exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 193 RSS Feed

Files from EgiX

Email addressn0b0d13s at gmail.com
First Active2007-07-31
Last Active2024-01-31
XenForo 2.2.13 ArchiveImport.php Zip Slip
Posted Jan 31, 2024
Authored by EgiX | Site karmainsecurity.com

XenForo versions 2.2.13 and below suffer from a zip slip filename traversal vulnerability in ArchiveImport.php.

tags | exploit, php
SHA-256 | 5deccbdac2cfe207ec995833b611569397b53b3acedb61fbd211edfe7bb16b0d
PKP-WAL 3.4.0-3 Remote Code Execution
Posted Dec 15, 2023
Authored by EgiX | Site karmainsecurity.com

PKP Web Application Library (PKP-WAL) versions 3.4.0-3 and below, as used in Open Journal Systems (OJS), Open Monograph Press (OMP), and Open Preprint Systems (OPS) before versions 3.4.0-4 or 3.3.0-16, suffer from a NativeImportExportPlugin related remote code execution vulnerability.

tags | exploit, remote, web, code execution
advisories | CVE-2023-47271
SHA-256 | 894453dd71b738c757ad44c73e02be6e0af26e1e261f945b9dc8f20a9ebb348e
ISPConfig 3.2.11 PHP Code Injection
Posted Dec 8, 2023
Authored by EgiX | Site karmainsecurity.com

ISPConfig versions 4.2.11 and below suffer from a PHP code injection vulnerability in language_edit.php.

tags | exploit, php
advisories | CVE-2023-46818
SHA-256 | d5776b6c39736c11bc5b6ee2bae4179fb341f58ff08665b96718f64ac8b63242
phpFox 4.8.13 PHP Object Injection
Posted Oct 27, 2023
Authored by EgiX | Site karmainsecurity.com

phpFox versions 4.8.13 and below have an issue where user input passed through the "url" request parameter to the /core/redirect route is not properly sanitized before being used in a call to the unserialize() PHP function. This can be exploited by remote, unauthenticated attackers to inject arbitrary PHP objects into the application scope, allowing them to perform a variety of attacks, such as executing arbitrary PHP code.

tags | exploit, remote, arbitrary, php
advisories | CVE-2023-46817
SHA-256 | ee85170a47f6253886312ffd969da7bc6af218c972178b1c78103cec1ae79a03
SugarCRM 13.0.1 Shell Upload
Posted Oct 27, 2023
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions 13.0.1 and below suffer from a remote shell upload vulnerability in the set_note_attachment SOAP call.

tags | exploit, remote, shell
SHA-256 | f051a516487d8fd4a224aa9c883a0ab530f400da930805694f2f73cbeae5a487
SugarCRM 13.0.1 Server-Side Template Injection
Posted Oct 27, 2023
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions 13.0.1 and below suffer from a server-side template injection vulnerability in the GetControl action from the Import module. This issue can be leveraged to execute arbitrary php code.

tags | exploit, arbitrary, php
SHA-256 | 482a650864ca894b028d96d1341d94b0fd22a59191625c172302fe115ad4deb5
CrafterCMS 4.0.2 Cross Site Scripting
Posted Aug 23, 2023
Authored by EgiX | Site karmainsecurity.com

CrafterCMS versions 4.0.2 and below suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
advisories | CVE-2023-4136
SHA-256 | 4048cc73ca79593508defbbf3c0df5f379960818368d8961aa031904ca5e521e
SugarCRM 12.2.0 SQL Injection
Posted Aug 23, 2023
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions 12.2.0 and below suffer from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2023-35811
SHA-256 | 7ac3dd76029909e92ecbb32df56339dca3e9412efcdf8b96b27046af6d4ffb09
SugarCRM 12.2.0 PHP Object Injection
Posted Aug 23, 2023
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions 12.2.0 and below suffer from a PHP object injection vulnerability.

tags | exploit, php
advisories | CVE-2023-35810
SHA-256 | 32f7ef69ef5791e90290f62780a766a77c6238a01e2c71417b234a5b64db910c
SugarCRM 12.2.0 Bean Manipulation
Posted Aug 23, 2023
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions 12.2.0 suffer from a bean manipulation vulnerability that can allow for privilege escalation.

