what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files from John Martinelli from ISRD.com

Email addressadvisories at isrd.com
First Active2007-04-10
Last Active2020-03-15
OctoberCMS Insecure Dependencies
Posted Mar 15, 2020
Authored by John Martinelli from ISRD.com

OctoberCMS is a CMS similar to WordPress, but with much less "fluff". The SECURELI.com team identified the latest version of OctoberCMS relying on Bootstrap 3.3.7, jQuery 1.11.1, and jQuery 3.3.1. All of these dependencies are vulnerable.

tags | advisory
advisories | CVE-2015-9251, CVE-2018-14040, CVE-2018-14041, CVE-2018-14042, CVE-2019-11358, CVE-2019-8331
SHA-256 | f681fa16535fadc7191cd66f822dffa7d216f8af2a34f5deedc5787f586eef6a
Google Chrome Password Disclosure
Posted Sep 17, 2019
Authored by John Martinelli from ISRD.com

Google Chrome suffers from an issue where it will leak all passwords for a given domain.

tags | exploit, info disclosure
SHA-256 | 33a0fcd84f7d28b117dfeeff9b4d5a05b73aa52f8f1ca18f372566a831eda0ac
RetireJS CORS Issue / Script Execution
Posted Jun 7, 2019
Authored by John Martinelli from ISRD.com

RetireJS was scanned with itself and found to contain multiple vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2012-6708, CVE-2015-9251, CVE-2019-11358
SHA-256 | 4e8b916c17b0c91c44cbc6d5b8acbfe29f91cc8033f1c166b9f6c738157025a2
dotCMS 5.1.1 Open Redirection / Cross Site Scripting
Posted Jun 3, 2019
Authored by John Martinelli from ISRD.com

dotCMS version 5.1.1 suffers from cross site scripting and open redirection vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 4c91f2941dc39193335aef9be0f18ffdb761fd3326b97a09f147222f47804ba3
dotCMS 5.1.1 Vulnerable Dependencies
Posted May 9, 2019
Authored by John Martinelli from ISRD.com

dotCMS version 5.1.1 suffers from cross site scripting and various other vulnerabilities due to various open source dependencies.

tags | advisory, vulnerability, xss
advisories | CVE-2008-7220, CVE-2015-9251, CVE-2018-14040, CVE-2018-14041, CVE-2019-11358
SHA-256 | 807354717454bcddf23878f723cf0673fbb451acfadadb8aeb6ae4f5faa523c1
WordPress 4.4 User Enumeration
Posted Dec 11, 2015
Authored by John Martinelli from ISRD.com

WordPress versions 4.4 and below leak whether or not a username exists in their login flow.

tags | advisory, info disclosure
SHA-256 | 1fcd8c4fe8a6f66633988433b2ccfbe5217d776751625c4284b08e7c7dd51fe0
WordPress 4.0 Denial Of Service
Posted Nov 29, 2014
Authored by John Martinelli from ISRD.com

WordPress versions 4.0 and below suffer from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2014-9034
SHA-256 | db06a68758cd9dad1d5395c990fc04dd3f23911c44cbcde51be81bd708299ba0
openAcunetix Web Application Scanner
Posted Jan 21, 2009
Authored by John Martinelli from ISRD.com | Site redlevel.org

openAcunetic is an open source java-based web application vulnerability scanner.

tags | tool, java, web, scanner
systems | unix
SHA-256 | 0f54c34b400f277378cf94969b4343cb6d90574f229786adbbf0ec2258d03503
vonage-default.txt
Posted Jun 6, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

It appears that the Vonage VoIP telephone adapter comes with an embedded login of user with a password of user.

tags | exploit, telephony
SHA-256 | 8fa0bcdf0449b90a1155919f3af5b775eb05b38ec790226c77fb954515bad07b
clonuswiki-xss.txt
Posted May 23, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

ClonusWiki version 0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 289d9544c7f43f9c4c6fa455f0685062750af0d98e316537030a2a0c7b60ad38
cubecart-sql.txt
Posted May 23, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

CubeCart version 3.0.16 suffers from a SQL injection vulnerability.

tags | advisory, sql injection
SHA-256 | b67323882e8c104f606a9d286fda07f3a0630e85ae7c8a3881213f91648023f5
rmeasymail-xss.txt
Posted May 23, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

