what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 109 RSS Feed

Files from Janek Vind aka waraxe

Email addresscome2waraxe at yahoo.com
First Active2004-02-03
Last Active2019-08-08
MapProxy 1.11.0 Cross Site Scripting
Posted Aug 8, 2019
Authored by Janek Vind aka waraxe | Site waraxe.us

MapProxy version 1.11.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | a9aae15cabb9ca5a2a8ed841e7e6c686deeccde29935c21bf129b46604d98da6
WordPress Wordfence 7.1.12 XSS / Username Disclosure
Posted Oct 18, 2018
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Wordfence plugin version 7.1.12 suffers from bypass, cross site scripting, and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7bd9c300ee5c12f903f4a443c03eeac48af0e1085041a04c331ee74dccfda5db
WordPress Breadcrumb NavXT 6.1.0 Username Disclosure
Posted Sep 27, 2018
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Breadcrumb NavXT plugin version 6.1.0 suffers from a username disclosure vulnerability.

tags | exploit
SHA-256 | a7d331bc7a3c3c5f71c497eb152d46ea8fb5956444bfa1d2462d1d680b57b936
WordPress FV Flowplayer 7.2.0.727 Cross Site Scripting
Posted Sep 21, 2018
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress FV Flowplayer plugin version 7.2.0.727 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | fe238bd67c74b6ab772c15bb15bc015aa19431e59fe64ef72c699cbe463baa5f
Saurus CMS 4.7.1 4.7.1 LFI / RFI / XSS / SQL Injection / Traversal / CSRF
Posted Jul 15, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Saurus CMS version 4.7.1 suffers from cross site scripting, remote file inclusion, local file inclusion, information disclosure, remote SQL injection, HTTP response splitting, cross site request forgery, and directory traversal vulnerabilities.

tags | exploit, remote, web, local, vulnerability, xss, sql injection, file inclusion, info disclosure, csrf
SHA-256 | b52a1c3cfedd7ec254223b0a31cf381969950ec828d4cd8eca7bea868182a7f5
Spider Event Calendar 1.3.0 Cross Site Scripting / Path Disclosure / SQL Injection
Posted May 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Spider Event Calendar version 1.3.0 is a Wordpress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | e1280c273978d2943c741ebee56c227367b4ac94ad923128afa07f35b1146ed6
Spider Catalog 1.4.6 Cross Site Scripting / Path Disclosure / SQL Injection
Posted May 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Spider Catalog version 1.4.6 is a Wordpress plugin that suffers from multiple cross site scripting, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 37e63ff3e32d65df162db6c051518d4a1fcd556135bdae06ee5a5a69e189c813
phpMyAdmin Authenticated Remote Code Execution
Posted Apr 29, 2013
Authored by Janek Vind aka waraxe | Site metasploit.com

This Metasploit module exploits a PREG_REPLACE_EVAL vulnerability in phpMyAdmin's replace_prefix_tbl within libraries/mult_submits.inc.php via db_settings.php. This affects versions 3.5.x below 3.5.8.1 and 4.0.0 below 4.0.0-rc3. PHP versions greater than 5.4.6 are not vulnerable.

tags | exploit, php
advisories | CVE-2013-3238, OSVDB-92793
SHA-256 | cde46aba3bb442a48c277780f2ae183ec296c40bdbad1fb176830924a1405679
phpMyAdmin 3.5.8 / 4.0.0-RC2 Code Execution / LFI / Overwrite
Posted Apr 25, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

phpMyAdmin versions 3.5.8 and 4.0.0-RC2 suffer from multiple remote code execution, local file inclusion, and array overwrite vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion
advisories | CVE-2013-3238, CVE-2013-3239, CVE-2013-3240, CVE-2013-3241
SHA-256 | 5f5b20d982ae97824512b1c23808b9c17b328dae83d316eee98cdebbab52a1c6
phpMyAdmin 3.5.7 Cross Site Scripting
Posted Apr 10, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

phpMyAdmin version 3.5.7 suffers from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 373323d449040d80cf19a424efb57660421ebce6af076a5b804b8d44f7724af3
mRemote 1.50 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

mRemote version 1.50 suffers from an update spoofing vulnerability.

tags | exploit, spoof
SHA-256 | c1de31f6f8728351a15b518d67f8c93d6869670704738ea370459b1e5c0cd954
Royal TS 2.1.5 Update Spoofing
Posted Mar 29, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

Royal TS version 2.1.5 suffers from an update spoofing vulnerability.

tags | exploit, spoof
SHA-256 | bbdbe2cbd87607168248afc01ef7c42de353e86ceb6dd83377794643f9bbeb09
LibreOffice 4.0.1.2 Update Spoofing
Posted Mar 22, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

