what you don't know can hurt you
Showing 1 - 25 of 74 RSS Feed

Files from Julien Ahrens

First Active2012-01-08
Last Active2022-03-21
SAP Knowledge Warehouse 7.50 / 7.40 / 7.31 / 7.30 Cross Site Scripting
Posted Mar 21, 2022
Authored by Julien Ahrens | Site rcesecurity.com

SAP Knowledge Warehouse versions 7.30, 7.31, 7.40, and 7.50 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-42063
SHA-256 | 3cdb75beff9ad13b8fd31c0196339aaa4bd2eba05bc62d3ddf8e67c54c8cf3a8
God Kings 0.60.1 Notification Spoofing
Posted Oct 28, 2020
Authored by Julien Ahrens | Site rcesecurity.com

God Kings version 0.60.1 suffers from an improper authorization issue allowing for in-game notification spoofing.

tags | exploit, spoof
advisories | CVE-2020-25204
SHA-256 | 0739b7472a6c8181be50dac6e880dba434850aeb93bca40ab3c19da4c9c1fd8c
Framer Preview 12 Content Injection
Posted Sep 22, 2020
Authored by Julien Ahrens | Site rcesecurity.com

Framer Preview version 12 for Android exposes an activity to other apps called "com.framer.viewer.FramerViewActivity". The purpose of this activity is to show contents of a given URL via an fullscreen overlay to the app user. However, the app does neither enforce any authorization schema on the activity nor does it validate the given URL.

tags | advisory
advisories | CVE-2020-25203
SHA-256 | e54f0aa32e54c06b14955e19264b2f743bd0ebfed0a629f5cc6a8d1038c27426
Acronis Cyber Backup 12.5 Build 16341 Server-Side Request Forgery
Posted Sep 16, 2020
Authored by Julien Ahrens | Site rcesecurity.com

Acronis Cyber Backup version 12.5 Build 16341 suffers from a server-side request forgery vulnerability.

tags | exploit
advisories | CVE-2020-16171
SHA-256 | 5776367a895d7236549ae9bed6615f059a8c84f1ee0883489602ba985f741b60
Android o2 Business 1.2.0 Open Redirect
Posted Jul 3, 2020
Authored by Julien Ahrens | Site rcesecurity.com

o2 Business for Android version 1.2.0 suffers from an open redirection vulnerability.

tags | exploit
advisories | CVE-2020-11882
SHA-256 | ed073540b55db066df4e43d61452b19af671d57a6dad0ef1271c98600b232356
MJML 4.6.2 Path Traversal
Posted Jun 16, 2020
Authored by Julien Ahrens | Site rcesecurity.com

MJML versions 4.6.2 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2020-12827
SHA-256 | 166961aa7a1aa4863ba6a1c75fcc9e0116bd4fd9789c3759ca27ecb57c656da5
WordPress SlickQuiz 1.3.7.1 SQL Injection
Posted Sep 10, 2019
Authored by Julien Ahrens | Site rcesecurity.com

WordPress SlickQuiz plugin version 1.3.7.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-12516
SHA-256 | 3b3f2021735ae446297196ed34135cc91bdd1359c4dc4c1847d8a05052387e80
WordPress SlickQuiz 1.3.7.1 Cross Site Scripting
Posted Sep 10, 2019
Authored by Julien Ahrens | Site rcesecurity.com

WordPress SlickQuiz plugin version 1.3.7.1 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-12517
SHA-256 | cbb9b82d8abba98ceec52791f9d154653f25751db87716fba4d0f5bdb5a37486
Quest KACE Systems Management Appliance 9.0 Cross Site Scripting
Posted May 23, 2019
Authored by Julien Ahrens | Site rcesecurity.com

Quest KACE Systems Management Appliance versions 9.0 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-11604
SHA-256 | 65f3a081afe40db41f6639b1bc6e910e5e069fe0b2e9e5ad97c5da01c2da144f
Schneider Electric U.Motion Builder 1.3.4 Command Injection
Posted May 14, 2019
Authored by Julien Ahrens | Site rcesecurity.com

Schneider Electric U.Motion Builder version 1.3.4 suffers from an unauthenticated command injection vulnerability in track_import_export.php.

tags | exploit, php
advisories | CVE-2018-7841
SHA-256 | c724d066bedbb754af39373a9ad1f796ff21a6be3217d9b48ffbef558b5baceb
Dell KACE Systems Management Appliance (K1000) 6.4.120756 Code Execution
Posted Apr 10, 2019
Authored by Julien Ahrens

