all things security
Showing 26 - 50 of 132 RSS Feed

Files from EgiX

Email addressn0b0d13s at gmail.com
First Active2007-07-31
Last Active2017-02-06
Open Letters Remote PHP Code Injection
Posted Apr 22, 2015
Authored by EgiX, TUNISIAN CYBER

Open Letters remote PHP code injection exploit.

tags | exploit, remote, php
MD5 | 8160404b6f41b65263a4461b808f92b2
Symantec Web Gateway 5 restore.php Command Injection
Posted Mar 3, 2015
Authored by EgiX, sinn3r | Site metasploit.com

This Metasploit module exploits a command injection vulnerability found in Symantec Web Gateway's setting restoration feature. The filename portion can be used to inject system commands into a syscall function, and gain control under the context of HTTP service. For Symantec Web Gateway 5.1.1, you can exploit this vulnerability by any kind of user. However, for version 5.2.1, you must be an administrator.

tags | exploit, web
advisories | CVE-2014-7285
MD5 | 7cea620f706dd4d79dc4e3d490634780
Symantec Web Gateway 5.2.1 OS Command Injection
Posted Dec 31, 2014
Authored by EgiX

Symantec Web Gateway versions 5.2.1 and below suffer from a remote OS command injection vulnerability.

tags | exploit, remote, web
advisories | CVE-2014-7285
MD5 | 273c532a1992d8c9055fb637dae33ffc
GetSimple CMS 3.3.4 XML External Entity Injection
Posted Dec 31, 2014
Authored by EgiX

GetSimple CMS versions 3.1.1 through 3.3.4 suffer from an XML external entity injection vulnerability.

tags | exploit
advisories | CVE-2014-8790
MD5 | b8ab5de12acbf7ab9f48c19dcb966947
Mantis Bug Tracker 1.2.17 PHP Code Injection
Posted Dec 31, 2014
Authored by EgiX

Mantis Bug Tracker versions 1.2.0 through 1.2.17 suffer from a PHP code injection vulnerability.

tags | exploit, php
advisories | CVE-2014-7146
MD5 | 673ab348d712c0f346dee0bed801dc1b
Osclass 3.4.2 Local File Inclusion
Posted Dec 31, 2014
Authored by EgiX

Osclass versions 3.4.2 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2014-8084
MD5 | 8d1d44d69ceb0a756bcf6e9d24106133
Osclass 3.4.2 Shell Upload
Posted Dec 31, 2014
Authored by EgiX

Osclass versions 3.4.2 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2014-8085
MD5 | 565d75744e6dfbe93bbf6b0a5ef4653c
Osclass 3.4.2 SQL Injection
Posted Dec 31, 2014
Authored by EgiX

Osclass versions 3.4.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-8083
MD5 | 40a49924f80fdc8f871af28198600d95
Tuleap PHP Unserialize Code Execution
Posted Dec 12, 2014
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a PHP object injection vulnerability in Tuelap <= 7.6-4 which could be abused to allow authenticated users to execute arbitrary code with the permissions of the web server. The dangerous unserialize() call exists in the 'src/www/project/register.php' file. The exploit abuses the destructor method from the Jabbex class in order to reach a call_user_func_array() call in the Jabbex class and call the fetchPostActions() method from the Transition_PostAction_FieldFactory class to execute PHP code through an eval() call. In order to work, the target must have the 'sys_create_project_in_one_step' option disabled.

tags | exploit, web, arbitrary, php
advisories | CVE-2014-8791
MD5 | 8f1a12b060fa7c2f75cbe3d06783d717
Tuleap 7.6-4 PHP Object Injection
Posted Nov 28, 2014
Authored by EgiX

Tuleap versions 7.6-4 and below suffer from a PHP object injection vulnerability in register.php.

tags | exploit, php
advisories | CVE-2014-8791
MD5 | 996df917e13e1acb41ce3587aaadfbe7
MantisBT XmlImportExport Plugin PHP Code Injection
Posted Nov 18, 2014
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a post-auth vulnerability found in MantisBT versions 1.2.0a3 up to 1.2.17 when the Import/Export plugin is installed. The vulnerable code exists on plugins/XmlImportExport/ImportXml.php, which receives user input through the "description" field and the "issuelink" attribute of an uploaded XML file and passes to preg_replace() function with the /e modifier. This allows a remote authenticated attacker to execute arbitrary PHP code on the remote machine.

tags | exploit, remote, arbitrary, php
advisories | CVE-2014-7146
MD5 | 3a24e0e940ae20b57789e18c70afbd73
TestLink 1.9.12 Path Disclosure
Posted Oct 23, 2014
Authored by EgiX

TestLink versions 1.9.12 and below suffer from a path disclosure weakness.

tags | advisory
advisories | CVE-2014-8082
MD5 | 501919f76badd56fb99de0e6c994c635
TestLink 1.9.12 PHP Object Injection
Posted Oct 23, 2014
Authored by EgiX

TestLink versions 1.9.12 and below suffer from a PHP object injection vulnerability in execSetResults.php.