LibreOffice version 4.0.1.2 suffers from an update spoofing vulnerability due to not using a secure channel nor digital signatures.

tags | exploit, spoof
SHA-256 | 0fd0fd152553fcde204b860ae9af883db4511e308c44f058a80c84db259f2843
OpenCart 1.5.5.1 Directory Traversal
Posted Mar 20, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

OpenCart version 1.5.5.1 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | d4fb0138400954a2ffd3deaf9aa1b199b065826234b68bb121e49aa9e20d7686
PHP-Fusion 7.02.05 XSS / LFI / SQL Injection
Posted Mar 1, 2013
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Fusion version 7.02.05 suffers from insecure backup handling, cross site scripting, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, php, vulnerability, xss, sql injection, file inclusion
SHA-256 | fa7b586afe0a410a0efe0520e47423439ff8a65220c5db6358b160d972751277
Zenphoto 1.4.3.3 SQL Injection / Interface Exposure / XSS
Posted Nov 5, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Zenphoto version 1.4.3.3 suffers from multiple vulnerabilities including an administrative interface exposure, cross site scripting, file restriction bypass, path disclosure, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 9f53c22a8ac57740fc1010024ab439c0b07a1d45e41292904b2e8ec52af6e23d
WordPress FoxyPress 0.4.2.5 XSS / CSRF / SQL Injection
Posted Oct 30, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress FoxyPress plugin version 0.4.2.5 suffers from cross site request forgery, cross site scripting, path disclosure, remote shell upload, open redirect, and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection, csrf
SHA-256 | de830eed195cbfc1599a0dbca00d8fe76804c6bb2f451f88dcf2319725caba6a
WordPress GRAND Flash Album Gallery SQL Injection / Disclosure / File Overwrite
Posted Oct 25, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress GRAND Flash Album Gallery plugin versions 1.9.0 and 2.0.0 suffer from file disclosure, file overwrite, directory traversal, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | 8eac246e079c2e20610ea5b3fb4b19023d217d4774055a243a7bbe5f34191b0c
Wordpress Social Discussions 6.1.1 File Inclusion / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Social Discussions plugin version 6.1.1 suffers from local file inclusion, path disclosure, and remote file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, file inclusion
SHA-256 | 6933e3b623f1553697b15b2ffeb7d2791b92487442eb60c7da616d9ff9df1f71
WordPress Slideshow 2.1.12 Cross Site Scripting / Path Disclosure
Posted Oct 18, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

WordPress Slideshow plugin versions 2.1.12 and below suffer from cross site scripting and path disclosure vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | da1af48b7e10782660bd99d291eaed392728e957f960e5ad28cedbd89efdf24e
phpMyBitTorrent 2.04 SQL Injection / Local File Inclusion
Posted Oct 3, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

phpMyBitTorrent version 2.04 suffers from insecure cache handling, remote file disclosure, local file inclusion, and remote SQL injection vulnerabilities.

tags | exploit, remote, local, vulnerability, sql injection, file inclusion
SHA-256 | 25fb87d1faed33e02e6892952db60e041cb9171205e8aec0e9f52fbac8d97fb7
Thomson SpeedTouch ST780 Insecure SSL Connection
Posted Sep 25, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Thomson SpeedTouch ST780, by design, has mixed content in the DOM during an SSL encapsulated session.

tags | advisory
SHA-256 | 9f6490ea623fbe7b601d57d1e4cd0577e84849f09b056198d080aee040e37ad6
TorrentTrader 2.08 XSS / Directory Traversal / Bypass
Posted Sep 17, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

TorrentTrader version 2.08 suffers from authorization bypass, cross site scripting, path disclosure, and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 7185dd5b6ed5a821ecd9a5ec901d5d961227f2ab65af5e4ed90e84f1cd946946
Joomla 2.5.4 Cross Site Scripting
Posted May 3, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Joomla version 2.5.4 suffers from a cross site scripting vulnerability in the administrative sysinfo page.

tags | exploit, xss
advisories | CVE-2012-2412
SHA-256 | d3e0916a3d65dc13f3285d97784500de31ef52e38715fbb01563ab87c0892607
Joomla 1.5.26 ja_purity Cross Site Scripting
Posted May 3, 2012
Authored by Janek Vind aka waraxe | Site waraxe.us

Joomla version 1.5.26 suffers from a cross site scripting vulnerability in the ja_purity template.

tags | exploit, xss
advisories | CVE-2012-2413
SHA-256 | 829e40f497b4b9a912618e7d916c1875a88063054d2b245603c57bfe9e1f36a6
Page 1 of 5
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close