exploit the possibilities
Showing 1 - 6 of 6 RSS Feed

Files from Hoa Nguyen

First Active2020-12-18
Last Active2021-01-21
Simple JobBoard Authenticated File Read
Posted Jan 21, 2021
Authored by SunCSR, Hoa Nguyen, Arcangelo Saracino | Site metasploit.com

This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress plugin Simple JobBoard versions prior to 2.9.3 to perform an arbitrary file read with the web server privileges.

tags | exploit, web, arbitrary
advisories | CVE-2020-35749
MD5 | f67aec0e1808a4048efded2042ded5a9
WordPress wpDiscuz 7.0.4 Shell Upload
Posted Jan 8, 2021
Authored by Hoa Nguyen, Chloe Chamberland | Site metasploit.com

This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin version 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server.

tags | exploit, remote, arbitrary, php, code execution, file upload
MD5 | 77c5903183e5519dfd6d1477ae0018a4
WordPress Autoptimize Shell Upload
Posted Jan 8, 2021
Authored by Hoa Nguyen, Thien Ngo, Khanh Nguyen | Site metasploit.com

WordPress Autoptimize plugin suffers from a remote shell upload vulnerability. The ao_ccss_import AJAX call does not ensure that the file provided is a legitimate zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to remote code execution.

tags | exploit, remote, arbitrary, shell, php, code execution
advisories | CVE-2020-24948
MD5 | b411262c32d42ec1cbf7382e1a8f4a37
Apache Flink 1.11.0 Arbitrary File Read / Directory Traversal
Posted Jan 8, 2021
Authored by SunCSR, Hoa Nguyen, 0rich1 | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in Apache Flink version 1.11.0.

tags | exploit
advisories | CVE-2020-17519
MD5 | a8332e42d64ab8da484106f4450b83c2
WordPress W3 Total Cache 0.9.3 File Read / Directory Traversal
Posted Dec 22, 2020
Authored by SunCSR, Hoa Nguyen, VinhJAXT | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress plugin W3 Total Cache version 0.9.2.6 through 0.9.3, allowing arbitrary file read with the web server privileges.

tags | exploit, web, arbitrary
advisories | CVE-2019-6715
MD5 | 7ead4511c9260d6098e2191ece098f61
WordPress Duplicator 1.3.26 Directory Traversal / File Read
Posted Dec 18, 2020
Authored by Hoa Nguyen, Ramuel Gall | Site metasploit.com

This Metasploit module exploits an unauthenticated directory traversal vulnerability in WordPress Duplicator plugin versions 1.3.24 through 1.3.26, allowing arbitrary file read with the web server privileges. This vulnerability was being actively exploited when it was discovered.

tags | exploit, web, arbitrary, file inclusion
advisories | CVE-2020-11738
MD5 | 25786101984968ff048b1ccf1294f760
Page 1 of 1
Back1Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    10 Files
  • 22
    Jan 22nd
    16 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close