what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 63

Files from Julien Ahrens

Ubiquiti UniFi Video 3.7.3 (Windows) Local Privilege Escalation

Posted Dec 24, 2017

Authored by Julien Ahrens | Site rcesecurity.com

Ubiquiti UniFi Video version 3.7.3 (Windows) suffers from a local privilege escalation vulnerability due to insecure directory permissions.

tags | exploit, local

systems | windows

advisories | CVE-2016-6914

MD5 | a82e1d218ea5e2d055d53ff0277ba737

Download | Favorite | Comments (0)

Check_mk 1.2.8p25 save_users() Race Condition

Posted Oct 19, 2017

Authored by Julien Ahrens | Site rcesecurity.com

Check_mk versions 1.2.8p25 and below suffer from a save_users() race condition that leads to sensitive information disclosure.

tags | exploit, info disclosure

advisories | CVE-2017-14955

MD5 | 20c85c9a771f1de93e046c52df63537c

Download | Favorite | Comments (0)

AlienVault USM 5.4.2 Cross Site Request Forgery

Posted Oct 14, 2017

Authored by Julien Ahrens | Site rcesecurity.com

AlienVault USM version 5.4.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2017-14956

MD5 | 6e771ba0baa2d865a2bac29ab5c0ceb6

Download | Favorite | Comments (0)

Mattermost 3.5.0 / 3.5.1 Cross Site Scripting

Posted Jan 19, 2017

Authored by Julien Ahrens | Site rcesecurity.com

Mattermost versions 3.5.0 and 3.5.1 suffer from a cross site scripting vulnerability.

tags | exploit, xss

MD5 | b386c063a6b1b10c1dad2ed59478e51a

Download | Favorite | Comments (0)

Atlassian Confluence AppFusions Doxygen 1.3.x Cross Site Scripting

Posted Nov 21, 2016

Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss

MD5 | 40298284e37d5c11bfd9c7e6a26fe36f

Download | Favorite | Comments (0)

Atlassian Confluence AppFusions Doxygen 1.3.x Information Disclosure

Posted Nov 21, 2016

Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen versions 1.3.0, 1.3.1, 1.3.2, and 1.3.3 suffer from an information disclosure vulnerability.

tags | exploit, info disclosure

MD5 | bc1d0ec9781d4efabfe8c2e3134f68fb

Download | Favorite | Comments (0)

Atlassian Confluence AppFusions Doxygen 1.3.0 Path Traversal

Posted Nov 21, 2016

Authored by Julien Ahrens | Site rcesecurity.com

Atlassian Confluence AppFusions Doxygen version 1.3.0 suffers from a path traversal vulnerability.

tags | exploit

MD5 | 4e2b79e03f74cde41848df22952ee7ce

Download | Favorite | Comments (0)

XenForo ToggleME 3.1.2 Cross Site Scripting

Posted Sep 12, 2016

Authored by Julien Ahrens | Site rcesecurity.com

XenForo ToggleME version 3.1.2 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

MD5 | 66b9ae98b3625528c90cfaf047dd623e

Download | Favorite | Comments (0)

AlienVault USM/OSSIM 5.2 Cross Site Scripting

Posted Aug 24, 2016

Authored by Julien Ahrens | Site rcesecurity.com

AlienVault USM/OSSIM version 5.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2016-6913

MD5 | 607c890e637df1fffca03228952de5fe

Download | Favorite | Comments (0)

Apache Archiva 1.3.9 Cross Site Scripting

Posted Jul 12, 2016

Authored by Julien Ahrens | Site rcesecurity.com

Apache Archiva version 1.3.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2016-5005

MD5 | 49af5bfe6cafae1122d621ea5294c340

Download | Favorite | Comments (0)

Apache Archiva 1.3.9 Cross Site Request Forgery

Posted Jul 12, 2016

Authored by Julien Ahrens | Site rcesecurity.com

Apache Archiva version 1.3.9 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2016-4469

MD5 | bb5f2cae376e13ae271a747583391445

Download | Favorite | Comments (0)

XenAPI For XenForo 1.4.1 SQL Injection

Posted May 24, 2016

Authored by Julien Ahrens | Site rcesecurity.com

XenAPI for XenForo version 1.4.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

MD5 | ec6653535f15715683fb23b54a289bdb

Download | Favorite | Comments (0)

Postfix Admin 2.93 Cross Site Request Forgery

Posted May 21, 2016

Authored by Julien Ahrens | Site rcesecurity.com

Postfix Admin version 2.93 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | 0aa6277ff6f2f8a1e8b41cee4ae3b9a2

Download | Favorite | Comments (0)

Swagger Editor 2.9.9 Cross Site Scripting

Posted May 3, 2016

Authored by Julien Ahrens | Site rcesecurity.com

Swagger Editor version 2.9.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss

MD5 | b53df8f45f91a77bb2ce060de0233f8d

Download | Favorite | Comments (0)

