what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Daniele Scanu

First Active2019-03-15
Last Active2019-11-13
CMS Made Simple 2.2.8 Remote Code Execution
Posted Nov 13, 2019
Authored by Daniele Scanu | Site metasploit.com

An issue was discovered in CMS Made Simple version 2.2.8. In the module DesignManager (in the files action.admin_bulk_css.php and action.admin_bulk_template.php), with an unprivileged user with Designer permission, it is possible to reach an unserialize call with a crafted value in the m1_allparms parameter, and achieve object injection. This Metasploit module has been successfully tested on CMS Made Simple versions 2.2.6, 2.2.7, 2.2.8, 2.2.9 and 2.2.9.1.

tags | exploit, php
advisories | CVE-2019-9055
SHA-256 | 89958144f8e021770610570a9f70bd342705de89876594b1eeaf56a68799f77d
WordPress Form Maker 1.13.3 SQL Injection
Posted May 13, 2019
Authored by Daniele Scanu

WordPress Form Maker plugin version 1.13.3 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-10866
SHA-256 | 426b45d32947941f83dd2c060d6278e5306070cc490f5c008dfa7eb4efe3bc5a
Pimcore Unserialize Remote Code Execution
Posted Apr 29, 2019
Authored by Daniele Scanu, Fabio Cogno | Site metasploit.com

This Metasploit module exploits a PHP unserialize() in Pimcore before 5.7.1 to execute arbitrary code. An authenticated user with "classes" permission could exploit the vulnerability. The vulnerability exists in the "ClassController.php" class, where the "bulk-commit" method makes it possible to exploit the unserialize function when passing untrusted values in "data" parameter. Tested on Pimcore 5.4.0-5.4.4, 5.5.1-5.5.4, 5.6.0-5.6.6 with the Symfony unserialize payload. Tested on Pimcore 4.0.0-4.6.5 with the Zend unserialize payload.

tags | exploit, arbitrary, php
advisories | CVE-2019-10867
SHA-256 | e9668485fecf0de5fb772aff42ff232d1d7e80b39adcab869e40e189d37c4459
CMS Made Simple SQL Injection
Posted Apr 2, 2019
Authored by Daniele Scanu

CMS Made Simple versions prior to 2.2.10 suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2019-9053
SHA-256 | 15dcb3716a8e35a8688386af84e732041c8e06152ee9a78d1ef286a0e3c5b28b
CMS Made Simple (CMSMS) Showtime2 File Upload Remote Command Execution
Posted Mar 27, 2019
Authored by Daniele Scanu, Fabio Cogno | Site metasploit.com

This Metasploit module exploits a file upload vulnerability that allows for remote command execution in Showtime2 module versions 3.6.2 and below in CMS Made Simple (CMSMS). An authenticated user with "Use Showtime2" privilege could exploit the vulnerability. The vulnerability exists in the Showtime2 module, where the class "class.showtime2_image.php" does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). Tested on Showtime2 3.6.2, 3.6.1, 3.6.0, 3.5.4, 3.5.3, 3.5.2, 3.5.1, 3.5.0, 3.4.5, 3.4.3, 3.4.2 on CMS Made Simple (CMSMS) 2.2.9.1.

tags | exploit, remote, php, file upload
advisories | CVE-2019-9692
SHA-256 | 1df098a0e8333fb97bab3cd80dd2de6a5ea4a18a6d09b8daa9ff38cd10e5965a
CMS Made Simple Showtime2 3.6.2 Arbitrary File Upload
Posted Mar 15, 2019
Authored by Daniele Scanu

CMS Made Simple Showtime2 module version 3.6.2 suffers from an authenticated arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
advisories | CVE-2019-9692
SHA-256 | fa20c0dbf5abddd0ecf04e638c87694a61d978bf9edf8380b83ae038d3fe85d9
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close