Showing 1 - 6 of 6

Files from Netanel Rubin

First Active	2014-02-19
Last Active	2016-06-03

Magento 2.0.6 Unserialize Remote Code Execution: Posted Jun 3, 2016; Authored by agix, Netanel Rubin | Site metasploit.com; This Metasploit module exploits a PHP object injection vulnerability in Magento 2.0.6 or prior.; tags | exploit, php; advisories | CVE-2016-4010; SHA-256 | 0f4a54fd7327964f36b2aa61027c88bb06c66470231cb05fee46900549f0def5; Download | Favorite | View

vBulletin 5.1.2 Unserialize Code Execution: Posted Nov 13, 2015; Authored by Netanel Rubin, cutz, Julien (jvoisin) Voisin | Site metasploit.com; This Metasploit module exploits a PHP object injection vulnerability in vBulletin 5.1.2 to 5.1.9; tags | exploit, php; advisories | CVE-2015-7808; SHA-256 | 3d697e9884f896d99ec27c73b56469d04ac0450703c51290468ce41cd7c38ae0; Download | Favorite | View

Bugzilla Unauthorized Account Creation: Posted Sep 10, 2015; Authored by Frederic Buclin, Byron Jones, Netanel Rubin | Site bugzilla.org; Bugzilla versions 2.0 to 4.2.14, 4.3.1 to 4.4.9, and 4.5.1 to 5.0 suffer from an unauthorized account creation vulnerability.; tags | advisory; advisories | CVE-2015-4499; SHA-256 | 9b1272725e4045835294ef9f644a6664c5657f9a14374d95b6685f5bdc61cc69; Download | Favorite | View

TWiki Debugenableplugins Remote Code Execution: Posted Mar 19, 2015; Authored by h0ng10, Netanel Rubin | Site metasploit.com; TWiki versions 4.0.x through 6.0.0 contain a vulnerability in the Debug functionality. The value of the debugenableplugins parameter is used without proper sanitization in an Perl eval statement which allows remote code execution.; tags | exploit, remote, perl, code execution; advisories | CVE-2014-7236; SHA-256 | 850efe714be5e6548a264c1cce672a60aa1ae5a53559548aa9e9d66cf64f53b5; Download | Favorite | View

Bugzilla Account Creation / XSS / Information Leak: Posted Oct 7, 2014; Authored by Frederic Buclin, Byron Jones, David Lawrence, Netanel Rubin, Simon Green, James Kettle, Matt Tyson | Site bugzilla.org; Bugzilla Security Advisory - Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.; tags | advisory, vulnerability, xss, info disclosure; advisories | CVE-2014-1571, CVE-2014-1572, CVE-2014-1573; SHA-256 | 0d0e7c27532f6562403faf6ddb1249c6fce16ba6525feadfe7c92217191a6748; Download | Favorite | View

MediaWiki Thumb.php Remote Command Execution: Posted Feb 19, 2014; Authored by Brandon Perry, Ben Harris, Netanel Rubin | Site metasploit.com; MediaWiki 1.22.x before 1.22.2, 1.21.x before 1.21.5 and 1.19.x before 1.19.11, when DjVu or PDF file upload support is enabled, allows remote unauthenticated users to execute arbitrary commands via shell metacharacters. If no target file is specified this module will attempt to log in with the provided credentials to upload a file (.DjVu) to use for exploitation.; tags | exploit, remote, arbitrary, shell, file upload; advisories | CVE-2014-1610; SHA-256 | 853d2b2d7b1ab2575d40f73544cf31c3010f47bbfc35b70e1a2faa0dfdf9204d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days