what you don't know can hurt you
Showing 1 - 25 of 81 RSS Feed

Files from Yorick Koster

Real NameYorick Koster
Email addressprivate
Websitenl.linkedin.com/in/yorickkoster
First Active2009-07-17
Last Active2017-07-03
View User Profile
InsomniaX 2.1.8 Arbitrary Kernel Extension Loading
Posted Jul 3, 2017
Authored by Yorick Koster

It was found that the loader application bundled with InsomniaX can be used to load arbitrary Kernel Extensions (kext). The loader is normally used to load a kext file that is needed to disable the Lid Sleep. A flaw has been found in the loader that allows a local attacker to load (or unload) any arbitrary kext file. Version 2.1.8 is affected.

tags | exploit, arbitrary, kernel, local
MD5 | 703ccd1c6eecfd818433456c702fa221
MediaWiki SyntaxHighlight Extension Option Injection
Posted May 20, 2017
Authored by Yorick Koster | Site metasploit.com

This Metasploit module exploits an option injection vulnerability in the SyntaxHighlight extension of MediaWiki. It tries to create and execute a PHP file in the document root. The USERNAME and PASSWORD options are only needed if the Wiki is configured as private. This vulnerability affects any MediaWiki installation with SyntaxHighlight version 2.0 installed and enabled. This extension ships with the AIO package of MediaWiki version 1.27.x and 1.28.x. A fix for this issue is included in MediaWiki version 1.28.2 and version 1.27.3.

tags | exploit, root, php
advisories | CVE-2017-0372
MD5 | 1b15a640f92c98f62fa52a0340553730
SyntaxHighlight 2.0 MediaWiki 1.28.0 Stored Cross Site Scripting
Posted Apr 29, 2017
Authored by Yorick Koster, Securify B.V.

A vulnerability was found in the SyntaxHighlight MediaWiki extension. Using this vulnerability it is possible for an anonymous attacker to pass arbitrary options to the Pygments library. By specifying specially crafted options, it is possible for an attacker to trigger a (stored) cross site scripting condition. In addition, it allows the creating of arbitrary files containing user-controllable data. Depending on the server configuration, this can be used by an anonymous attacker to execute arbitrary PHP code. This issue was tested on SyntaxHighlight version 2.0 as bundled with MediaWiki version 1.28.0.

tags | exploit, arbitrary, php, xss
advisories | CVE-2017-0372
MD5 | c2f465d0fafdbcf4b9a63fb413f084f5
WordPress Connection Information Cross Site Request Forgery
Posted Apr 20, 2017
Authored by Yorick Koster, Securify B.V.

The FTP/SSH form functionality of WordPress was found to be vulnerable to cross site request forgery. WordPress versions 4.5.3 through 4.7.4 are affected.

tags | exploit, csrf
MD5 | 25a2023423f7860059c0e4cb8e179437
Microsoft Office OneNote 2007 DLL Hijacking
Posted Apr 11, 2017
Authored by Yorick Koster, Securify B.V.

Microsoft Office OneNote 2007 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
MD5 | b33e14dcb95985bd6976931c23b1f515
WordPress 4.5.3 Audio Playlist Cross Site Scripting
Posted Mar 7, 2017
Authored by Yorick Koster, Securify B.V.

WordPress version 4.5.3 Audio Playlist suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 03337762b5f9e7ec64dbec0de777fb10
WordPress Google Analytics Dashboard 2.1.1 Cross Site Scripting
Posted Mar 3, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Google Analytics Dashboard plugin version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2e909e9b3784d3c4edbbc4b193525cfd
WordPress Simple Ads Manager 2.9.8.125 PHP Object Injection
Posted Mar 3, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Simple Ads Manager plugin version 2.9.8.125 suffers from a PHP object injection vulnerability.

tags | exploit, php
MD5 | d7391c18f04b169df0122e11b1c3dec8
WordPress Global Content Blocks 2.1.5 Cross Site Request Forgery
Posted Mar 3, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Global Content Blocks plugin version 2.1.5 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 5b31f6714683c6a8b78dc4e25ca2f915
WordPress Trust Form 2.0 Cross Site Scripting
Posted Mar 1, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Trust Form plugin version 2.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0b6b3c587ffe92e244f5f47cd441a34b
WordPress Analytics Stats Counter Statistics 1.2.2.5 PHP Object Injection
Posted Mar 1, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Analytics Stats Counter Statistics plugin version 1.2.2.5 suffers from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 91725ba3f4733fa4edc420ef97e32a71
WordPress WP-Filebase Download Manager 3.4.4 Cross Site Scripting
Posted Mar 1, 2017
Authored by Yorick Koster, Securify B.V.

