exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 140 RSS Feed

Files from Tim Coen

Email addresstc.coen at gmail.com
First Active2015-06-28
Last Active2023-08-03
OX App Suite SSRF / SQL Injection / Cross Site Scripting
Posted Aug 3, 2023
Authored by Mehmet Ince, Martin Heiland, Tim Coen, Eldar Zeynalli

OX App Suite suffers from remote SQL injection, server-side request forgery, cross site scripting, improper neutralization, command injection, and exposure of sensitive information vulnerabilities.

tags | advisory, remote, vulnerability, xss, sql injection
advisories | CVE-2023-26430, CVE-2023-26438, CVE-2023-26439, CVE-2023-26440, CVE-2023-26441, CVE-2023-26442, CVE-2023-26443, CVE-2023-26445, CVE-2023-26446, CVE-2023-26447, CVE-2023-26448, CVE-2023-26449, CVE-2023-26450, CVE-2023-26451
SHA-256 | 719567b07d01c758653bc54850b5ade966278aebda53de372168e4c5c9d605c8
OX App Suite SSRF / Resource Consumption / Command Injection
Posted Jun 22, 2023
Authored by Mehmet Ince, Martin Heiland, Tim Coen, Icare

OX App Suite suffers from server-side request forgery, command injection, uncontrolled resource consumption, code injection, authorization bypass, and insecure storage vulnerabilities. Various versions in the 7.10.x and 8.x branches are affected.

tags | advisory, vulnerability
advisories | CVE-2023-26427, CVE-2023-26428, CVE-2023-26429, CVE-2023-26431, CVE-2023-26432, CVE-2023-26433, CVE-2023-26434, CVE-2023-26435, CVE-2023-26436
SHA-256 | a27979ae3ae36aed54def31f404e98c49b579e2113420246b0b046bb9f32e18d
WordPress YOP Poll 6.0.2 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress YOP Poll plugin version 6.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9914
SHA-256 | 6ce5b54aff4a8eac3fb2bd30e96e747b3ca49fdaeb6c68b860c1055e4e5cbac1
WordPress WP Live Chat 8.0.18 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress WP Live Chat plugin version 8.0.18 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9913
SHA-256 | 3c65dace4c32d5bb126aa011b151f596a00ebdef9522b9a5d705ba4cc01d15a9
WordPress wpGoogleMaps 7.10.41 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress wpGoogleMaps plugin version 7.10.41 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9912
SHA-256 | f839348b93ef6d68bb7fa55e3bc44b4563269eef679bb15b156c9865df902894
WordPress Social Networks Auto-Poster 4.2.7 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress Social Networks Auto-Poster plugin version 4.2.7 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9911
SHA-256 | 131fb95529c8c295332376c3c639587c0c1bdb88d79767257773c33c5517a8b3
WordPress KingComposer 2.7.6 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress KingComposer plugin version 2.7.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9910
SHA-256 | 70463eecc91264546a0667f547952464557785a98fd5161513136df55b04811a
WordPress Give 2.3.0 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress Give plugin version 2.3.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9909
SHA-256 | ce3e8a04fae75df5ec50fe510a670381280f4159ff3a19cae2f7fb1e69c1d11d
WordPress Font Organizer 2.1.1 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress Font Organizer plugin version 2.1.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9908
SHA-256 | 9d04b6f05bfa2febbf6a55a21c100165d435279f2ee32ef5182b3528a606e6ef
WordPress Contact Form Email 1.2.65 CSRF / Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress Contact Form Email plugin version 1.2.65 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
advisories | CVE-2019-9646
SHA-256 | 64c84aa453d6ebfbed2c8ac62d02d372dae688e4612e07e2beebf57ebe30e1ad
WordPress Blog2Social 5.0.2 Cross Site Scripting
Posted Feb 6, 2019
Authored by Tim Coen

WordPress Blog2Social plugin version 5.0.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9576
SHA-256 | 1164c4f3459b90f4f361cf7c366150917d4e8842d712ac45c41850a2392947ab
WordPress Quiz And Survey Master 6.0.4 Cross Site Scripting
Posted Feb 5, 2019
Authored by Tim Coen

