exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

Files from Sipke Mellema

First Active2016-08-01
Last Active2019-11-12
FlexAir Access Control 2.3.38 Command Injection
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

FlexAir Access Control versions 2.3.38 and below remote root command injection exploit.

tags | exploit, remote, root
advisories | CVE-2019-7669
SHA-256 | cb717b6ad90bc22e69a5212d52b87a75df347efe9a4d23597caf7aa0014e3f70
I Own Your Building (Management System)
Posted Nov 12, 2019
Authored by LiquidWorm, Sipke Mellema | Site applied-risk.com

Whitepaper called I Own Your Building (Management System). It discusses various systems used to manage buildings and associated vulnerabilities with them.

tags | paper, vulnerability
SHA-256 | ff76ce112f91478ee9e0a757f659ce695f5c01de979be62af818e2f7a2659621
Linear eMerge50P/5000P 4.6.07 Remote Code Execution
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

Linear eMerge50P/5000P 4.6.07 remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2019-7266, CVE-2019-7267, CVE-2019-7268, CVE-2019-7269
SHA-256 | 1c8c73c8e7225f43b4980da9440953c70717fce0b2c066cb414a097b8ce59ed3
Computrols CBAS-Web 19.0.0 Command Injection
Posted Nov 12, 2019
Authored by Sipke Mellema | Site applied-risk.com

Computrols CBAS-Web versions 19.0.0 and below unauthenticated remote command injection exploit.

tags | exploit, remote, web
SHA-256 | 2625854a601ed5d2bf080e9961100c719f824891f08c781adbbfbda8c715689a
VTech DigiGo 83.60630 Browser Overlay Attack
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware 83.60630 suffers from a browser overlay attack vulnerability.

tags | exploit
SHA-256 | a08bb9d4f448fbb6f9f63a559f19f3797bec827496e85a2dc0d075a49501d4fe
VTech DigiGo 83.60630 Broken TLS Certificate Validation
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware version 83.60630 fails to perform validation of TLS certificates.

tags | exploit
SHA-256 | f9da9299e285b5c8f647f4ba06b7a3c22775d378407e62fae4db31ce2e6430e4
VTech DigiGo 83.60630 Certificate Pinning
Posted Jan 15, 2018
Authored by Securify B.V., Sipke Mellema

VTech DigiGo with firmware version 83.60630 fails to perform certificate pinning in some flows.

tags | advisory
SHA-256 | fbc2e5441ec18dd6ee8c571c38633af18aa0a410698dad29af738dc875633979
Virtuozzo Power Panel (VZPP) 6.1.2 Buffer Over-Read
Posted Jul 5, 2017
Authored by Securify B.V., Sipke Mellema

Virtuozzo Power Panel (VZPP) and Automator version 6.1.2 suffers from a buffer over-read vulnerability.

tags | advisory
SHA-256 | 7be26c32161b9c5bdd16002cd161843f760e5431f129b4470ea901ed6ebe8986
WordPress 4.5.3 Press This Function CSRF / Denial Of Service
Posted Mar 7, 2017
Authored by Securify B.V., Sipke Mellema

WordPress version 4.5.3 Press This Function suffers from a cross site request forgery vulnerability that can cause a denial of service condition.

tags | exploit, denial of service, csrf
SHA-256 | de145ef3bc873acf8a99d1111a4fd9c6935562c58f6699d854cbf9913dc87e88
WordPress Image Gallery 1.9.65 Cross Site Scripting
Posted Nov 24, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Image Gallery plugin version 1.9.65 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 0bb0d94ef5393df1da4ec3d3dd81c9738261921d4c15cfd9d9d4d0d680c19feb
WordPress Instagram Feed 1.4.6.2 Cross Site Scripting / Cross Site Request Forgery
Posted Nov 20, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Instagram Feed plugin version 1.4.6.2 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 8c232c763429aed63e5b28b16fa33e0f73a8715bf58d2dc309b8f4d2b55e9e39
WordPress W3 Total Cache 0.9.4.1 Cross Site Scripting
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress W3 Total Cache plugin version 0.9.4.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | dad348fbfcafead56be5e0cbe894d149a654cc0e0a985c5d4ecbd785eae06fff
WordPress W3 Total Cache 0.9.4.1 Race Condition
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

An information disclosure vulnerability was found in the W3 Total Cache plugin. This issue allows an attacker to hijack sensitive information, such as the administrator's session cookie. Exploiting the vulnerability is possible during a short period of time when an administrator submits the support form. Version 0.9.4.1 is affected.

tags | exploit, info disclosure
SHA-256 | 7a6aaf418ea8e714659aa334b04274d3631ce06a115fe6141fe555d1aa58a51d
WordPress Google Maps 6.3.14 Cross Site Request Forgery
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Google Maps plugin version 6.3.14 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | f561f52225402b48f3f253963d3a14e7732f445a9eb81cedba6aa67394d63d00
WordPress W3 Total Cache Amazon SNS Push Messages Weak Validation
Posted Nov 11, 2016
Authored by Securify B.V., Sipke Mellema

A vulnerability in the validation of Amazon SNS messages was found in the W3 Total Cache plugin. This issue allows an attacker to perform a variety of actions concerning the server's cache, which may result in a denial of service attack. Version 0.9.4.1 is affected.

tags | exploit, denial of service
SHA-256 | 59cce5048bc779a87a1b48d11a7eaae8585ecf4fcf88a05433fae03944d7dfd8
WordPress Woocommerce 2.6.2 API Cross Site Scripting
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress Woocommerce version 2.6.2 suffers from an API related cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 966ca6305221b6545964485545c9145c5f9af5bec2754630836e28af8722fec3
WordPress InfiniteWP Admin Panel 2.8.0 Authorization Bypass
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress InfiniteWP Admin Panel version 2.8.0 suffers from an authorization bypass vulnerability.

tags | exploit, bypass
SHA-256 | f0a3fd0adecee87dc4703e392a9724bd2a0c46a482e40d6e291bed9f76b941de
WordPress InfiniteWP Admin Panel 2.8.0 Command Injection
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress InfiniteWP Admin Panel version 2.8.0 suffers from a command injection vulnerability.

tags | exploit
SHA-256 | 9a2f56e0d388524d1d706460eeac6bad439c42e829699ec509f6b08b7ba95106
WordPress MailPoet Newsletters 2.7.2 Cross Site Scripting
Posted Sep 10, 2016
Authored by Securify B.V., Sipke Mellema

WordPress MailPoet Newsletters 2.7.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 40cda53c6d2f269be14469db80a095b9ca3c018394ed435682d0e8b2bf87c80f
WordPress All-In-One Security / Firewall 4.1.2 CAPTCHA Bypass
Posted Aug 1, 2016
Authored by Securify B.V., Sipke Mellema

WordPress All-In-On Security and Firewall plugin version 4.1.2 suffers from multiple CAPTCHA bypass vulnerabilities.

tags | exploit, vulnerability, bypass
SHA-256 | c84fb0a5553b928adc93a094721388affd5ba2494ec669021d333fcfb5d92381
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close