,947)
Fedora (1,690)
FreeBSD (1,241)
Gentoo (4,149)
HPUX (875)
iOS (310)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (41,360)
Mac OS X (682)
Mandriva (3,105)
NetBSD (255)
OpenBSD (476)
RedHat (10,971)
Slackware (941)
Solaris (1,601)
SUSE (1,444)
Ubuntu (7,589)
UNIX (9,014)
UnixWare (182)
Windows (6,262)
Other

Files from SunCSR

File Archive:

January 2022

Top Authors In Last 30 Days

File Tags

File Archives

Systems