what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files from faisalfs10x

First Active2021-07-06
Last Active2022-11-02
Webmin 1.984 File Manager Remote Code Execution
Posted Nov 2, 2022
Authored by jheysel-r7, faisalfs10x | Site metasploit.com

In Webmin version 1.984, any authenticated low privilege user without access rights to the File Manager module could interact with file manager functionalities such as downloading files from remote URLs and changing file permissions. It is possible to achieve remote code execution via a crafted .cgi file by chaining those functionalities in the file manager.

tags | exploit, remote, cgi, code execution
advisories | CVE-2022-0824
SHA-256 | 174516108c4d106859887c676523c5bd94d8fe133ba6657e421890c8d9f7ef89
Webmin 1.984 Remote Code Execution
Posted Mar 9, 2022
Authored by faisalfs10x

Webmin version 1.984 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2022-0824
SHA-256 | 7286890f523f72cddacdb1075dae1a9d259f00e38f0108409ebfb8be0654690a
RiteCMS 3.1.0 Arbitrary File Overwrite
Posted Jan 5, 2022
Authored by faisalfs10x

RiteCMS versions 3.1.0 and below suffer from an arbitrary file overwrite vulnerability.

tags | exploit, arbitrary
SHA-256 | e9fa75c629af64ae183c5725e751e06ae70b1b99a2ae57f02be8cb0d8c246b33
RiteCMS 3.1.0 Arbitrary File Deletion
Posted Jan 5, 2022
Authored by faisalfs10x

RiteCMS versions 3.1.0 and below suffer from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 1df19daa585e534af2fdd30939aae2a3e509e07d0fc2be95e5611c25f6237ab1
RiteCMS 3.1.0 Shell Upload / Remote Code Execution
Posted Jan 5, 2022
Authored by faisalfs10x

RiteCMS versions 3.1.0 and below suffer from multiple methodologies that allow for a shell upload.

tags | exploit, shell
advisories | CVE-2021-46367
SHA-256 | 69e05c5f55d9345dbff8780f4b23ea8c5642b129f90af8f048103ac9bb8962b5
XOS Shop 1.0.9 Arbitrary File Deletion
Posted Jul 26, 2021
Authored by faisalfs10x

XOS Shop version 1.0.9 suffers from an authenticated arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 6f8b017fcb905dadb6bf19edef6c377d8386f4f1960c35cbb20f753ea24da872
CSZ CMS 1.2.9 Arbitrary File Deletion
Posted Jul 21, 2021
Authored by faisalfs10x

CSZ CMS version 1.2.9 suffers from an arbitrary file deletion vulnerability.

tags | exploit, arbitrary
SHA-256 | 8df23b57005e825721dd10ab97928c0cfd872018d576cb42f57f009138e7dd93
News Portal Project 3.1 SQL Injection
Posted Jul 21, 2021
Authored by faisalfs10x

News Portal Project version 3.1 suffers from multiple remote time-based SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 3f56ebd1b9bbf5e77165fd6880d47dc10e5c4c00a42cb8ff45cb77a53362d347
Online Shopping Portal 3.1 SQL Injection
Posted Jul 21, 2021
Authored by faisalfs10x

Proof of concept code for a time-based blind remote SQL injection vulnerability in Online Shopping Portal version 3.1. This is a variant of the original discovery of SQL injection in this version by Umit Yalcin in July of 2020.

tags | exploit, remote, sql injection, proof of concept
SHA-256 | 767219aec319fdaf3843c6a3cee1e6adffa3ddc30ff33399b70b01cfabe1a3d6
Vehicle Parking Management System 1.0 SQL Injection
Posted Jul 21, 2021
Authored by faisalfs10x

Vehicle Parking Management System version 1.0 suffers from a remote SQL injection vulnerability. Original discovery of SQL injection in this version is attributed to gh1mau in July of 2020.

tags | exploit, remote, sql injection
SHA-256 | 4cd8f0375100e5b08ef632a5d81e17f0c41e7de6fbd847bb2265513d0f7ccc89
Vehicle Parking Management System 1.0 Cross Site Scripting
Posted Jul 21, 2021
Authored by faisalfs10x

Vehicle Parking Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version is attributed to Tushar Vaidya in February of 2021.

tags | exploit, xss
SHA-256 | 9bec80e5c2a5aa1ef11d5bf7ba3fefc9dd167b4102e4b463a46172b3e3c4bd46
PEEL Shopping 9.3.0 SQL Injection
Posted Jul 17, 2021
Authored by faisalfs10x

PEEL Shopping version 9.3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | bb075e29d3bbfafef1042c9720d8285f75488e0c4067d3cf5021548fc4c93b8f
Online Covid Vaccination Scheduler System 1.0 Shell Upload
Posted Jul 8, 2021
Authored by faisalfs10x

Online Covid Vaccination Scheduler System version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 4b00627f9d97cd1cf78b8ef09aaada4fbe79cad01061c59440da2eadc6def00d
Online Covid Vaccination Scheduler System 1.0 SQL Injection
Posted Jul 7, 2021
Authored by faisalfs10x

Online Covid Vaccination Scheduler System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 32a4ebe3a2c4d0408162c566f003abfc0258309dc6f2635c17de7c4a2d850b46
Phone Shop Sales Managements System 1.0 SQL Injection
Posted Jul 6, 2021
Authored by faisalfs10x

Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection
advisories | CVE-2021-36624
SHA-256 | e5bc430fc4ad7d6f227a8c1a5fcd8a552e5a272a0958308866a3041d552b4428
Phone Shop Sales Managements System 1.0 Shell Upload
Posted Jul 6, 2021
Authored by faisalfs10x

Phone Shop Sales Managements System version 1.0 shell upload exploit. This is a variant of the original discovery made in this version of the software by Richard Jones in April of 2021.

tags | exploit, shell
SHA-256 | 741ee4649f85470c6abf3e9d7ca9af0640a3297efc7e3ba82a49e4ebe98b8837
Pallets Werkzeug 0.15.4 Path Traversal
Posted Jul 6, 2021
Authored by faisalfs10x

Proof of concept exploit for a path traversal vulnerability in Pallets Werkzeug version 0.15.4.

tags | exploit, proof of concept
advisories | CVE-2019-14322
SHA-256 | 4f5c6bd91b62008c37cb7bf8cbae42390e891388493b81718362ca9738d106b3
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close