WordPress WP-Filebase Download Manager plugin version 3.4.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 4f499c320142a12309354e0c8e429872
WordPress InfiniteWP Client 1.5.1.3 / 1.6.0 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress InfiniteWP Client plugin versions 1.5.1.3 and 1.6.0 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 46b274061e0acc0178360b285063f6b1
WordPress CMS Commander Client 2.21 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress CMS Command Client plugin version 2.21 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 9a7027555b61d92952f9550a552cf56f
WordPress Google Forms 0.87 PHP Object Injection
Posted Jan 25, 2017
Authored by Yorick Koster, Securify B.V.

WordPress Google Forms plugin versions 0.8 through 0.87 suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 4808b37b794d5488075cea57599da9e2
WordPress Insert Html Snippet 1.2 Cross Site Request Forgery
Posted Nov 29, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Insert Html Snippet plugin version 1.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 70597e9717e758afa7044c6df0d23a30
WordPress Canvas - Shortcodes 1.92 Cross Site Scripting
Posted Nov 20, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Canvas - Shortcodes plugin version 1.92 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | ac57cb7f2f79a37fd85211132454a1b0
WordPress All In One WP Security And Firewall 4.1.9 Cross Site Scripting
Posted Nov 16, 2016
Authored by Yorick Koster

WordPress All In One WP Security and Firewall plugin versions 4.1.4 through 4.1.9 suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | f1fd96f6d916037091611e289d77d3c5
Office OLE DLL Hijacking
Posted Nov 10, 2016
Authored by Yorick Koster | Site metasploit.com

Multiple DLL side loading vulnerabilities were found in various COM components. These issues can be exploited by loading various these components as an embedded OLE object. When instantiating a vulnerable object Windows will try to load one or more DLLs from the current working directory. If an attacker convinces the victim to open a specially crafted (Office) document from a directory also containing the attacker's DLL file, it is possible to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system.

tags | exploit, arbitrary, vulnerability
systems | windows
advisories | CVE-2015-6128, CVE-2015-6132, CVE-2015-6133, CVE-2016-0041, CVE-2016-0100, CVE-2016-3235
MD5 | c734500622c23c1e5aa6ef03bf99c10b
WordPress Quotes Collection 2.0.5 Cross Site Scripting
Posted Nov 8, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Quotes Collection plugin version 2.0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | bc366a974dcdbff135ba8c177ff78ff6
WordPress YITH WooCommerce Compare 2.0.9 PHP Object Injection
Posted Nov 8, 2016
Authored by Yorick Koster, Securify B.V.

WordPress YITH WooCommerce Compare plugin version 2.0.9 suffers from a PHP object injection vulnerability.

tags | exploit, php
MD5 | 31616f34fc67b6800ac686eebe3d57f6
WordPress 4.5.3 Core Ajax Handlers Path Traversal
Posted Aug 22, 2016
Authored by Yorick Koster, Securify B.V.

WordPress version 4.5.3 suffers from a path traversal vulnerability in the core ajax handlers.

tags | exploit, file inclusion
MD5 | 86202315200d9f97b0bc453c74dc5b93
WordPress Peter's Login Redirect 2.9.0 XSS / CSRF
Posted Aug 15, 2016
Authored by Yorick Koster, Securify B.V.

WordPress Peter's Login Redirect plugin version 2.9.0 suffers from cross site scripting and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 164261e2b6677c675ff9d7ad23a326d9
DLL Side Loading In VMware Host Guest Client Redirector
Posted Aug 11, 2016
Authored by Yorick Koster | Site metasploit.com

A DLL side loading vulnerability was found in the VMware Host Guest Client Redirector, a component of VMware Tools. This issue can be exploited by luring a victim into opening a document from the attacker's share. An attacker can exploit this issue to execute arbitrary code with the privileges of the target user. This can potentially result in the attacker taking complete control of the affected system. If the WebDAV Mini-Redirector is enabled, it is possible to exploit this issue over the internet.

tags | exploit, arbitrary
advisories | CVE-2016-5330
MD5 | 17d5e356d106a90bcd1762361be04821
Microsoft Internet Explorer Local File Name Disclosure
Posted Aug 9, 2016
Authored by Yorick Koster, Securify B.V.

Microsoft Internet Explorer suffers from an iframe sandbox local file name disclosure vulnerability.

tags | advisory, local, info disclosure
advisories | CVE-2016-3321
MD5 | 376f6201c7fdd9986dd43f743ee646b7
Page 1 of 4
Back1234Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close