Showing 1 - 25 of 168

Files from EgiX

Email address	n0b0d13s at gmail.com
First Active	2007-07-31
Last Active	2021-03-15

ExpressionEngine 6.0.2 PHP Code Injection: Posted Mar 15, 2021; Authored by EgiX | Site karmainsecurity.com; ExpressionEngine versions 6.0.2 and below suffer from a Translate::save PHP code injection vulnerability.; tags | exploit, php; advisories | CVE-2021-27230; MD5 | ef038368400297010e360e1916e2d2fe; Download | Favorite | View

docsify 4.11.6 Cross Site Scripting: Posted Feb 22, 2021; Authored by EgiX; docsify versions 4.11.6 and below suffer from a cross site scripting vulnerability. This vulnerability exists due to an incomplete fix for CVE-2020-7680.; tags | advisory, xss; advisories | CVE-2020-7680, CVE-2021-23342; MD5 | 4f1f48238c4e1aa6fdf3106d9952a98f; Download | Favorite | View

IPS Community Suite 4.5.4 SQL Injection: Posted Jan 6, 2021; Authored by EgiX | Site karmainsecurity.com; IPS Community Suite versions 4.5.4 and below suffer from a remote SQL injection vulnerability in the Downloads REST API.; tags | exploit, remote, sql injection; advisories | CVE-2021-3025; MD5 | dbfe43c17c45eb62df239a2a07b7e8db; Download | Favorite | View

qdPM 9.1 PHP Object Injection: Posted Dec 31, 2020; Authored by EgiX | Site karmainsecurity.com; qdPM versions 9.1 and below suffer from an executeExport PHP object injection vulnerability.; tags | exploit, php; advisories | CVE-2020-26165; MD5 | 59a37dff15f2cdae915eeb5509b2b6a3; Download | Favorite | View

SugarCRM SQL Injection: Posted Aug 12, 2020; Authored by EgiX; SugarCRM versions prior to 10.1.10 suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2020-17373; MD5 | 1e905e5f22cd6342f9072a100d0f76d0; Download | Favorite | View

SugarCRM Cross Site Scripting: Posted Aug 12, 2020; Authored by EgiX; SugarCRM versions prior to 10.1.10 suffer from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2020-17372; MD5 | 183b85c8b4288860f9bd1feb70ed8796; Download | Favorite | View

openSIS 7.4 Unauthenticated PHP Code Execution: Posted Jul 6, 2020; Authored by EgiX | Site metasploit.com; This Metasploit module exploits multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The exploit chain abuses an incorrect access control issue which allows access to scripts which should require the user to be authenticated, and a local file inclusion to reach a SQL injection vulnerability which results in execution of arbitrary PHP code due to an unsafe use of the eval() function.; tags | exploit, arbitrary, local, php, vulnerability, sql injection, file inclusion; advisories | CVE-2020-13381, CVE-2020-13382, CVE-2020-13383; MD5 | 07a638401a07dae3fe0cc15b5a196965; Download | Favorite | View

openSIS 7.4 SQL Injection: Posted Jun 30, 2020; Authored by EgiX | Site karmainsecurity.com; openSIS versions 7.4 and below suffer from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; advisories | CVE-2020-13380, CVE-2020-13381; MD5 | a2debfb35200111f560b317b09d7483a; Download | Favorite | View

openSIS 7.4 Local File Inclusion: Posted Jun 30, 2020; Authored by EgiX | Site karmainsecurity.com; openSIS versions 7.4 and below suffer from a local file inclusion vulnerability.; tags | exploit, local, file inclusion; advisories | CVE-2020-13383; MD5 | 34773fe08298e4f70971b2ca475bfba4; Download | Favorite | View

openSIS 7.4 Incorrect Access Control: Posted Jun 30, 2020; Authored by EgiX | Site karmainsecurity.com; openSIS versions 7.4 and below suffer from an access bypass vulnerability.; tags | exploit, bypass; advisories | CVE-2020-13382; MD5 | 4cebf3ba915295798f97385106aeba1b; Download | Favorite | View

SuiteCRM 7.11.10 SQL Injection: Posted Feb 13, 2020; Authored by EgiX | Site karmainsecurity.com; SuiteCRM versions 7.11.10 and below suffer from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; advisories | CVE-2020-8804; MD5 | e563a245d3450a08dc89409be7d351e6; Download | Favorite | View

SuiteCRM 7.11.11 Broken Access Control / Local File Inclusion: Posted Feb 13, 2020; Authored by EgiX | Site karmainsecurity.com; SuiteCRM versions 7.11.11 and below suffer from an add_to_prospect_list broken access control that allows for local file inclusion attacks.; tags | exploit, local, file inclusion; advisories | CVE-2020-8803; MD5 | 30243acc735a0a74cd60961a8b809988; Download | Favorite | View

SuiteCRM 7.11.11 Bean Manipulation: Posted Feb 13, 2020; Authored by EgiX | Site karmainsecurity.com; SuiteCRM versions 7.11.11 and below suffer from an action_saveHTMLField bean manipulation vulnerability.; tags | exploit; advisories | CVE-2020-8802; MD5 | 5b37a8d65609f140a2d503b2ba0f5aea; Download | Favorite | View