RM EasyMail Plus suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | af3bbf3808809cc93d0f9b0ec689028f0111cfe61ecbb1b7644e955733e69fb7
psychostats-xss.txt
Posted May 23, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

PsychoStats version 3.0.6b suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 88ad6e7e1f5a4cf83d4e74ee1b64a060a2154b3f0351442fa38bf056c27a108f
hlstarts-xss2.txt
Posted May 22, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

HLstats version 1.35 suffers from a cross site scripting vulnerability. Second version.

tags | exploit, xss
SHA-256 | 2e33e129c421a01bd2c831dae1c20c685eedcbb77a71062a204fa1d74e4be9e7
hlstats-xss.txt
Posted May 22, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

HLstats version 1.35 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f003331dc20cb468a0a744d3e6e8f268171785452b05ea1c7583b53cd7b2a256
redoable-xss.txt
Posted May 21, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

Redoable version 1.2 suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 7d0dd4340c9b0f1d1ef16a94a5377aa35e45b904f488be9ab6c10246c83ca5be
vpasp-xss.txt
Posted May 21, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

VP-ASP Shopping Cart version 6.50 suffers from a cross site scripting vulnerability.

tags | exploit, xss, asp
SHA-256 | 3e9cb216e7e75a78b428045471d464e3821ad630614ddd91e379bfbc7b2492df
drakeCMS-crlf.txt
Posted May 8, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

Drake CMS version 0.4.0 suffers from a CRLF injection vulnerability.

tags | exploit
SHA-256 | 4eb665e684ba69f5947c585c36420635d04b563e0e41a249a320faf92c12810e
cubecart-crlf.txt
Posted May 8, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

CubeCart version 3.0.15 suffers from a CRLF injection vulnerability.

tags | exploit
SHA-256 | ccc2c9eff2be86c3cf5e212c278a15bee192a0e413da14463054cc98baaeb1a4
sunshop-multi.txt
Posted May 8, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

SunShop version 4 suffers from cookie manipulation, cross site scripting, and SQL injection vulnerabilities.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 304b3750a50eb4d0ac9ce9d5a7db92756044d4ebddbf1b996aa1ab3777da6fa8
podium-cookie.txt
Posted May 8, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

Podium CMS suffers from a cookie manipulation vulnerability.

tags | exploit
SHA-256 | a75f1591308fc2a359322a945adc472de83f2cb33437d4cf3e24de44dfedf144
acp3-multi.txt
Posted May 8, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

ACP3 suffers from cookie manipulation, cross site scripting, and SQL injection vulnerabilities.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 0320ab472c4b7bb1752a2e07b168cbc0be4e5d9fe0d1f048231a6de5e3aee119
pmsgold-sql.txt
Posted Apr 24, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

phpMySpace Gold version 8.10 suffers from a blind SQL injection vulnerability.

tags | exploit, sql injection
SHA-256 | 89dc9b946f4c351bf1b066f7e308857dcb3ca2ec6ce120560a1d9e3a42b81314
ripewm-xss.txt
Posted Apr 24, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

Ripe Website Manager versions 0.8.4 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 977ecfcaf20a5a72669e5f5cd307b061392a16d6c52492e26512d2db4b49f696
galix.txt
Posted Apr 19, 2007
Authored by John Martinelli from ISRD.com | Site redlevel.org

Galix version 2.0 is susceptible to a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | ea37257ee871870d8689cf712d58ce07955c7f84d75ad80001399a5b45f19f66
Page 1 of 2
Back12Next

File Archive:

January 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    0 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    5 Files
  • 4
    Jan 4th
    5 Files
  • 5
    Jan 5th
    9 Files
  • 6
    Jan 6th
    5 Files
  • 7
    Jan 7th
    0 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    18 Files
  • 10
    Jan 10th
    31 Files
  • 11
    Jan 11th
    30 Files
  • 12
    Jan 12th
    33 Files
  • 13
    Jan 13th
    25 Files
  • 14
    Jan 14th
    0 Files
  • 15
    Jan 15th
    0 Files
  • 16
    Jan 16th
    7 Files
  • 17
    Jan 17th
    25 Files
  • 18
    Jan 18th
    38 Files
  • 19
    Jan 19th
    6 Files
  • 20
    Jan 20th
    21 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    24 Files
  • 24
    Jan 24th
    68 Files
  • 25
    Jan 25th
    22 Files
  • 26
    Jan 26th
    20 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close