tags | exploit
advisories | CVE-2023-35809
SHA-256 | 1078818f691b65f6434800472b38689394026e833cc221fb0566161b653d1103
SugarCRM 12.2.0 Shell Upload
Posted Aug 23, 2023
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions 12.2.0 and below suffers from a multiple step remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2023-35808
SHA-256 | 6bee957dcfc710f3709d5cc3ba3aa33ecb6f07d987d6836c2df36e2f2011c8a8
Tiki Wiki CMS Groupware 24.1 tikiimporter_blog_wordpress.php PHP Object Injection
Posted Jan 10, 2023
Authored by EgiX | Site karmainsecurity.com

Tiki Wiki CMS Groupware versions 24.1 and below suffer from a PHP object injection vulnerability in tikiimporter_blog_wordpress.php.

tags | exploit, php
advisories | CVE-2023-22851
SHA-256 | 1b6698ff49dd75e5444eb0fdffd03d9806fd9c813b8e9255172cc30fc8eee07c
Tiki Wiki CMS Groupware 24.0 grid.php PHP Object Injection
Posted Jan 10, 2023
Authored by EgiX | Site karmainsecurity.com

Tiki Wiki CMS Groupware versions 24.0 and below suffers from a PHP object injection vulnerability in grid.php.

tags | exploit, php
advisories | CVE-2023-22580
SHA-256 | 2ec6d4c5f2c778a5cba091671d5430e465c12ac9843c5cd81c7a60ef025d78c5
Tiki Wiki CMS Groupware 24.0 structlib.php Code Execution
Posted Jan 10, 2023
Authored by EgiX | Site karmainsecurity.com

Tiki Wiki CMS Groupware versions 24.0 and below suffer from a PHP code injection vulnerability in structlib.php.

tags | exploit, php
advisories | CVE-2023-22853
SHA-256 | 78cc87727c56dfa65396d9be9770b8f57ca776f333384898c9697700f5975390
Tiki Wiki CMS Groupware 25.0 Cross Site Request Forgery
Posted Jan 10, 2023
Authored by EgiX | Site karmainsecurity.com

Tiki Wiki CMS Groupware versions 25.0 and below suffer from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2023-22852
SHA-256 | e6e385bd593b19e51fd23dc7a81743ae9a7caac91f486e077758222133af8248
Drupal H5P Module 2.0.0 Zip Slip Traversal
Posted Dec 5, 2022
Authored by EgiX | Site karmainsecurity.com

Drupal H5P Module versions 2.0.0 and below suffer from a traversal vulnerability when handling a zipped filename on windows.

tags | exploit, file inclusion
systems | windows
SHA-256 | 29cd61d23f4b78dbb93cdc479cba570c70b094e72db31910170d0c3eb73d58f8
vBulletin 5.5.2 PHP Object Injection
Posted Nov 28, 2022
Authored by EgiX | Site karmainsecurity.com

vBulletin versions 5.5.2 and below suffers from an issue where user input passed through the "messageids" request parameter to /ajax/api/vb4_private/movepm is not properly sanitized before being used in a call to the unserialize() PHP function. This can be exploited by malicious users to inject arbitrary PHP objects into the application scope, allowing them to carry out a variety of attacks, such as executing arbitrary PHP code.

tags | exploit, arbitrary, php
SHA-256 | 642eb80065f04eaf2d94765043c9d033ac86f7e4e3dda966ce90660dd7167e15
Joomla! 4.1.0 Zip Slip File Overwrite / Path Traversal
Posted Mar 30, 2022
Authored by EgiX | Site karmainsecurity.com

Joomla! versions 4.1.0 and below suffer from path traversal and file overwrite vulnerabilities due to misplaced trust in the handling of compressed archives.

tags | exploit, vulnerability
advisories | CVE-2022-23793
SHA-256 | 3659bb2a193b54ec58750cfb109d9f00cfd739f7828d6a6d4fdff0e0ff2be911
ImpressCMS 1.4.2 SQL Injection / Remote Code Execution
Posted Mar 23, 2022
Authored by EgiX | Site karmainsecurity.com

