exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 919 RSS Feed

Files from LiquidWorm

Real NameGjoko Krstic
Email addressprivate
First Active2007-07-26
Last Active2024-08-20
View User Profile
Sielco PolyEco Digital FM Transmitter 2.0.6 Default Credentials
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco PolyEco Digital FM Transmitter version 2.0.6 uses a weak set of default administrative credentials that can be easily guessed in remote password attacks to gain full control of the system.

tags | exploit, remote
SHA-256 | 4b06b64589263878904bbae281d9bc23f194bb5f895a3a50d9058978920f6a0e
Sielco PolyEco Digital FM Transmitter 2.0.6 Cookie Brute Force
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from a cookie brute forcing vulnerability that can allow for session hijacking.

tags | exploit
SHA-256 | 8f1daeafa0b883f3bc1384e9d0ca0360450ece2b79076365d95798b698667cd0
Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from authentication bypass, account takeover / lockout, and privilege escalation vulnerabilities that can be triggered by directly calling the user object and modifying the password of the two constants user/role (user/admin). This can be exploited by an unauthenticated adversary by issuing a single POST request to the vulnerable endpoint and gain unauthorized access to the affected device with administrative privileges.

tags | exploit, vulnerability
SHA-256 | 1779dd48b3ba2fb604c2b3fe1410c7bc803e1f964aaa62ab3b478868956ced70
Sielco PolyEco Digital FM Transmitter 2.0.6 Information Disclosure
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this issue via a specially crafted request to gain access to sensitive information.

tags | exploit, remote, info disclosure
SHA-256 | 267418fd80ab371b230bbaa9fdec8767c24efde298174b16aca5925e335bcb57
Sielco PolyEco Digital FM Transmitter 2.0.6 POST Manipulation
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from a radio data system POST manipulation vulnerability.

tags | exploit
SHA-256 | e4b2d7df23ae1d7324dc922c11ba13e061cf42b3b6e86c38b42666eb035ea0d7
Sielco PolyEco Digital FM Transmitter 2.0.6 Authorization Bypass
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from an authorization bypass vulnerability.

tags | exploit, bypass
SHA-256 | 914581db2916f5747f0db33acd0f545ea153e562c456cbc46171baf8c4bada5d
Sielco PolyEco Digital FM Transmitter 2.0.6 Authentication Bypass
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco PolyEco Digital FM Transmitter version 2.0.6 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
SHA-256 | 04fe7d8ff6572fa3612a369b0c0a33163c016a620b5ff6ab9e58d326db1f5cf8
Sielco Radio Link 2.06 Remote Privilege Escalation
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Radio Link version 2.06 suffers from a remote privilege escalation vulnerability.

tags | exploit, remote
SHA-256 | 0c75a354919091616a5f5737e0902174ba1e520eeba17f8046eaaf7514082d82
Sielco Radio Link 2.06 Improper Access Control
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Radio Link version 2.06 suffers from an improper access control vulnerability that allows for a lower privileged user to change the administrator's password.

tags | exploit
SHA-256 | f9373f954a93947453ded81dc6daa3fec0b14580a358bf7dd553b39b0a3ac6e3
Sielco Radio Link 2.06 Cross Site Request Forgery
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Radio Link version 2.06 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c17546acff364d10c1872ec359f38d4d53aa3ec8bfa731bb52efa125a19521ce
Sielco Radio Link 2.06 Cookie Brute Force
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Radio Link version 2.06 suffers from a cookie brute forcing vulnerability that can allow for session hijacking.

tags | exploit
SHA-256 | b3c859a3990332816faa05fab3d576d807b312c06709f5259ba34906edcbc66e
Sielco Analog FM Transmitter 2.12 Remote Privilege Escalation
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Analog FM Transmitter version 2.12 suffers from a remote privilege escalation vulnerability.

tags | exploit, remote
SHA-256 | f9e8dacd33d3784c7f722d94e8a2f150689a024754736b4c0454360058ce7c17
Sielco Analog FM Transmitter 2.12 Improper Access Control
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Analog FM Transmitter version 2.12 suffers from an improper access control vulnerability that allows for a lower privileged user to change the administrator's password.

