what you don't know can hurt you
Showing 1 - 23 of 23 RSS Feed

Files from Jakub Palaczynski

First Active2015-06-12
Last Active2020-07-06
RSA IG+L Aveksa 7.1.1 Remote Code Execution
Posted Jul 6, 2020
Authored by Jakub Palaczynski, Lukasz Plonka

RSA IG+L Aveksa version 7.1.1 suffers from a remote code execution vulnerability due to an authorization bypass issue.

tags | exploit, remote, code execution
advisories | CVE-2019-3759
SHA-256 | 16bc444575b590b35b69a5534bc7552c0f81d8f9daaa2cefa85554c9f8e4c8ce
IBM Bigfix Platform 9.5.9.62 Arbitary File Upload / Code Execution
Posted Oct 7, 2019
Authored by Jakub Palaczynski

IBM Bigfix Platform version 9.5.9.62 suffers from an arbitrary file upload vulnerability as root that can achieve remote code execution.

tags | exploit, remote, arbitrary, root, code execution, file upload
advisories | CVE-2019-4013
SHA-256 | 678846b330bb25aef207cbc3ab7747185ce598f22867e982d5957674140dcefe
CheckPoint Endpoint Security Client / ZoneAlarm Privilege Escalation
Posted Oct 7, 2019
Authored by Jakub Palaczynski

CheckPoint Endpoint Security VPN versions E80.87 Build 986009514 and below and ZoneAlarm versions 15.4.062.17802 and below suffer from a privilege escalation vulnerability.

tags | exploit
advisories | CVE-2019-8452
SHA-256 | ee56cbff69bca824b90b036840113af2f89274b604d09c9b8287722d179185b7
Brocade Network Advisor 14.4.1 Unauthenticated Remote Code Execution
Posted May 23, 2019
Authored by Jakub Palaczynski

Brocade Network Advisor version 14.4.1 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-6443
SHA-256 | 2496de891345807bdfb245f9b6205028c9c236d3988434147c44ea5c8a7153cc
Loadbalancer.org Enterprise VA MAX Cross Site Scripting
Posted Nov 2, 2018
Authored by Jakub Palaczynski

Loadbalancer.org Enterprise VA MAX versions prior to 8.3.3 suffer from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2018-18864
SHA-256 | 91e9e804524cca532f6c32000c99a66127e5ca71868fd68cadd72082ad0a483f
Royal TS/X Information Disclosure
Posted Nov 2, 2018
Authored by Jakub Palaczynski

Royal TS/X suffer from an information disclosure vulnerability. Versions that addressed this issue are Royal TSX (for macOS) 3.3.1 released on 2018-09-13 and Royal TS (for Windows) 4.3.60728 released on 2018-07-28.

tags | exploit, info disclosure
advisories | CVE-2018-18865
SHA-256 | 30a8f68202f76aee408d4e0297fef81078061740a46cf53f71a7a86a80ac013a
Loadbalancer.org Enterprise VA MAX 8.3.2 Remote Code Execution
Posted Oct 31, 2018
Authored by Jakub Palaczynski

Loadbalancer.org Enterprise VA MAX version 8.3.2 suffers from a code execution vulnerability.

tags | exploit, code execution
SHA-256 | c1b5933307b825ef281540222a9dd2caae7b662038c0531344d50d6c23d82148
CA Release Automation NiMi 6.5 Remote Command Execution
Posted Sep 19, 2018
Authored by Jakub Palaczynski, Maciej Grabiec

CA Release Automation NiMi version 6.5 suffers from a remote command execution vulnerability.

tags | exploit, remote
advisories | CVE-2018-15691
SHA-256 | ee7fc2be843047e737cd1ff2e3299d09c9fbdce8e0cb96c24043007882021e48
CA Release Automation Code Execution
Posted Aug 31, 2018
Authored by Ken Williams, Jakub Palaczynski, Maciej Grabiec | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA Release Automation. A vulnerability exists that can allow an attacker to potentially execute arbitrary code. The vulnerability has a high risk rating and concerns insecure deserialization of a specially crafted serialized object, which can allow an attacker to potentially execute arbitrary code.

tags | advisory, arbitrary
advisories | CVE-2018-15691
SHA-256 | 4fc4b066351e50f874af68872fd64d5bec84276aff293512264657be23e122ca
Dell EMC ECOM XML External Entity Injection
Posted Apr 26, 2018
Authored by Jakub Palaczynski | Site emc.com

The Dell EMC Common Object Manager (ECOM) component used in multiple Dell EMC products is affected by a XML External Entity (XXE) Injection vulnerability that may potentially be exploited by malicious users to compromise the affected system.

tags | advisory, xxe
SHA-256 | ca38cccc3045ff5a40c220fdf2a44b66a7339f491e382df921a3922abcedc6dd
Meinberg LANTIME Web Configuration Utility 6.16.008 Authentication Bypass
Posted Dec 13, 2017
Authored by Jakub Palaczynski

Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an authentication bypass vulnerability.

