exploit the possibilities
Showing 1 - 20 of 20 RSS Feed

Files from Sipke Mellema

First Active2016-08-01
Last Active2019-11-12
FlexAir Access Control 2.3.38 Command Injection
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

FlexAir Access Control versions 2.3.38 and below remote root command injection exploit.

tags | exploit, remote, root
advisories | CVE-2019-7669
MD5 | bda839dcfe5896e2d89cbe0e3d1f28f1
I Own Your Building (Management System)
Posted Nov 12, 2019
Authored by LiquidWorm, Sipke Mellema | Site applied-risk.com

Whitepaper called I Own Your Building (Management System). It discusses various systems used to manage buildings and associated vulnerabilities with them.

tags | paper, vulnerability
MD5 | 8692e82de5e87a163782764b7bbeaff7
Linear eMerge50P/5000P 4.6.07 Remote Code Execution
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

Linear eMerge50P/5000P 4.6.07 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-7266, CVE-2019-7267, CVE-2019-7268, CVE-2019-7269
MD5 | 2789c6b2f40bbe8a15601a4c42957f1d
Computrols CBAS-Web 19.0.0 Command Injection
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below unauthenticated remote command injection exploit.

tags | exploit, remote, web
MD5 | 50d03aaede914ca877d49bdec4da6d01
VTech DigiGo 83.60630 Browser Overlay Attack
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware 83.60630 suffers from a browser overlay attack vulnerability.

tags | exploit
MD5 | 77cea9e9382eded61fbed8053c84a2ad
VTech DigiGo 83.60630 Broken TLS Certificate Validation
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware version 83.60630 fails to perform validation of TLS certificates.

tags | exploit
MD5 | 59ddde2caff6394072eed1459a12fd42
VTech DigiGo 83.60630 Certificate Pinning
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware version 83.60630 fails to perform certificate pinning in some flows.

tags | advisory
MD5 | b42e1511b7ec7a18c5d96a398e4d3d07
Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read
Posted Jul 5, 2017
Authored by Securify B.V., Sipke Mellema

Virtuozzo Power Panel (VZPP) and Automator version 6.1.2 suffers from a buffer over-read vulnerability.

tags | advisory
MD5 | 2af4bc88b18673fd24ac2f529c2fd96b
WordPress 4.5.3 Press This Function CSRF / Denial Of Service
Posted Mar 7, 2017
Authored by Securify B.V., Sipke Mellema

WordPress version 4.5.3 Press This Function suffers from a cross site request forgery vulnerability that can cause a denial of service condition.

tags | exploit, denial of service, csrf
MD5 | 83fd7fe78cebb4f12e22a40081367585
WordPress Image Gallery 1.9.65 Cross Site Scripting
Posted Nov 24, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0348155d964562c5432c19dd743820e2
WordPress Instagram Feed 1.4.6.2 Cross Site Scripting / Cross Site Request Forgery
Posted Nov 20, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Instagram Feed plugin version 1.4.6.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | cefe4eda32f9bf6dfd4b119a654b8251
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress W3 Total Cache plugin version 0.9.4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 540b8fa59c92fee27670136b915841aa
WordPress W3 Total Cache 0.9.4.1 Race Condition
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the support form. Version 0.9.4.1 is affected.

tags | exploit, info disclosure
MD5 | f4944a81070ec53fc3f9cc16169fd2f0
WordPress Google Maps 6.3.14 Cross Site Request Forgery
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Google Maps plugin version 6.3.14 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 4b176c3c006c97fe472b49e1045f1114
WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected.

tags | exploit, denial of service
MD5 | 530b6c7891343fb9d1140ce5cbda0d8a
WordPress Woocommerce 2.6.2 API Cross Site Scripting
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Woocommerce version 2.6.2 suffers from an API related cross site scripting vulnerability.

tags | exploit, xss
MD5 | c37b485881fa1b91c27088e2d7717d70
WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress InfiniteWP Admin Panel version 2.8.0 suffers from an authorization bypass vulnerability.

tags | exploit, bypass
MD5 | cc1e49310d62cb94080934ef694354d4
WordPress InfiniteWP Admin Panel 2.8.0 Command Injection
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress InfiniteWP Admin Panel version 2.8.0 suffers from a command injection vulnerability.

tags | exploit
MD5 | 887f0ed6e301bc620514d8b242b87f9b
WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress MailPoet Newsletters 2.7.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9692fad3cc8b9bf6560fa72171b54215
WordPress All-In-One Security / Firewall 4.1.2 CAPTCHA Bypass
Posted Aug 1, 2016
Authored by Securify B.V., Sipke Mellema

WordPress All-In-On Security and Firewall plugin version 4.1.2 suffers from multiple CAPTCHA bypass vulnerabilities.

tags | exploit, vulnerability, bypass
MD5 | eadcee9144c7f7cbaad656157117c8dc
Page 1 of 1
Back1Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    21 Files
  • 22
    Jan 22nd
    19 Files
  • 23
    Jan 23rd
    19 Files
  • 24
    Jan 24th
    11 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close