SuiteCRM 7.11.11 Phar Deserialization: Posted Feb 13, 2020; Authored by EgiX | Site karmainsecurity.com; SuiteCRM versions 7.11.11 and below suffer from multiple phar deserialization vulnerabilities.; tags | exploit, vulnerability; advisories | CVE-2020-8801; MD5 | 40555272df9e2fe2b9399bbc7bb54c0a; Download | Favorite | View

SuiteCRM 7.11.11 Second-Order PHP Object Injection: Posted Feb 13, 2020; Authored by EgiX | Site karmainsecurity.com; SuiteCRM versions 7.11.11 and below suffer from a second-order php object injection vulnerability.; tags | exploit, php; advisories | CVE-2020-8800; MD5 | ea4d3494a5be75e5e45932ce2189d4c2; Download | Favorite | View

YouPHPTube 7.7 SQL Injection: Posted Dec 4, 2019; Authored by EgiX | Site karmainsecurity.com; YouPHPTube versions 7.7 and below suffer from a remote SQL injection vulnerability in getChat.json.php.; tags | exploit, remote, php, sql injection; advisories | CVE-2019-18662; MD5 | bda45fa0236ae4d5e784d5a3ac75112a; Download | Favorite | View

SugarCRM 9.0.1 Phar Deserialization: Posted Oct 11, 2019; Authored by EgiX | Site karmainsecurity.com; SugarCRM versions 9.0.1 and below suffer from multiple phar deserialization vulnerabilities.; tags | exploit, vulnerability; MD5 | 9b8f9b6b6a519339498cc83d2af280ce; Download | Favorite | View

SugarCRM 9.0.1 PHP Object Injection: Posted Oct 11, 2019; Authored by EgiX | Site karmainsecurity.com; SugarCRM versions 9.0.1 and below suffer from multiple php object injection vulnerabilities.; tags | exploit, php, vulnerability; MD5 | 7b2fd6425395925d0bd77736e7cd43cc; Download | Favorite | View

SugarCRM 9.0.1 PHP Code Injection: Posted Oct 11, 2019; Authored by EgiX | Site karmainsecurity.com; SugarCRM versions 9.0.1 and below suffer from multiple PHP code injection vulnerabilities.; tags | exploit, php, vulnerability; MD5 | 1138730283969f03621d804b3942381f; Download | Favorite | View

SugarCRM 9.0.1 Path Traversal: Posted Oct 11, 2019; Authored by EgiX | Site karmainsecurity.com; SugarCRM versions 9.0.1 and below suffer from multiple path traversal vulnerabilities.; tags | exploit, vulnerability; MD5 | 07e61544723cdaf57099f0133cbf81e8; Download | Favorite | View

SugarCRM 9.0.1 Broken Access Controls: Posted Oct 11, 2019; Authored by EgiX | Site karmainsecurity.com; SugarCRM versions 9.0.1 and below suffer from multiple broken access control vulnerabilities.; tags | exploit, vulnerability; MD5 | 1168050e8aead52cc4050329687aece7; Download | Favorite | View

SugarCRM 9.0.1 SQL Injection: Posted Oct 11, 2019; Authored by EgiX | Site karmainsecurity.com; SugarCRM versions 9.0.1 and below suffer from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; MD5 | d7d53f88e5bd5cf9486ffe6a36ff47b3; Download | Favorite | View

SugarCRM 9.0.1 Cross Site Scripting: Posted Oct 11, 2019; Authored by EgiX | Site karmainsecurity.com; SugarCRM versions 9.0.1 and below suffer from multiple reflective cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; MD5 | a36ef60c0e8d40f91c64cce4c99d669a; Download | Favorite | View

vBulletin 5.5.4 Remote Code Execution: Posted Oct 7, 2019; Authored by EgiX | Site karmainsecurity.com; vBulletin versions 5.5.4 and below suffers from an updateAvatar remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2019-17132; MD5 | 2bd3e76b0d1ad20fdb921832d6d49f29; Download | Favorite | View

vBulletin 5.5.4 SQL Injection: Posted Oct 7, 2019; Authored by EgiX | Site karmainsecurity.com; vBulletin versions 5.5.4 and below suffer from multiple remote SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection; advisories | CVE-2019-17271; MD5 | cd33cc4dfeb49e4f86dc27d6697a4e0a; Download | Favorite | View

Page 1 of 7 Back 1 2 3 4 5 Next

Top Authors In Last 30 Days

Red Hat 102 files
malvuln 45 files
Ubuntu 42 files
Richard Jones 12 files
Erik Wynter 4 files
Gentoo 4 files
Rajvardhan Agarwal 4 files
nu11secur1ty 4 files
Christophe de la Fuente 3 files
thc 3 files

File Archives

Systems

AIX (421)
Apple (1,781)
BSD (368)
CentOS (53)
Cisco (1,904)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (4,044)
HPUX (873)
iOS (288)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (39,758)
Mac OS X (676)
Mandriva (3,105)
NetBSD (255)
OpenBSD (474)
RedHat (9,902)
Slackware (941)
Solaris (1,598)
SUSE (1,444)
Ubuntu (7,205)
UNIX (8,878)
UnixWare (180)
Windows (5,903)
Other

Files from EgiX

File Archive:

April 2021

Top Authors In Last 30 Days

File Tags

File Archives

Systems