tags | exploit, web, bypass
advisories | CVE-2017-16787
SHA-256 | 27c81054bf82e7e27c3cacdafb1d557c4a7e2711783679d697caa976bac70496
Meinberg LANTIME Web Configuration Utility 6.16.008 Arbitrary File Upload
Posted Dec 13, 2017
Authored by Jakub Palaczynski

Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an arbitrary file upload vulnerability.

tags | exploit, web, arbitrary, file upload
advisories | CVE-2017-16788
SHA-256 | 52cbe2c1acca8ba9945094f863e48615b35115cddc8c7e151a6b2e42489b60b2
Meinberg LANTIME Web Configuration Utility 6.16.008 Arbitrary File Read
Posted Dec 13, 2017
Authored by Jakub Palaczynski

Meinberg LANTIME Web Configuration Utility version 6.16.008 suffers from an arbitrary file read vulnerability.

tags | exploit, web, arbitrary
advisories | CVE-2017-16786
SHA-256 | a999da894c2062ef8d7c5931c719214a155e11b88612404475b5b84bbf4d71c5
SmartBear SoapUI 5.3.0 Remote Code Execution Via Deserialization
Posted Oct 5, 2017
Authored by Jakub Palaczynski

SmartBear SoapUI version 5.3.0 suffers from a remote code execution vulnerability via deserialization.

tags | exploit, remote, code execution
SHA-256 | 4cf0e4fc81ad8154903c5779e00dbb3afa5e22cf4b62e8c9face65c732b1a970
OpenText Documentum Administrator / Webtop XXE Injection
Posted Sep 27, 2017
Authored by Jakub Palaczynski, Pawel Gocyla

OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from XML external entity injection vulnerabilities.

tags | exploit, vulnerability, xxe
advisories | CVE-2017-14526, CVE-2017-14527
SHA-256 | 9447f70c1cfba534cf62cd68923f8cb3c42fb6f8ccf56f0f659927fcf0c4317e
OpenText Documentum Administrator / Webtop Open Redirection
Posted Sep 27, 2017
Authored by Jakub Palaczynski

OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from an open redirection vulnerability.

tags | exploit
advisories | CVE-2017-14524, CVE-2017-14525
SHA-256 | 0398ff275466563cb7b556e656861a4cce90efc78f0844fe8ed3b226382eab70
Astaro Security Gateway 7 Remote Code Execution
Posted Sep 15, 2017
Authored by Jakub Palaczynski, Maciej Grabiec

Astaro Security Gateway 7 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2017-6315
SHA-256 | 1377404d6b249466fe1bc4911cfd731bb3947f2a0f3dd6149b0273853432793a
WSO2 SOA Enablement Server XML External Entity Injection
Posted Jul 13, 2016
Authored by Jakub Palaczynski, Pawel Gocyla

WSO2 SOA Enablement Server for Java/6.6 build SSJ-6.6-20090827-1616 suffers from an XML external entity injection vulnerability.

tags | exploit, java, xxe
SHA-256 | d9e516d3777daf410177b4c7a8c4a54f5f7f7677f5de9b1ae66ff8fa3a81c9c2
WebSVN 2.3.3 Cross Site Scripting
Posted Feb 22, 2016
Authored by Jakub Palaczynski

WebSVN version 2.3.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-2511
SHA-256 | a7ba5892e78ad95ffdce00b9ef1323a029dbfc66b48c4f38700561660a102d77
Apache James Server 2.3.2 Arbitrary Command Execution
Posted Oct 1, 2015
Authored by Jakub Palaczynski

Apache James Server version 2.3.2 suffers from an arbitrary command execution vulnerability.

tags | advisory, arbitrary
SHA-256 | 26ae7acec4f69a123fe370fbec1b701a4575bc405486c9ecc68c669388c07534
Thomson Reuters FATCA Local File Inclusion
Posted Aug 12, 2015
Authored by Jakub Palaczynski

Thomson Reuters FATCA versions below 5.2 suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2015-5952
SHA-256 | 6231d7b2832f5bc3406aa4e011ca416b6b92a2d444f6499aa1e7c831611cba6f
Thomson Reuters FATCA Arbitrary File Upload
Posted Aug 8, 2015
Authored by Jakub Palaczynski

Thomson Reuters FATCA suffers from an arbitrary file upload vulnerability that can result in command execution.

tags | advisory, arbitrary, file upload
advisories | CVE-2015-5951
SHA-256 | 11a47e82b83e098fee9826d581ead72346fda7dd13de54294533f54c52c07a9f
HP WebInspect 10.4 XML External Entity
Posted Jun 12, 2015
Authored by Jakub Palaczynski

HP WebInspect versions 7.x, 8.x, 9.x, and 10.0 through 10.4 suffer from an XML external entity vulnerability.

tags | exploit, xxe
advisories | CVE-2015-2125
SHA-256 | 44df7fcf639b2f66354665111858dd4bced1a796a547d6fed87ff5cd8eccb16d
Page 1 of 1
Back1Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close