all things security
Showing 1 - 25 of 105 RSS Feed

Files from Janek Vind aka waraxe

Email addresscome2waraxe at yahoo.com
First Active2004-02-03
Last Active2013-07-15
Saurus CMS 4.7.1 4.7.1 LFI / RFI / XSS / SQL Injection / Traversal / CSRF
Posted Jul 15, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Saurus CMS version 4.7.1 suffers from cross site scripting, remote file inclusion, local file inclusion, information disclosure, remote SQL injection, HTTP response splitting, cross site request forgery, and directory traversal vulnerabilities.

tags | exploit, remote, web, local, vulnerability, xss, sql injection, file inclusion, info disclosure, csrf
MD5 | c5bc8a3e9c7c1dcc21b2e1c2db019482
Spider Event Calendar 1.3.0 Cross Site Scripting / Path Disclosure / SQL Injection
Posted May 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Spider Event Calendar version 1.3.0 is a Wordpress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 1eaa7cb9bcc95f42fb737185ee768e3d
Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection
Posted May 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Spider Catalog version 1.4.6 is a Wordpress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | ef43d2cf678bd3af7340cf9881abded6
phpMyAdmin Authenticated Remote Code Execution
Posted Apr 29, 2013
Authored by Janek Vind aka waraxe | Site metasploit.com

This Metasploit module exploits a PREG_REPLACE_EVAL vulnerability in phpMyAdmin's replace_prefix_tbl within libraries/mult_submits.inc.php via db_settings.php. This affects versions 3.5.x below 3.5.8.1 and 4.0.0 below 4.0.0-rc3. PHP versions greater than 5.4.6 are not vulnerable.

tags | exploit, php
advisories | CVE-2013-3238, OSVDB-92793
MD5 | 0f98ac49e2a0e97b78d728dd67072274
phpMyAdmin 3.5.8 / 4.0.0-RC2 Code Execution / LFI / Overwrite
Posted Apr 25, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

phpMyAdmin versions 3.5.8 and 4.0.0-RC2 suffer from multiple remote code execution, local file inclusion, and array overwrite vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
advisories | CVE-2013-3238, CVE-2013-3239, CVE-2013-3240, CVE-2013-3241
MD5 | a19f7b563bcfd27ec869d2b00fdd590b
phpMyAdmin 3.5.7 Cross Site Scripting
Posted Apr 10, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

phpMyAdmin version 3.5.7 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
MD5 | 03335a29baae9491a33ee4b265c32336
mRemote 1.50 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

mRemote version 1.50 suffers from an update spoofing vulnerability.

tags | exploit, spoof
MD5 | 5f0a05105f4eac25a94fcdac8802592f
Royal TS 2.1.5 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Royal TS version 2.1.5 suffers from an update spoofing vulnerability.

tags | exploit, spoof
MD5 | 716632b0b203b43be35e845638c4c9b1
LibreOffice 4.0.1.2 Update Spoofing
Posted Mar 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

LibreOffice version 4.0.1.2 suffers from an update spoofing vulnerability due to not using a secure channel nor digital signatures.

tags | exploit, spoof
MD5 | 645d9184c722c4ebf8a8cd85e7f54810
OpenCart 1.5.5.1 Directory Traversal
Posted Mar 20, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

OpenCart version 1.5.5.1 suffers from a directory traversal vulnerability.

tags | exploit
MD5 | 913e42fd7df4415a289dd82aa2d74ece
PHP-Fusion 7.02.05 XSS / LFI / SQL Injection
Posted Mar 1, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Fusion version 7.02.05 suffers from insecure backup handling, cross site scripting, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, php, vulnerability, xss, sql injection, file inclusion
MD5 | eadd12888d7ffd1ee998cbf595a1c10b
Zenphoto 1.4.3.3 SQL Injection / Interface Exposure / XSS
Posted Nov 5, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Zenphoto version 1.4.3.3 suffers from multiple vulnerabilities including an administrative interface exposure, cross site scripting, file restriction bypass, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 2f60ce75dd49b8aaa8b4ae9542b059d5
WordPress FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection
Posted Oct 30, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress FoxyPress plugin version 0.4.2.5 suffers from cross site request forgery, cross site scripting, path disclosure, remote shell upload, open redirect, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection, csrf
MD5 | e44f54fc880cd61618e25f10fa7a4eb6
WordPress GRAND Flash Album Gallery SQL Injection / Disclosure / File Overwrite
Posted Oct 25, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress GRAND Flash Album Gallery plugin versions 1.9.0 and 2.0.0 suffer from file disclosure, file overwrite, directory traversal, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | 1798752200454dd6f75de4aecc6a5bd0
Wordpress Social Discussions 6.1.1 File Inclusion / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Social Discussions plugin version 6.1.1 suffers from local file inclusion, path disclosure, and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
MD5 | b890a9a3e2212a99dfe4390948d22fb1
WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Slideshow plugin versions 2.1.12 and below suffer from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 798c584e637f9368f7d174b90f1c2fb4
phpMyBitTorrent 2.04 SQL Injection / Local File Inclusion
Posted Oct 3, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

phpMyBitTorrent version 2.04 suffers from insecure cache handling, remote file disclosure, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | e645edbaa7854fb3332c60b8de127efa
Thomson SpeedTouch ST780 Insecure SSL Connection
Posted Sep 25, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Thomson SpeedTouch ST780, by design, has mixed content in the DOM during an SSL encapsulated session.

tags | advisory
MD5 | fb05f515c38819c36c89573aa5785d84
TorrentTrader 2.08 XSS / Directory Traversal / Bypass
Posted Sep 17, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

TorrentTrader version 2.08 suffers from authorization bypass, cross site scripting, path disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 80f944bda396bc57c5a55368cbeda7aa
Joomla 2.5.4 Cross Site Scripting
Posted May 3, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Joomla version 2.5.4 suffers from a cross site scripting vulnerability in the administrative sysinfo page.

tags | exploit, xss
advisories | CVE-2012-2412
MD5 | 17a3b6890babbd1c67d14005a7cd4e11
Joomla 1.5.26 ja_purity Cross Site Scripting
Posted May 3, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Joomla version 1.5.26 suffers from a cross site scripting vulnerability in the ja_purity template.

tags | exploit, xss
advisories | CVE-2012-2413
MD5 | 27da82ecd8ff206a83c29d3f06faeb11
Invision Power Board 3.3.0 Local File Inclusion
Posted Apr 13, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Invision Power Board version 3.3.0 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2012-2226
MD5 | ecfaab8d4fd92acdcb7480a6b094094f
Uploadify Integration 0.9.6 Cross Site Scripting
Posted Apr 10, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Uploadify Integration version 0.9.6 suffers from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 9d269013c32f852cb91e889e51185a9c
OpenCart 1.5.2.1 LFI / Shell Upload / Response Splitting
Posted Apr 9, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

OpenCart version 1.5.2.1 suffers from arbitrary file upload, HTTP response splitting, local file inclusion, path disclosure, and failed randomness vulnerabilities.

tags | exploit, web, arbitrary, local, vulnerability, file inclusion, file upload
MD5 | 647b793cca6ece470eaafd5c3a73746c
Uploadify 2.1.4 Cross Site Scripting / Shell Upload
Posted Apr 6, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Uploadify version 2.1.4 suffers from cross site scripting, arbitrary file upload, and file existence disclosure vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss, file upload
MD5 | 52753f2c1a8feb0b100c32e1f44b5044
Page 1 of 5
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close