WordPress Quiz and Survey Master plugin version 6.0.4 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2019-9575
SHA-256 | 6c3a4a6fc1bf937f0fe35d0b3dd66154e309afefad6d60a1898440a2078b3e3d
WordPress Forminator 1.5.4 Cross Site Scripting / SQL Injection
Posted Feb 5, 2019
Authored by Tim Coen

WordPress Forminator plugin version 1.5.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2019-9567, CVE-2019-9568
SHA-256 | d0066137175e8a51ae0f44e2aab4c91a5b689148a43106735176794766c4af7e
TP-Link TL-WR841N V13 Insecure Direct Object Reference
Posted Jun 28, 2018
Authored by Tim Coen

TP-Link TL-WR841N v13 suffers from an authentication bypass vulnerability via an insecure direct object reference vulnerability.

tags | exploit, bypass
advisories | CVE-2018-12575
SHA-256 | 9995c6b3b6cf275d4bde83f805fb4d5553b3807472d1967cf7e57c4f243ec759
TP-Link TL-WR841N V13 Command Injection
Posted Jun 28, 2018
Authored by Tim Coen

TP-Link TL-WR841N v13 suffers from a blind command injection vulnerability.

tags | exploit
advisories | CVE-2018-12577
SHA-256 | 92b9e15c1917bfa85cd7b7d7dec306620e04cc32a685a4d63fedfeb461b5460b
TP-Link TL-WR841N V13 Cross Site Request Forgery
Posted Jun 28, 2018
Authored by Tim Coen

TP-Link TL-WR841N v13 suffers from cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf
advisories | CVE-2018-12574
SHA-256 | 231860d71c1d24ce794123eae11efe2c36b3ee4500c2bf996f198fb1478e6c91
pfsense 2.3.2 Code Execution
Posted Mar 27, 2017
Authored by Tim Coen | Site curesec.com

pfsense version 2.3.2 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | cdc9477114db9f75ccf0e32482329e27abeb984f900df0dba8af56cb83f111bb
pfsense 2.3.2 Cross Site Request Forgery
Posted Mar 27, 2017
Authored by Tim Coen | Site curesec.com

pfsense versions 2.3.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | fcf681ece2f83f4d6b675ac5d70d922fa1b6d25f6617555f840ef0872ca94996
pfsense 2.3.2 Cross Site Scripting
Posted Mar 27, 2017
Authored by Tim Coen | Site curesec.com

pfsense version 2.3.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5265038acc564a91f8f3566357f7cc4c9a1e67a7ebda312a77ce2ab48ec2ffdd
phplist 3.2.6 SQL Injection
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

phplist version 3.2.6 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 3a8716d8154640fb091e7e4ecb469133a180b7d026bc009f119af8e4f440c31f
HumHub 1.0.1 Cross Site Scripting
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

HumHub versions 1.0.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 84e2c861e2a5b5be387957dbda21bbcdbc94dfd62a68f7116415ca90a446680c
phplist 3.2.6 Cross Site Scripting
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

phplist version 3.2.6 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 046fdb7147de89e5678f40291706a2c5db86533e5e185f63c2c0c252c570f448
HumHub 0.20.1 / 1.0.0-beta.3 Shell Upload
Posted Mar 17, 2017
Authored by Tim Coen | Site curesec.com

HumHub versions 0.20.1 and 1.0.0-beta.3 suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | bc26c6b7f83e3576352a65414047fbc9ceaa533e87f431f3480b0c169b02770d
Elefant CMS 1.3.12-RC Code Execution
Posted Feb 18, 2017
Authored by Tim Coen | Site curesec.com

Elefant CMS version 1.3.12-RC suffers from remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution
SHA-256 | 93ab7cd15114ad9062d18ca8df2fcf662b1919081dc6bdb9660574d8243dfb8a
Plone 5.0.5 Cross Site Scripting
Posted Feb 18, 2017
Authored by Tim Coen | Site curesec.com

Plone version 5.0.5 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2016-7147
SHA-256 | f23f365ad7be4890c9801cbb5c09c3060407d0b8d444fc6d52637f10df958c28
Page 1 of 6
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close