exploit the possibilities
Showing 51 - 75 of 592 RSS Feed

Files from LiquidWorm

Real NameGjoko Krstic
Email addressprivate
First Active2007-07-26
Last Active2019-02-05
View User Profile
ShoprLynx 9.2.3 Insecure File Permissions
Posted Apr 2, 2018
Authored by LiquidWorm | Site zeroscience.mk

ShoprLynx version 9.2.3 suffers from an insecure file permissions vulnerability.

tags | exploit
MD5 | 34cb6eae09a136075078fd8f17fca5cf
Prisma Industriale Checkweigher PrismaWEB 1.21 Authentication Bypass
Posted Mar 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

Prisma Industriale Checkweigher PrismaWEB version 1.21 suffers from a disclosure of hard-coded credentials allowing an attacker to effectively bypass authentication.

tags | exploit
MD5 | b7858a4748a47003ff9bf167d75ec5f5
LogicalDOC Enterprise 7.7.4 Post-Auth Command Execution
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from a post-authentication command execution vulnerability via binary path manipulation.

tags | exploit
MD5 | e3fe47ad35b3d7c50efc277593f5c2e8
LogicalDOC Enterprise 7.7.4 Username Enumeration Weakness
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from a username enumeration weakness vulnerability.

tags | exploit
MD5 | 7eb4ae7f1eb49cf2bba6c2410c67f20e
LogicalDOC Enterprise 7.7.4 Directory Traversal
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from directory traversal vulnerabilities.

tags | exploit, vulnerability
MD5 | 9ee220e0a17d5ba3310790d0d9187453
LogicalDOC Enterprise 7.7.4 Reflected Cross Site Scripting
Posted Feb 12, 2018
Authored by LiquidWorm | Site zeroscience.mk

LogicalDOC Enterprise version 7.7.4 suffers from reflected cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 86803762f6ec08d63b2138780616ee41
NEC Univerge SV9100/SV8100 WebPro 10.0 Remote Configuration Download
Posted Jan 23, 2018
Authored by LiquidWorm | Site zeroscience.mk

NEC Univerge SV9100/SV8100 WebPro version 10.0 suffers from a remote configuration download vulnerability. The gzipped telephone system configuration file 'config.gz' or 'config.pcpx' that contains the unencrypted data file 'conf.pcpn', can be downloaded by an attacker from the root directory if previously generated by a privileged user.

tags | exploit, remote, root, telephony
MD5 | 2759a253ffd0eae1cba057f2808ce6e5
Xerox DC260 EFI Fiery Controller Webtools 2.0 Arbitrary File Disclosure
Posted Dec 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

Xerox DC260 EFI Fiery Controller Webtools version 2.0 suffers from an arbitrary file disclosure vulnerability.

tags | exploit, arbitrary
MD5 | a44e185804302ccb4969d4ebe063fbdf
Easy!Appointments 1.2.1 Cross Site Scripting
Posted Dec 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

Easy!Appointments version 1.2.1 suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | cc878f4e3c383245a7d2b094db8ec62b
Telesquare SKT LTE Router SDT-CS3B1 Denial Of Service
Posted Dec 27, 2017
Authored by LiquidWorm | Site zeroscience.mk

The Telesquare SKT LTE SDT-CS3B1 router suffers from a denial of service vulnerability.

tags | exploit, denial of service
MD5 | 8129b483c3501d8504489290a0bc7fca
Telesquare SKT LTE Router SDT-CS3B1 CSRF / Command Execution
Posted Dec 27, 2017
Authored by LiquidWorm | Site zeroscience.mk

The Telesquare SKT LTE SDT-CS3B1 router suffers from authenticated arbitrary system command execution. The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

tags | exploit, web, arbitrary, csrf
MD5 | 4b9db3573ba7740ca38f47752d155a59
Telesquare SKT LTE Router SDT-CS3B1 Insecure Direct Object Reference
Posted Dec 27, 2017
Authored by LiquidWorm | Site zeroscience.mk

The Telesquare SKT LTE SDT-CS3B1 router suffers from an insecure direct object reference vulnerability that leaks information.

tags | exploit
MD5 | db1593281d62ffff1489492ceca8e361
Allworx Server Manager 6x / 6x12 / 48x Cross Site Scripting
Posted Nov 15, 2017
Authored by LiquidWorm | Site zeroscience.mk

Allworx Server Manager versions 6x, 6x12, and 48x suffer from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 03843045c240dd5452b85689aaa3d6b7
Mikogo 5.4.1.160608 Local Credentials Disclosure
Posted Oct 24, 2017
Authored by LiquidWorm | Site zeroscience.mk

Mikogo version 5.4.1.160608 is vulnerable to local credential disclosure. The supplied password is stored as a MD5 hash format in memory. A potential attacker could reveal the supplied password hash and re-use it or store it via the configuration file in order to gain access to the account.

