exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 6 of 6

Files from Blazej Adamczyk

Gotenberg 6.2.0 Traversal / Code Execution / Insecure Permissions

Posted Jan 4, 2021

Authored by Blazej Adamczyk

Gotenberg versions 6.2.0 and below suffer from directory traversal, code execution, and insecure permission vulnerabilities.

tags | exploit, vulnerability, code execution, file inclusion

advisories | CVE-2020-13449, CVE-2020-13450, CVE-2020-13451, CVE-2020-13452

SHA-256 | 78afb81c3f13565ecf21d0d3ec82d21cd97235cd78fb39359e943354ed217fce

Download | Favorite | View

Realtek SDK Information Disclosure / Code Execution

Posted Jan 24, 2020

Authored by Blazej Adamczyk

Realtek SDK based routers suffer from information disclosure, incorrect access control, insecure password storage, code execution, and incorrectly implemented CAPTCHA vulnerabilities.

tags | exploit, vulnerability, code execution, info disclosure

advisories | CVE-2019-19822, CVE-2019-19823, CVE-2019-19824, CVE-2019-19825

SHA-256 | 161aad06c59b2a2586dd10dd4d1338457e20ca8bdd64c3821e7ec442fc85771f

Download | Favorite | View

D-Link Plain-Text Password Storage / Code Execution / Directory Traversal

Posted Oct 18, 2018

Authored by Blazej Adamczyk

Multiple D-Link router models suffer from code execution, plain-text password storage, and directory traversal vulnerabilities.

tags | exploit, vulnerability, code execution, file inclusion

advisories | CVE-2017-6190, CVE-2018-10822, CVE-2018-10823, CVE-2018-10824

SHA-256 | 9541adf37d2c85c0b0f169e169c1066383eece8ec4a5884e9d841c8dbcc16ca5

Download | Favorite | View

ASUSWRT 3.0.0.4.382.18495 Session Hijacking / Information Disclosure

Posted Jan 16, 2018

Authored by Blazej Adamczyk

ASUSWRT versions 3.0.0.4.382.18495 and below suffer from predictable session tokens, failed IP validation, plain text password storage, and information disclosure vulnerabilities.

tags | exploit, vulnerability, info disclosure

systems | unix

advisories | CVE-2017-15653, CVE-2017-15654, CVE-2017-15655, CVE-2017-15656

SHA-256 | bd23232ee99e738d3f84b1fd3f3d388227c546aff375b18addd0d8e6dc43e90f

Download | Favorite | View

Joomla 3.6.2 Clear-Text Stored Session ID

Posted Sep 20, 2016

Authored by Blazej Adamczyk

Joomla versions 3.6.2 and below stored the session ID of a user in clear text on the backend.

tags | advisory

SHA-256 | 149890b803e4ae86c47470d868985f400af66af62a7635a270d544a80c655ca2

Download | Favorite | View

ManageEngine Password Manager Pro 8.1 SQL Injection

Posted Jul 1, 2015

Authored by Blazej Adamczyk

ManageEngine Password Manager Pro version 8.1 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | e94365f40db69e762b193722e944c13b07b2ec92c6cd28f2760357708be97129

Download | Favorite | View