what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 11 of 11

Files from Wolfgang Hotwagner

ForkCMS PHP Object Injection

Posted Mar 12, 2021

Authored by Wolfgang Hotwagner | Site ait.ac.at

ForkCMS versions prior to 5.8.3 suffer from a PHP object injection vulnerability.

tags | exploit, php

advisories | CVE-2020-24036

MD5 | 93c0c401241bf2a388e76209eb207357

Download | Favorite | View

QCubed 3.1.1 Cross Site Scripting

Posted Mar 12, 2021

Authored by Wolfgang Hotwagner | Site ait.ac.at

QCubed versions 3.1.1 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2020-24912

MD5 | 73fd3916e76f66af8fae7b076246c80b

Download | Favorite | View

QCubed 3.1.1 SQL Injection

Posted Mar 12, 2021

Authored by Wolfgang Hotwagner | Site ait.ac.at

QCubed versions 3.1.1 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2020-24913

MD5 | 640b998f6ca739a394e1c0ce5cde9663

Download | Favorite | View

QCubed 3.1.1 PHP Object Injection

Posted Mar 12, 2021

Authored by Wolfgang Hotwagner | Site ait.ac.at

QCubed versions 3.1.1 and below suffer from a PHP object injection vulnerability.

tags | exploit, php

advisories | CVE-2020-24914

MD5 | d8f336d29a03cf633ebe23cf5d9ed9a0

Download | Favorite | View

Creative Contact Form 4.6.2 Directory Traversal

Posted Mar 8, 2020

Authored by Wolfgang Hotwagner

Creative Contact Form version 4.6.2 before Dec 03 2019 suffers from a directory traversal vulnerability.

tags | exploit

advisories | CVE-2020-9364

MD5 | 214d2fbface85530e42d8edad6389432

Download | Favorite | View

OkayCMS 2.3.4 Remote Code Execution

Posted Dec 6, 2019

Authored by Wolfgang Hotwagner

OkayCMS versions 2.3.4 and below suffer from remote code execution vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2019-16885

MD5 | ac48925812fe6df9cf4011ec5409f36d

Download | Favorite | View

FreeRadius 3.0.19 Logrotate Privilege Escalation

Posted Nov 15, 2019

Authored by Wolfgang Hotwagner

FreeRadius versions 3.0.19 and below suffer from a privilege escalation vulnerability via insecure logrotate use.

tags | exploit

advisories | CVE-2019-10143

MD5 | 38f7cd44ce6153a2cf84f8f2f5819066

Download | Favorite | View

Logrotate 3.15.1 Privilege Escalation

Posted Oct 7, 2019

Authored by Wolfgang Hotwagner

Logrotate versions up to and including 3.15.1 suffer from a privilege escalation vulnerability.

tags | exploit

MD5 | e0939c07b9af14f071e983c42f6ba65d

Download | Favorite | View

GitLab Omnibus 12.2.1 Logrotate Privilege Escalation

Posted Oct 5, 2019

Authored by Wolfgang Hotwagner

Gitlab Omnibus versions 7.4 through 12.2.1 suffer from a privilege escalation vulnerability that leverages a race condition in logrotate, resulting in a root shell.

tags | exploit, shell, root

advisories | CVE-2019-15741

MD5 | 3955d1e8b33d1e3a16022e0127d1dc28

Download | Favorite | View

OpenElec 6.0.3 / 7.0.1 Code Execution

Posted Mar 6, 2017

Authored by Wolfgang Hotwagner

OpenElec versions 6.0.3 and 7.0.1 suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution

advisories | CVE-2017-6445

MD5 | aac25622ef669cb52b03333aaa0db641

Download | Favorite | View

VirtualBox Privilege Escalation

Posted Jan 28, 2017

Authored by Wolfgang Hotwagner

VirtualBox versions prior to 5.0.32 and prior to 5.1.14 suffer from a privilege escalation vulnerability.

tags | exploit

advisories | CVE-2017-3316

MD5 | efabf266fc1bfe3166c49dc0824e8238

Download | Favorite | View