what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from Jakub Galczyk

MantisBT Admin SQL Injection Arbitrary File Read

Posted Aug 31, 2024

Authored by Jakub Galczyk, Brandon Perry | Site metasploit.com

Versions 1.2.13 through 1.2.16 are vulnerable to a SQL injection attack if an attacker can gain access to administrative credentials. This vuln was fixed in 1.2.17.

tags | exploit, sql injection

advisories | CVE-2014-2238

SHA-256 | 320419705ca13a1bfcafc3cda1ab534c90225edc3090390aa620b065772e9291

Download | Favorite | View

SMF 2.0.4 PHP Code Injection

Posted Apr 23, 2013

Authored by Jakub Galczyk

SMF version 2.0.4 suffers from a remote PHP code injection vulnerability.

tags | exploit, remote, php

SHA-256 | fb1fdb9f88f7a10a68b514edae1cd6ba816517347156676b1a236c8ed23c784b

Download | Favorite | View

osCommerce 2.3.3 Cross Site Request Forgery

Posted Feb 12, 2013

Authored by Jakub Galczyk

osCommerce version 2.3.3 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | 6899dfd0aba24fae96fc8aca3b04644601579d6527c6c1b6a86f31ffeb009ade

Download | Favorite | View

GetSimple 3.1.2 Code Execution

Posted Jan 7, 2013

Authored by Jakub Galczyk | Site hauntit.blogspot.com

GetSimple version 3.1.2 suffers from authentication bypass and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution

SHA-256 | 999e5026f6a4d4013284f6b65319eaceb75847c3e9cf7b3ae5e9dec3d846289c

Download | Favorite | View