Exploit the possiblities
Showing 1 - 25 of 50 RSS Feed

Files from loneferret

First Active2009-12-07
Last Active2016-08-16
Pi-Hole 2.8.1 Cross Site Scripting
Posted Aug 16, 2016
Authored by loneferret

Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | d49bdf23f29f72daef3eba5b800e72e7
Cyclope Employee Surveillance 8.6.1 Insecure File Permissions
Posted Dec 8, 2015
Authored by loneferret

Cyclope Employee Surveillance versions 8.6.1 and below suffer from a multiple of insecure file permission vulnerabilities.

tags | exploit, vulnerability
MD5 | b72c3bfb23f92b4d53b915de53aba29a
eM Client 5.0.18025.0 Cross Site Scripting
Posted Sep 10, 2013
Authored by loneferret

eM Client e-mail client version 5.0.18025.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
MD5 | 2de1171d49248dfed29a3e6e307ba37b
PHP Server Monitor Cross Site Scripting
Posted Nov 21, 2012
Authored by loneferret

PHP Server Monitor version 2.0.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, php, xss
MD5 | caffbc579718d12d473e546682d61691
WeBid 1.0.5 Directory Traversal
Posted Nov 19, 2012
Authored by loneferret

WeBid versions 1.0.5 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 31ed75fecbce02be4931928c1382a5e4
Web Help Desk 11.0.7 Cross Site Scripting
Posted Oct 8, 2012
Authored by loneferret

Web Help Desk version 11.0.7 suffers from a stored cross site scripting vulnerability.

tags | exploit, web, xss
MD5 | 009e50e6e116669af0dfb511b60a9e0a
qdPM 7 Arbitrary PHP File Upload
Posted Sep 14, 2012
Authored by loneferret, sinn3r | Site metasploit.com

This Metasploit module exploits a vulnerability found in qdPM - a web-based project management software. The user profile's photo upload feature can be abused to upload any arbitrary file onto the victim server machine, which allows remote code execution. Please note in order to use this module, you must have a valid credential to sign in.

tags | exploit, remote, web, arbitrary, code execution
advisories | OSVDB-82978
MD5 | 46ae2a16374db84846a7a66a93c7cbc4
op5 Monitoring 5.4.2 XSS / CSRF / SQL Injection
Posted Aug 24, 2012
Authored by loneferret

op5 Monitoring version 5.4.2 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf
MD5 | c735f19067c7e29a2c6951ff4a9253b9
Clipbucket 2.5 Directory Traversal
Posted Aug 22, 2012
Authored by loneferret

Clipbucket version 2.5 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 825e209863f75100ef961402e8f324b5
Clipbucket 2.5 Blind SQL Injection
Posted Aug 22, 2012
Authored by loneferret

Clipbucket version 2.5 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | c56d0ff4f25346defe873461e6a1c86a
Sphpforum 0.4 Cross Site Scripting / SQL Injection
Posted Aug 16, 2012
Authored by loneferret

Sphpforum version 0.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | f44307245cd2785505fb7beee300ec6c
Cyclope Employee Surveillance Solution 6.0 LFI / SQL Injection
Posted Aug 16, 2012
Authored by loneferret

Cyclope Employee Surveillance Solution version 6.0 suffers from local file inclusion and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
MD5 | 8fa1110143879c049bddf328b0ad581b
Cyclope Employee Surveillance Solution 6 SQL Injection
Posted Aug 14, 2012
Authored by loneferret, sinn3r | Site metasploit.com

This Metasploit module exploits a SQL injection found in Cyclope Employee Surveillance Solution. Because the login script does not properly handle the user-supplied username parameter, a malicious user can manipulate the SQL query, and allows arbitrary code execution under the context of 'SYSTEM'.

tags | exploit, arbitrary, code execution, sql injection
advisories | OSVDB-84517
MD5 | 837146f8a3b99b3c8dfc3c6b60f22822
Spytech NetVizor 6.1 Denial Of Service
Posted Aug 12, 2012
Authored by loneferret

Spytech NetVizor version 6.1 suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | bdd7c727907a1daa255db3d05a12c47f
Cyclope Employee Surveillance Solution 6.0 SQL Injection
Posted Aug 9, 2012
Authored by loneferret

Cyclope Employee Surveillance Solution version 6.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 17da545e64a079b9cab9b5983e2bb1d5
Axigen Mail Server 8.0.1 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

Axigen Mail Server version 8.0.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2592
MD5 | f172da62683c3977361addb40b7dcceb
EmailArchitect Enterprise Email Server 10.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

EmailArchitect Enterprise Email Server version 10.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2591
MD5 | 67b95527b49ccccefb4ef7fa58256f96
ESCON SupportPortal Pro 3.0 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

ESCON SupportPortal Pro version 3.0 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2590
MD5 | ee476706cb8cdc19f95724419630a01b
MailEnable Enterprise 6.5 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

MailEnable Enterprise version 6.5 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2588
MD5 | c23f76da3c75a26be60243216f439d6a
AfterLogic Mailsuite Pro 6.3 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

AfterLogic Mailsuite Pro (VMware Appliance) version 6.3 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2587
MD5 | e73f64f4087f2f9eb677c4d30cf57d9d
MailTraq 2.17.3.3150 Cross Site Scripting
Posted Aug 8, 2012
Authored by loneferret

MailTraq version 2.17.3.3150 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-2586
MD5 | 430db808f916265f2793a724d9158574
qdPM 7 Shell Upload
Posted Jun 14, 2012
Authored by loneferret

qdPM version 7 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | ccd9d5e6dd3711a6dd8272b421ba4e8b
phpAccounts 0.5.3 SQL Injection
Posted Jun 9, 2012
Authored by loneferret

phpAccounts version 0.5.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 29ab474b7348a854439be9630ba7adc1
Simple Web Content Management System 1.1 SQL Injection
Posted Jun 1, 2012
Authored by loneferret

Simple Web Content Management System version 1.1 suffers from multiple remote SQL injection vulnerabilities. Most of these issues were already priorly discovered in early 2011 by John Leitch for versions 1.21 and below.

tags | exploit, remote, web, vulnerability, sql injection
MD5 | 5c2ffe8d731d583e4281235fba6a446a
PBBoard 2.1.4 SQL Injection
Posted May 29, 2012
Authored by loneferret

PBBoard version 2.1.4 suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
MD5 | a261dac4ff07c081764718b12cfb45fc
Page 1 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close