what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 7 of 7 RSS Feed

Files from coiffeur

First Active2020-05-06
Last Active2020-12-11
Rukovoditel 2.6.1 Shell Upload / Local File Inclusion
Posted Dec 11, 2020
Authored by coiffeur

Rukovoditel version 2.6.1 remote code execution exploit that leverages shell upload and local file inclusion vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, code execution, file inclusion
SHA-256 | 975b7ba7dfc1c500ea9e23d90655a5643b1a793677defc9ec265442ecab49fce
Dolibarr 12.0.3 SQL Injection / Remote Code Execution
Posted Dec 11, 2020
Authored by coiffeur

Dolibarr version 12.0.3 remote SQL injection exploit that achieves remote code execution.

tags | exploit, remote, code execution, sql injection
SHA-256 | 752f6eae60abdb96ea2bf446f22afe9d2446db44df565231549fcd6896d20f74
WordPress Simple File List Unauthenticated Remote Code Execution
Posted Nov 25, 2020
Authored by h00die, coiffeur | Site metasploit.com

This Metasploit module exploits WordPress Simple File List plugin versions prior to 4.2.3, which allows remote unauthenticated attackers to upload files within a controlled list of extensions. However, the rename function does not conform to the file extension restrictions, thus allowing arbitrary PHP code to be uploaded first as a png then renamed to php and executed.

tags | exploit, remote, arbitrary, php
SHA-256 | c76d8f741d62e082e4021197c4f997d2888355186e9e04b1278f52540744b1fa
PHP-Fusion 9.03.60 PHP Object Injection
Posted Jul 1, 2020
Authored by coiffeur

PHP-Fusion version 9.03.60 suffers from a PHP object injection vulnerability.

tags | exploit, php
SHA-256 | 5383acba2c3cd45f7cc3223b5af3fe592644b62ab6fd29c75bc0a912e99554fa
PHP-Fusion 9.03.60 PHP Object Injection / SQL Injection
Posted Jun 15, 2020
Authored by coiffeur

PHP-Fusion version 9.03.60 PHP object injection to SQL injection pre-authentication exploit.

tags | exploit, php, sql injection
SHA-256 | 9499083374865e6afdcc98bbc3435e3e7b6d82a57f0a3486fba8428713cc05ed
PHP-Fusion 9.03.50 Cross Site Scripting
Posted May 20, 2020
Authored by coiffeur

PHP-Fusion version 9.03.50 has been found susceptible to additional methods of persistent cross site scripting. Initial findings in this version were discovered by SunCSR.

tags | exploit, php, xss
SHA-256 | c6b9922795d11a23e3b4151c57c54613d48ea125dc0bc2b428d1acbb0c0f9f47
YesWiki cercopitheque 2020.04.18.1 SQL Injection
Posted May 6, 2020
Authored by coiffeur

YesWiki cercopitheque version 2020.04.18.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7f55d22fdee5a2d9fa9d1c21ce50be96851a1da64e897c647d1d71c018e37c9f
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close