Dell KACE Systems Management Appliance (K1000) version 6.4.120756 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | 3eb5dff93e50fbe23fbc7494f2ff3a530986ae8dffc834f971baafeb16a34e1a
Ubiquiti UniFi Video 3.7.3 (Windows) Local Privilege Escalation
Posted Dec 24, 2017
Authored by Julien Ahrens | Site rcesecurity.com

Ubiquiti UniFi Video version 3.7.3 (Windows) suffers from a local privilege escalation vulnerability due to insecure directory permissions.

tags | exploit, local
systems | windows
advisories | CVE-2016-6914
SHA-256 | 45c4e2bf10eee74f0c0735dc38d94473b61dcdfd79d35dbb1d31dd27cc2782d5
Check_mk 1.2.8p25 save_users() Race Condition
Posted Oct 19, 2017
Authored by Julien Ahrens | Site rcesecurity.com

Check_mk versions 1.2.8p25 and below suffer from a save_users() race condition that leads to sensitive information disclosure.

tags | exploit, info disclosure
advisories | CVE-2017-14955
SHA-256 | 3817f4097ba3c193b240667f3e9f94890b3c36bbafc096a89f647938a535aa59
AlienVault USM 5.4.2 Cross Site Request Forgery
Posted Oct 14, 2017
Authored by Julien Ahrens | Site rcesecurity.com

AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2017-14956
SHA-256 | b5e6ee31b1a3e5fd0aa449ccfe7c7f88fc5ec5d1636f74a41f4ea05671f70da8
Mattermost 3.5.0 / 3.5.1 Cross Site Scripting
Posted Jan 19, 2017
Authored by Julien Ahrens | Site rcesecurity.com

Mattermost versions 3.5.0 and 3.5.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | bf8d77494b82eb251135d622671addcd78c1075cfdb00180733870c23345ad0e
Atlassian Confluence AppFusions Doxygen 1.3.x Cross Site Scripting
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 58c57bd896a1b741f14676780ed0548bea2bc4824bf165be69c2d7dd293e7f52
Atlassian Confluence AppFusions Doxygen 1.3.x Information Disclosure
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure
SHA-256 | 8357c39588ad5506639d97020e1806800b3080757eee8fa79931e45eb66d5148
Atlassian Confluence AppFusions Doxygen 1.3.0 Path Traversal
Posted Nov 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen version 1.3.0 suffers from a path traversal vulnerability.

tags | exploit
SHA-256 | 77aa28687a473275fa3261bb168ee38f7a5939fe9c9aa294dd42f3b61e038e76
XenForo ToggleME 3.1.2 Cross Site Scripting
Posted Sep 12, 2016
Authored by Julien Ahrens | Site rcesecurity.com

XenForo ToggleME version 3.1.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 2ec81da933635f268cac0c59dd5efa9ad0c1541a95dcd28dee6c054aedd2362e
AlienVault USM/OSSIM 5.2 Cross Site Scripting
Posted Aug 24, 2016
Authored by Julien Ahrens | Site rcesecurity.com

AlienVault USM/OSSIM version 5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-6913
SHA-256 | 52d6e5998255d0e9741227d3f9f592c61f60e95789c4df2d2c3f1ba5af0dbda1
Apache Archiva 1.3.9 Cross Site Scripting
Posted Jul 12, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Apache Archiva version 1.3.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-5005
SHA-256 | 04f8a6de07ed3133f7856a60c7f6f21b4d9abdd91819b80ae6ad97c203cf32c1
Apache Archiva 1.3.9 Cross Site Request Forgery
Posted Jul 12, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Apache Archiva version 1.3.9 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
advisories | CVE-2016-4469
SHA-256 | 7668a8296181447642b0332f0a99e7d8f4c3bc9ac9250ca8df5203b11bf750e3
XenAPI For XenForo 1.4.1 SQL Injection
Posted May 24, 2016
Authored by Julien Ahrens | Site rcesecurity.com

XenAPI for XenForo version 1.4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 7c3a37ee9ac8d2b769a495f772ba61c0683b07b2341e2500844b324ffac74676
Postfix Admin 2.93 Cross Site Request Forgery
Posted May 21, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Postfix Admin version 2.93 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c36bf42d6746cb09cb01c495637ea7bc269111f9cfcff5161901216a53a69331
Swagger Editor 2.9.9 Cross Site Scripting
Posted May 3, 2016
Authored by Julien Ahrens | Site rcesecurity.com

Swagger Editor version 2.9.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2c9f139677da0df23f3a83e1dfd810fd387124a00de5fae2c2e07e62c09ac0ef
Page 1 of 3
Back123Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close