tags | exploit
SHA-256 | d26af0548c227a54b41c51e35c1c6513352b0b18304e8cf89730a7260c3ad51d
Sielco Analog FM Transmitter 2.12 Cross Site Request Forgery
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Analog FM Transmitter version 2.12 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c1c1c47865eb0e698992e725937498a55c55a78c7bf94b4e53ab2fcb7e6d18b5
Sielco Analog FM Transmitter 2.12 Cookie Brute Force
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Sielco Analog FM Transmitter version 2.12 suffers from a cookie brute forcing vulnerability that can allow for session hijacking.

tags | exploit
SHA-256 | 96ea285153f1385d9929ef190734969d4bc702d1d9aa0eea1a04870c880ae84a
Google Chrome Browser 111.0.5563.64 AXPlatformNodeCocoa Denial Of Service
Posted Apr 12, 2023
Authored by LiquidWorm | Site zeroscience.mk

Google Chrome Browser version 111.0.5563.64 suffers from an AXPlatformNodeCocoa fatal out-of-memory denial of service vulnerability on macOS.

tags | exploit, denial of service
SHA-256 | 0f11dee0a3ee89decd4ede4b99ca33ca5b7ef40ffe08c8c8a668fe309ac5f950
Osprey Pump Controller 1.0.1 Unauthenticated Remote Code Execution
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
SHA-256 | e3aa8cf09a10153c22c1fea563f19e0486760740b752b12095b5ec99f655864f
Osprey Pump Controller 1.0.1 Cross Site Request Forgery
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 3ff94000035eb0e3d7750af6a36a24cd3f59ddd0bf32adc49eed8270dae8c139
Osprey Pump Controller 1.0.1 Authentication Bypass
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 allows an unauthenticated attacker to create an account and bypass authentication, thereby gaining unauthorized access to the system.

tags | exploit
SHA-256 | f96ac6802073d61b8a8224120fbbc475b78857a672615467fe07f5419f23785a
Osprey Pump Controller 1.0.1 Cross Site Scripting
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | c1bf05288bbed246cc644a8fdb368c0546ebbfbb0723ec8709bda8abbafeddfd
Osprey Pump Controller 1.0.1 eventFileSelected Command Injection
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the eventFileSelected HTTP GET parameter called by DataLogView.php, EventsView.php and AlarmsView.php scripts.

tags | exploit, web, arbitrary, shell, php
SHA-256 | db0ca77f3b6262f047a41f704f1fbcabf469fa7d9140d8fddf64e48fc5dc7ab1
Osprey Pump Controller 1.0.1 userName Command Injection
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the userName HTTP POST parameter called by index.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 36296eda1780ae0ac70f0164496b08fb374f20a8169546a905c771704b399ab9
Osprey Pump Controller 1.0.1 pseudonym Command Injection
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the pseudonym HTTP POST parameter called by index.php script.

tags | exploit, web, arbitrary, shell, php
SHA-256 | 54e985965675a39585d65ec988986982607117a47b0151caf9326c6cb4e834f8
Osprey Pump Controller 1.0.1 Administrator Backdoor Access
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 has a hidden administrative account admin that has the hardcoded password Mirage1234 that allows full access to the web management interface configuration. The user admin is not visible in Usernames and Passwords menu list (120) of the application and the password cannot be changed through any normal operation of the device. The backdoor lies in the /home/pi/Mirage/Mirage_ValidateSessionCode.x ELF binary.

tags | exploit, web
SHA-256 | 20dd59fb8eec86241f48a70c218c680f5b2d35a35df76e3261cbee08ab36c4c7
Osprey Pump Controller 1.0.1 Unauthenticated File Disclosure
Posted Feb 28, 2023
Authored by LiquidWorm | Site zeroscience.mk

Osprey Pump Controller version 1.0.1 suffers from an unauthenticated file disclosure vulnerability.

tags | exploit
SHA-256 | 65257df0315232e3ca32b7770b12524374ecdcb6a15f818ee9379654da62abe3
Page 3 of 37
Back12345Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close