seeing is believing
Showing 1 - 25 of 127 RSS Feed

Files from Larry W. Cashdollar

Real NameLarry W. Cashdollar
Email addressprivate
Websitevapid.dhs.org
First Active1999-11-14
Last Active2017-03-17
View User Profile
WordPress Membership Simplified 1.58 Arbitrary File Download
Posted Mar 17, 2017
Authored by Larry W. Cashdollar, The Martian

WordPress Membership Simplified plugin version 1.58 arbitrary file download exploit.

tags | exploit, arbitrary
advisories | CVE-2017-1002008
MD5 | 260861bd0a211b17bbc2fecb274f788d
WordPress Membership Simplified 1.58 Arbitrary File Download
Posted Mar 16, 2017
Authored by Larry W. Cashdollar

WordPress Membership Simplified plugin version 1.58 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure
MD5 | ffcb9f6436dfbcff266a7a7ac5f9f808
WordPress Mobile App Native 3.0 Shell Upload
Posted Mar 2, 2017
Authored by Larry W. Cashdollar

WordPress Mobile App Native plugin version 3.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 33588d70b1e4e4d09b5f020e76ad9d56
WordPress wp-json Content Injection
Posted Feb 8, 2017
Authored by Larry W. Cashdollar, Marc Montipas

WordPress wp-json API content injection exploit proof of concept.

tags | exploit, proof of concept
MD5 | fa42f8c002a21ad5018cfc312ecd960f
WP Easy Full Backup Brute Forcer
Posted Jan 31, 2017
Authored by Larry W. Cashdollar

This is a database download brute forcing script that is written for the WordPress WP Easy Full Backup plugin.

tags | tool, scanner
systems | unix
MD5 | 2a53738044cb2ce2b2822a0a70cef738
Teradata Studio Express 15.12.00.00 Race Condition
Posted Nov 19, 2016
Authored by Larry W. Cashdollar

Teradata Studio Express version 15.12.00.00 suffers from a /tmp race condition.

tags | exploit
advisories | CVE-2016-7490
MD5 | c534e57d657bd8d1f6decd5327bb0f76
Teradata Virtual Machine Community Edition 15.0 Insecure File Creation
Posted Nov 18, 2016
Authored by Larry W. Cashdollar

Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure creation of files in /tmp that may lead to elevated code execution.

tags | exploit, code execution
advisories | CVE-2016-7489
MD5 | 858a0a8230038643938ef1ce1d6b7ec6
Teradata Virtual Machine Community Edition 15.10 Insecure File Permission
Posted Nov 11, 2016
Authored by Larry W. Cashdollar

Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure file permission vulnerability.

tags | exploit
advisories | CVE-2016-7488
MD5 | c7d46cf1302cefb5b377d4bb337cf8b5
Joomla Huge-IT Portfolio Gallery 1.0.6 SQL Injection
Posted Sep 30, 2016
Authored by Larry W. Cashdollar

Joomla Huge-IT Portfolio Gallery plugin version 1.0.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2016-1000124
MD5 | 408991be727b093dcb42715d973820d5
Joomla Huge-IT Catalog 1.0.7 SQL Injection
Posted Sep 30, 2016
Authored by Larry W. Cashdollar

Joomla Huge-IT Catalog component version 1.0.7 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2016-1000125
MD5 | a6125055a625ac7d49f7df510f69251c
Joomla Huge-IT Video Gallery 1.0.9 SQL Injection
Posted Sep 22, 2016
Authored by Larry W. Cashdollar

Joomla Huge-IT Video Gallery component version 1.0.9 suffers from a remote unauthenticated SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2016-1000123
MD5 | b3b9b0d43cb8d9f63e376fec65d0ffd2
Huge IT Joomla Slider 1.0.9 XSS / SQL Injection
Posted Jul 27, 2016
Authored by Larry W. Cashdollar

Huge IT Joomla Slider extension version 1.0.9 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2016-1000121, CVE-2016-1000122
MD5 | a55580899eb243e246cf62e8635b1861
Huge IT Joomla Catalog Extension 1.0.4 XSS / SQL Injection
Posted Jul 27, 2016
Authored by Larry W. Cashdollar

Huge IT Joomla Catalog extension version 1.0.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2016-1000119
MD5 | 7c8037ea0fddabb4602784bf6d73684c
Joomla Huge IT Gallery 1.1.5 Cross Site Scripting / SQL Injection
Posted Jul 24, 2016
Authored by Larry W. Cashdollar, Elitza Neytcheva

Joomla Huge IT Gallery component version 1.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2016-1000113
MD5 | a39872e48bbd09218e7d52ba78508b73
WordPress Contus Video Comments 1.0 File Upload
Posted Jun 22, 2016
Authored by Larry W. Cashdollar

WordPress Contus Video Comments plugin version 1.0 suffers from a remote file upload vulnerability.

tags | exploit, remote, file inclusion, file upload
MD5 | 878ac11298bc7d34f344850054ac0a6d
DeleGate 9.9.13 Local Root
Posted Dec 30, 2015
Authored by Larry W. Cashdollar

Installation of DeleGate version 9.9.13 sets some binaries setuid root and at least one of these binaries can be used to escalate the privileges of a local user. The binary dgcpnod creates a node allowing a local unprivileged user to create files anywhere on disk. By creating a file in /etc/cron.hourly a local user can execute commands as root.

tags | exploit, local, root
advisories | CVE-2015-7556
MD5 | 10da8841db2e338fc2f3452c22c24dae
WordPress Cool Video Gallery 1.9 Command Injection
Posted Dec 3, 2015
Authored by Larry W. Cashdollar

WordPress Cool Video Gallery plugin version 1.9 suffers from a remote command injection vulnerability.

tags | exploit, remote
advisories | CVE-2015-7527
MD5 | 93957d650a1d3a660742297dd69baea5
IBM Installation Manager 1.8.1 Race Condition
Posted Nov 12, 2015
Authored by Larry W. Cashdollar

The install script for IBM Installation Manager version 1.8.1 suffers from a /tmp race condition.

tags | exploit
MD5 | 5c4f9fb578a7239602ddb35966c91386
WordPress MP3-jPlayer 2.3.2 Path Disclosure
Posted Aug 6, 2015
Authored by Larry W. Cashdollar

WordPress MP3-jPlayer plugin version 2.3.2 suffers from a path disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 1bf79a20052ef31d65b732e4be20d0ac
WordPress WPTF Image Gallery 1.03 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress WPTF Image Gallery plugin version 1.03 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
MD5 | 904114303634992905847eee7a8eba05
WordPress Recent Backups 0.7 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Recent Backups plugin version 0.7 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
MD5 | 9fb52955d8f5996837a53e6e0a6cf0cc
WordPress Simple Image Manipulator 1.0 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Simple Image Manipulator plugin version 1.0 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
MD5 | 0d020200a02b3f986d508fc141b3c8b6
WordPress Candidate Application Form 1.0 File Download
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Candidate Application Form plugin version 1.0 suffers from an arbitrary remote file download vulnerability.

tags | exploit, remote, arbitrary
MD5 | 78d611c6512390266d7731febb3c913d
WordPress Filedownload 1.4 Open Proxy
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Filedownload plugin version 1.4 suffers from an open proxy vulnerability.

tags | exploit
MD5 | 2444868f5daa10fa5822259882ce0cfb
WordPress Fast Image Adder 1.1 Shell Upload
Posted Aug 5, 2015
Authored by Larry W. Cashdollar

WordPress Fast Image Adder plugin version 1.1 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | de68952c63d58f5b5affa45e6ae52457
Page 1 of 6
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    23 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close