exploit the possibilities
Showing 1 - 25 of 64 RSS Feed

Files from dun

Email addressdun at strcpy.eu
First Active2007-08-14
Last Active2014-10-14
Bosch Security Systems DVR 630/650/670 Root Shell / Password Disclosure
Posted Oct 14, 2014
Authored by dun

Bosch Security Systems DVR 630/650/670 series systems suffer from remote command execution as root and administrative password disclosure vulnerabilities.

tags | exploit, remote, root, vulnerability, info disclosure
MD5 | 719dd71f72a8aca1337281c76c2924d8
Allied Telesis AT-MCF2000M 3.0.2 Local Root
Posted Jan 3, 2013
Authored by dun

Allied Telesis AT-MCF2000M version 3.0.2 suffers from a local root-level privilege escalation vulnerability.

tags | exploit, local, root
MD5 | 4c2584b5e94ec7f5f55d14a740bab7e3
Narcissus Image Configuration Passthru
Posted Nov 21, 2012
Authored by dun, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in Narcissus image configuration function. This is due to the backend.php file not handling the $release parameter properly, and then passes it on to the configure_image() function. In this function, the $release parameter can be used to inject system commands for passthru (a PHP function that's meant to be used to run a bash script by the vulnerable application), which allows remote code execution under the context of the web server.

tags | exploit, remote, web, php, code execution, bash
MD5 | 7e5ccde71d249ff814c86c697a3cde11
Narcissus Remote Command Execution
Posted Nov 15, 2012
Authored by dun

Narcissus online image builder suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 22a534aae90a11b4f47267228486925b
dotProject 2.1.6 Remote File Inclusion
Posted Nov 15, 2012
Authored by dun

dotProject versions 2.1.6 and below suffer from a remote file inclusion vulnerability.

tags | exploit, remote, code execution, file inclusion
advisories | OSVDB-23213
MD5 | 685aa21c038e71ef7a0f03b8c14b5724
netOffice Dwins 1.4p3 SQL Injection
Posted Nov 9, 2012
Authored by dun

netOffice Dwins versions 1.4p3 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 5aeeed58f4247c77cb22adf0adc12ea2
Sflog! CMS 1.0 Arbitrary File Upload
Posted Sep 7, 2012
Authored by dun, sinn3r | Site metasploit.com

This Metasploit module exploits multiple design flaws in Sflog 1.0. By default, the CMS has a default admin credential of "admin:secret", which can be abused to access administrative features such as blogs management. Through the management interface, we can upload a backdoor that's accessible by any remote user, and then gain arbitrary code execution.

tags | exploit, remote, arbitrary, code execution
advisories | OSVDB-83767
MD5 | 12ae94a4a6178fe449f24fdbf74b4c20
WebPA 1.1.0.1 File Upload / Add Administrator
Posted Aug 24, 2012
Authored by dun

WebPA versions 1.1.0.1 and below suffers from add administrator and arbitrary file upload vulnerabilities.

tags | exploit, arbitrary, vulnerability, bypass, file upload
MD5 | 3c213bf9e0a7f33fc0e2999108c7fdc6
WeBid 1.0.4 RFI / File Disclosure / SQL Injection
Posted Aug 17, 2012
Authored by dun

WeBid versions 1.0.4 and below suffer from local file disclosure, remote file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, sql injection, file inclusion
MD5 | ac9c4aac1cb4fe45a1096c644e47b339
WebPageTest Arbitrary PHP File Upload
Posted Aug 1, 2012
Authored by dun, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in WebPageTest's Upload Feature. By default, the resultimage.php file does not verify the user-supplied item before saving it to disk, and then places this item in the web directory accessable by remote users. This flaw can be abused to gain remote code execution.

tags | exploit, remote, web, php, code execution
advisories | OSVDB-83822
MD5 | c1b226b0a2afb2c37bcc29968221e367
WebPageTest 2.6 Shell Upload / File Disclosure / File Deletion
Posted Jul 13, 2012
Authored by dun

WebPageTest versions 2.6 and below suffer from local file inclusion, shell upload, file disclosure, and file deletion vulnerabilities.