ImpressCMS versions 1.4.2 and below pre-authentication SQL injection to remote code execution exploit. User input passed through the "groups" POST parameter to the /include/findusers.php script is not properly sanitized before being passed to the icms_member_Handler::getUserCountByGroupLink() and icms_member_Handler::getUsersByGroupLink() methods. These methods use the first argument to construct a SQL query without proper validation, and this can be exploited by remote attackers to e.g. read sensitive data from the "users" database table through boolean-based SQL Injection attacks. The application uses PDO as a database driver, which allows for stacked SQL queries, as such this vulnerability could be exploited to e.g. create a new admin user and execute arbitrary PHP code.

tags | exploit, remote, arbitrary, php, code execution, sql injection
advisories | CVE-2021-26598, CVE-2021-26599
SHA-256 | 576e64698cc9d7062dccead415b9bdbbe2c02e4ae86258cd980164b5e56355cc
ImpressCMS 1.4.2 SQL Injection
Posted Mar 22, 2022
Authored by EgiX | Site karmainsecurity.com

ImpressCMS versions 1.4.3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2021-26599
SHA-256 | fb068f3b5b726ef7f6497f8040c8f0b94fc6749a1851c9e7f05fdbae0ca41fa0
ImpressCMS 1.4.2 Incorrect Access Control
Posted Mar 22, 2022
Authored by EgiX | Site karmainsecurity.com

ImpressCMS versions 1.4.2 and below suffer from an incorrect access control vulnerability.

tags | exploit
advisories | CVE-2021-26598
SHA-256 | 4b55169e7ddd7a9da312a1bb940bbd4357b7a28a5e228523903848b5c2e04d5f
ImpressCMS 1.4.2 Path Traversal
Posted Mar 22, 2022
Authored by EgiX | Site karmainsecurity.com

ImpressCMS versions 1.4.2 and below suffer from a path traversal vulnerability that can allow for arbitrary file deletion.

tags | exploit, arbitrary
advisories | CVE-2021-26601
SHA-256 | 54cb7c2588875cdae13b83017043e25037564efb357fe49a475251f02139a0d4
ImpressCMS 1.4.2 Authentication Bypass
Posted Mar 22, 2022
Authored by EgiX | Site karmainsecurity.com

ImpressCMS versions 1.4.2 and below suffer from an authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2021-26600
SHA-256 | d8dfe7df740ddc2041569cf9735ee4180779ccae9c55e66d12ed7119dce09379
Concrete5 8.5.5 Phar Deserialization
Posted Jul 20, 2021
Authored by EgiX | Site karmainsecurity.com

Concrete5 versions 8.5.5 suffer from a logging settings phar deserialization vulnerability. User input passed through the logFile request parameter is not properly sanitized before being used in a call to the file_exists() function at line 91. This can be exploited by malicious users to inject arbitrary PHP objects into the application scope (PHP Object Injection via phar:// stream wrapper), allowing them to carry out a variety of attacks, such as executing arbitrary PHP code. Successful exploitation of this vulnerability requires an administrator account.

tags | advisory, arbitrary, php
advisories | CVE-2021-36766
SHA-256 | 4737c6d7d22010e52296503aaa366abc55f04d975b7b1fd092c8c80e1a164e8a
IPS Community Suite 4.5.4.2 PHP Code Injection
Posted May 31, 2021
Authored by EgiX | Site karmainsecurity.com

IPS Community Suite versions 4.5.4.2 and below suffer from a PHP code injection vulnerability. The vulnerability exists because the IPS\cms\modules\front\pages\_builder::previewBlock() method allows to pass arbitrary content to the IPS\_Theme::runProcessFunction() method, which will be used in a call to the eval() PHP function. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires an account with permission to manage the sidebar (such as a Moderator or Administrator) and the "cms" application to be enabled.

tags | exploit, arbitrary, php
advisories | CVE-2021-32924
SHA-256 | 392b40ad40c330e4deb04c99f4ff988666d96d0c4e3c606a17ec99241047911a
Page 1 of 8
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close