tags | exploit, local
MD5 | 419a8443310d3d0785a7ddbe412a4f5d
FLIR Systems FLIR Thermal Camera F/FC/PT/D Hard-Coded SSH Credentials
Posted Sep 25, 2017
Authored by LiquidWorm | Site zeroscience.mk

FLIR utilizes hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the camera.

tags | exploit
systems | linux
MD5 | e592ff3872f75caea44a65c9cf351b4d
FLIR Systems FLIR Thermal Camera F/FC/PT/D Stream Disclosure
Posted Sep 25, 2017
Authored by LiquidWorm | Site zeroscience.mk

FLIR suffers from an unauthenticated and unauthorized live stream disclosure.

tags | exploit
MD5 | e03a021e70dd4edfd74eb548605eefff
FLIR Systems FLIR Thermal Camera F/FC/PT/D Multiple Information Disclosures
Posted Sep 25, 2017
Authored by LiquidWorm | Site zeroscience.mk

FLIP Systems thermal cameras have an issues where Input passed through several parameters is not properly verified before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files from local resources.

tags | exploit, arbitrary, local
MD5 | 4332adce3a8ca1290398c21e9a461f0e
FLIR Systems FLIR Thermal Camera PT-Series (PT-334 200562) Remote Root
Posted Sep 25, 2017
Authored by LiquidWorm | Site zeroscience.mk

FLIR Camera PT-Series suffers from multiple unauthenticated remote command injection vulnerabilities. The vulnerability exist due to several POST parameters in controllerFlirSystem.php script when calling the execFlirSystem() function not being sanitized when using the shell_exec() PHP function while updating the network settings on the affected device. This allows the attacker to execute arbitrary system commands as the root user and bypass access controls in place.

tags | exploit, remote, arbitrary, root, php, vulnerability
MD5 | 5ddf109d3a422df75105565034f680b0
FLIR Systems FLIR Thermal Camera FC-S/PT Authenticated OS Command Injection
Posted Sep 25, 2017
Authored by LiquidWorm | Site zeroscience.mk

FLIR FC-S/PT series suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user.

tags | exploit, arbitrary, shell, root
MD5 | 636a089048b47449c889902485301766
NethServer 7.3.1611 CSRF Create User / Enable SSH Access
Posted Aug 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

NethServer version 7.3.1611 suffers from a cross site request forgery vulnerability that allows you to create a user and enable SSH access.

tags | exploit, csrf
MD5 | 30902b438d0c118a9ace27dab197dbe2
NethServer 7.3.1611 Upload.json CSRF Script Insertion
Posted Aug 28, 2017
Authored by LiquidWorm | Site zeroscience.mk

NethServer version 7.3.1611 suffers from a cross site request forgery script insertion vulnerability in Upload.json.

tags | exploit, csrf
MD5 | a9980262ca1346b7e14b6a1188a41a1d
Automated Logic WebCTRL 6.5 Unrestricted File Upload Remote Code Execution
Posted Aug 23, 2017
Authored by LiquidWorm | Site zeroscience.mk

Automated Logic WebCTRL version 6.5 suffers from an unrestricted file upload vulnerability that allows for remote code execution.

tags | exploit, remote, code execution, file upload
advisories | CVE-2017-9650
MD5 | dfbd662ecb79e969664c3cfd3b845d91
Automated Logic WebCTRL 6.1 Path Traversal Arbitrary File Write
Posted Aug 23, 2017
Authored by LiquidWorm | Site zeroscience.mk

Automated Logic WebCTRL version 6.1 suffers from path traversal and arbitrary file write vulnerabilities.

tags | exploit, arbitrary, vulnerability
advisories | CVE-2017-9640
MD5 | ba74d7e72b8d250b3eb5121245e82a5f
Automated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation
Posted Aug 23, 2017
Authored by LiquidWorm | Site zeroscience.mk

Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.

tags | exploit
advisories | CVE-2017-9644
MD5 | bfe85c9a0561b977ce1f85fffe2a9011
DALIM SOFTWARE ES Core 5.0 Build 7184.1 XSS / CSRF
Posted Aug 9, 2017
Authored by LiquidWorm | Site zeroscience.mk

DALIM SOFTWARE ES Core version 5.0 build 7184.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | f45967f142034d6fe2d841c45f04a738
Page 3 of 24
Back12345Next

File Archive:

February 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    22 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    2 Files
  • 4
    Feb 4th
    15 Files
  • 5
    Feb 5th
    50 Files
  • 6
    Feb 6th
    24 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    6 Files
  • 9
    Feb 9th
    1 Files
  • 10
    Feb 10th
    1 Files
  • 11
    Feb 11th
    22 Files
  • 12
    Feb 12th
    25 Files
  • 13
    Feb 13th
    16 Files
  • 14
    Feb 14th
    31 Files
  • 15
    Feb 15th
    10 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close