tags | exploit, shell, local, vulnerability, file inclusion
MD5 | 6fe7fd922ccfc07bdf20f4269f11c32e
sflog! 1.00 LFI / Password Disclosure / Shell Upload
Posted Jul 6, 2012
Authored by dun

sflog! versions 1.00 and below suffer from local file inclusion, administrative password disclosure, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion, info disclosure
MD5 | f7595d6fc73ab2011bfdc0c93d3b352c
phpMyBackupPro 2.2 Local File Inclusion
Posted Jul 3, 2012
Authored by dun

phpMyBackupPro versions 2.2 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | aa8e9c79f09bd7316bd9dced5a67ba68
webERP 4.08.1 Local File Inclusion / Remote File Inclusion
Posted Jun 28, 2012
Authored by dun

webERP versions 4.08.1 and below suffer from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
MD5 | 29897d5e0da40e62521121cbf9e7bd4c
UCCASS 1.8.1 Blind SQL Injection
Posted Jun 25, 2012
Authored by dun

UCCASS versions 1.8.1 and below suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 1b88abfe3d8466786ced75eea0d38b68
WEBO Site SpeedUp 1.6.1 Local File Inclusion / Remote File Inclusion
Posted Jun 24, 2012
Authored by dun

WEBO Site SpeedUp versions 1.6.1 and below suffer from local file inclusion and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
MD5 | c648f85ddde348ddde858bf3f5bbc613
LimeSurvey 1.92+ Build120620 Remote File Inclusion / Traversal
Posted Jun 23, 2012
Authored by dun

LimeSurvey version 1.92+ Build 120620 suffers from remote file inclusion and traversal vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion
MD5 | e430b74e92d64901e8aa4eee3b3caf9e
Joomla Captcha 4.5.1 File Disclosure
Posted Jan 10, 2011
Authored by dun

Joomla Captcha plugin versions 4.5.1 and below suffer from a file disclosure vulnerability.

tags | exploit, info disclosure
MD5 | 8f27c42889b83425c6e11ecb81ef5b9f
Sahana Agasti 0.6.5 Local File Inclusion / Shell Upload
Posted Jan 8, 2011
Authored by dun

Sahana Agasti versions 0.6.5 and below suffer from local file inclusion, configuration disclosure, and shell upload vulnerabilities.

tags | exploit, shell, local, vulnerability, file inclusion
MD5 | a6483f98c28741a0d17df20f1f98ddb2
PhpGedView 4.2.3 Local File Inclusion
Posted Jan 5, 2011
Authored by dun

PhpGedView versions 4.2.3 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 877502e76913166a7d694cff9f1ababd
Sahana Agasti 0.6.4 SQL Injection
Posted Jan 3, 2011
Authored by dun

Sahana Agasti versions 0.6.4 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | a88ad6edc2dc0328288895930eefae2a
ChurchInfo 1.2.12 SQL Injection
Posted Jan 1, 2011
Authored by dun

ChurchInfo versions 1.2.12 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | af118b8d4ba1169cc144e4059a16a71b
Star Downloader Free 1.45 Overwrite
Posted Apr 15, 2009
Authored by dun

Star Downloader Free versions 1.45 and below universal SEH overwrite exploit.

tags | exploit
MD5 | 52a2c7b50a848bce55d5c871d4b64095
HTML Email Creator 2.1b668 Overwrite
Posted Apr 14, 2009
Authored by dun

HTML Email Creator versions 2.1b668 and below local SEH overwrite exploit.

tags | exploit, local
MD5 | e6adee73c13f55b2a3fd5edbea6260cb
Jinzora Media Jukebox 2.8 Local File Inclusion
Posted Mar 25, 2009
Authored by dun

Jinzora Media Jukebox versions 2.8 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | c3db3ab7ef8a6a2682620c3cff1e1d97
Page 1 of 3
Back123Next

File Archive:

May 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    16 Files
  • 2
    May 2nd
    8 Files
  • 3
    May 3rd
    8 Files
  • 4
    May 4th
    2 Files
  • 5
    May 5th
    1 Files
  • 6
    May 6th
    15 Files
  • 7
    May 7th
    22 Files
  • 8
    May 8th
    16 Files
  • 9
    May 9th
    17 Files
  • 10
    May 10th
    16 Files
  • 11
    May 11th
    3 Files
  • 12
    May 12th
    4 Files
  • 13
    May 13th
    25 Files
  • 14
    May 14th
    24 Files
  • 15
    May 15th
    78 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    12 Files
  • 18
    May 18th
    2 Files
  • 19
    May 19th
    1 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    16 Files
  • 22
    May 22nd
    3 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close