Ubiquiti Networks UniFi 3.2.10 Cross Site Request Forgery

Posted Feb 25, 2016

Authored by Julien Ahrens

Ubiquiti Networks UniFi version 3.2.10 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

MD5 | feacedbdd6e190261848193e551b9695

Download | Favorite | Comments (0)

Typo3 CMS 6.2.14 / 4.5.40 Cross Site Scripting

Posted Sep 14, 2015

Authored by Julien Ahrens

Typo3 CMS versions 6.2.14 and below and 4.5.40 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2015-5956

MD5 | 2fffb26b43aca09bd54b6d7fe280d8db

Download | Favorite | Comments (0)

Yahoo! Messenger 11.5.0.228 Buffer Overflow

Posted Sep 4, 2015

Authored by Julien Ahrens | Site rcesecurity.com

Multiple buffer overflow vulnerabilities have been identified in Yahoo! Messenger versions 11.5.0.228 and below.

tags | advisory, overflow, vulnerability

advisories | CVE-2014-7216

MD5 | 464fdcbb475517adc40408ae287a00e7

Download | Favorite | Comments (0)

GetGo Download Manager HTTP Response Buffer Overflow

Posted Jan 15, 2015

Authored by Julien Ahrens, Gabor Seljan | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow vulnerability in GetGo Download Manager version 4.9.0.1982 and earlier, caused by an overly long HTTP response header. By persuading the victim to download a file from a malicious server, a remote attacker could execute arbitrary code on the system or cause the application to crash. This Metasploit module has been tested successfully on Windows XP SP3.

tags | exploit, remote, web, overflow, arbitrary

systems | windows, xp

advisories | CVE-2014-2206

MD5 | 5ec2694f22215c1438a6fe4d47c79bf2

Download | Favorite | Comments (0)

Easy File Management Web Server Stack Buffer Overflow

Posted Jun 16, 2014

Authored by Julien Ahrens, superkojiman | Site metasploit.com

Easy File Management Web Server versions 4.0 and 5.3 contain a stack buffer overflow condition that is triggered as user-supplied input is not properly validated when handling the UserID cookie. This may allow a remote attacker to execute arbitrary code.

tags | exploit, remote, web, overflow, arbitrary

MD5 | 3df650464988576d8c2dd639a9e70a93

Download | Favorite | Comments (0)

Easy File Management Web Server 5.3 Buffer Overflow

Posted Jun 2, 2014

Authored by Julien Ahrens | Site rcesecurity.com

Easy File Management Web Server version 5.3 USERID remote buffer overflow exploit.

tags | exploit, remote, web, overflow

MD5 | 812e9b899b8fff4928463ec1818eab7c

Download | Favorite | Comments (0)

Free Download Manager 3.x Buffer Overflow

Posted Mar 14, 2014

Authored by Julien Ahrens | Site rcesecurity.com

Free Download Manager versions 3.9.3 build 1360, 3.8 build 1173, 3.0 build 852, and possibly others are affected by a stack-based buffer overflow vulnerability. Proof of concept code included.

tags | exploit, overflow, proof of concept

advisories | CVE-2014-2087

MD5 | 320bc871522b546403d5b3540eed9cd9

Download | Favorite | Comments (0)

GetGo Download Manager 4.9.0.1982 Buffer Overflow

Posted Mar 9, 2014

Authored by Julien Ahrens | Site rcesecurity.com

GetGo Download Manager version 4.9.0.1982 HTTP response header buffer overflow remote code execution exploit.

tags | exploit, remote, web, overflow, code execution

advisories | CVE-2014-2206

MD5 | 0f6280b91d2c35008ed895688fa3ae33

Download | Favorite | Comments (0)

GetGo Download Manager 4.x Stack Buffer Overflow

Posted Mar 3, 2014

Authored by Julien Ahrens | Site rcesecurity.com

GetGo Download Manager versions 4.9.0.1982, 4.8.2.1346, and 4.4.5.502 suffer from a stack based buffer overflow.

tags | exploit, overflow

advisories | CVE-2014-2206

MD5 | 8150015b9359290479bf7d4c3234749a

Download | Favorite | Comments (0)

VideoCharge Studio 2.12.3.685 MITM Code Execution

Posted Feb 21, 2014

Authored by Julien Ahrens | Site rcesecurity.com

VideoCharge Studio version 2.12.3.685 GetHttpResponse() man in the in middle remote code execution exploit.

tags | exploit, remote, code execution

MD5 | 76b00ad535403fa656497b3785380247

Download | Favorite | Comments (0)

VideoCharge Studio 2.12.3.685 Stack Buffer Overflow

Posted Feb 20, 2014

Authored by Julien Ahrens | Site rcesecurity.com

VideoCharge Studio version 2.12.3.685 suffers from a stack buffer overflow vulnerability.

tags | exploit, overflow

MD5 | 34070cc72a43434bfeb8b453e488e6c7

Download | Favorite | Comments (0)