tags | advisory, php
advisories | CVE-2014-8081
MD5 | c64ed8cf8cddf2d079f162b605cb2b3a
X2Engine 4.1.7 Unrestricted File Upload
Posted Sep 23, 2014
Authored by EgiX

X2Engine versions 4.1.7 and below suffer from an unrestricted file upload vulnerability due to poor use of a blacklist.

tags | exploit, file upload
advisories | CVE-2014-5298
MD5 | 146f05b73cebbdf28b5a12d4a6a158f2
X2Engine 4.1.7 PHP Object Injection
Posted Sep 23, 2014
Authored by EgiX

X2Engine versions 2.8 through 4.1.7 suffer from a PHP object injection vulnerability.

tags | exploit, php
advisories | CVE-2014-5297
MD5 | bd183eb48e521793677e5f35070a473a
OpenCart 1.5.6.4 PHP Object Injection
Posted Jul 14, 2014
Authored by EgiX

OpenCart versions 1.5.6.4 and below suffer from a PHP objection injection vulnerability.

tags | exploit, php
advisories | CVE-2014-3990
MD5 | c2131aa96490a8154ddc0adab7fbcee3
Dotclear Media Manager Authenticated Arbitrary File Upload
Posted May 22, 2014
Authored by EgiX, Brandon Perry | Site metasploit.com

This is a Metasploit modules that leverages an authenticated arbitrary file upload vulnerability in Dotclear versions 2.6.2 and below.

tags | exploit, arbitrary, file upload
MD5 | 2c23a561dc1c09205a2f28b372f86ce6
Dotclear 2.6.2 SQL Injection
Posted May 22, 2014
Authored by EgiX | Site karmainsecurity.com

Dotclear versions 2.6.2 and below suffer from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
advisories | CVE-2014-3783
MD5 | 0072cdfb755489a2c2427a32d3f8dc15
Dotclear 2.6.2 Arbitrary File Upload
Posted May 22, 2014
Authored by EgiX | Site karmainsecurity.com

Dotclear versions 2.6.2 and below suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell
advisories | CVE-2014-3782
MD5 | c41bc1a22f02e513eaae80d882304e12
Dotclear 2.6.2 Authentication Bypass
Posted May 22, 2014
Authored by EgiX | Site karmainsecurity.com

Dotclear versions 2.6.2 and below suffer from an XML-RPC interface authentication bypass vulnerability.

tags | exploit, bypass
advisories | CVE-2014-3781
MD5 | 930391070853eeb2107de12ceeab82f8
Horde Framework Unserialize PHP Code Execution
Posted Mar 20, 2014
Authored by EgiX, juan vazquez | Site metasploit.com

This Metasploit module exploits a php unserialize() vulnerability in Horde versions 5.1.1 and below which could be abused to allow unauthenticated users to execute arbitrary code with the permissions of the web server. The dangerous unserialize() exists in the 'lib/Horde/Variables.php' file. The exploit abuses the __destruct() method from the Horde_Kolab_Server_Decorator_Clean class to reach a dangerous call_user_func() call in the Horde_Prefs class.

tags | exploit, web, arbitrary, php
advisories | CVE-2014-1691
MD5 | 30e3a5b2a37a48b8d49e624f76c16db2
OpenPNE PHP Object Injection
Posted Jan 21, 2014
Authored by Secunia, EgiX | Site secunia.com

Secunia Research has discovered a vulnerability in OpenPNE, which can be exploited by malicious people to manipulate certain data or compromise a vulnerable system. The vulnerability is caused due to the "opSecurityUser::getRememberLoginCookie()" method defined in the /lib/user/opSecurityUser.class.php script using the "unserialize()" function with user controlled input. This can be exploited to e.g. delete arbitrary files or execute arbitrary PHP code via specially crafted serialized objects sent in a "Cookie" header. Versions 3.6.13 and 3.8.9 are affected.

tags | advisory, arbitrary, php
advisories | CVE-2013-5350
MD5 | 57f40ad0fbb29c3f6284b4fa96be0f6f
vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload
Posted Jan 7, 2014
Authored by EgiX, juan vazquez | Site metasploit.com

vTiger CRM allows an user to bypass authentication when requesting SOAP services. In addition, arbitrary file upload is possible through the AddEmailAttachment SOAP service. By combining both vulnerabilities an attacker can upload and execute PHP code. This Metasploit module has been tested successfully on vTiger CRM v5.4.0 over Ubuntu 10.04 and Windows 2003 SP2.

tags | exploit, arbitrary, php, vulnerability, file upload
systems | linux, windows, ubuntu
advisories | CVE-2013-3214, CVE-2013-3215, OSVDB-95902, OSVDB-95903
MD5 | 8cfa2756a8caf281bdf7170de13d5b60
OpenSIS 'modname' PHP Code Execution
Posted Dec 23, 2013
Authored by EgiX | Site metasploit.com

This Metasploit module exploits a PHP code execution vulnerability in OpenSIS versions 4.5 to 5.2 which allows any authenticated user to execute arbitrary PHP code under the context of the web-server user. The 'ajax.php' file calls 'eval()' with user controlled data from the 'modname' parameter.

tags | exploit, web, arbitrary, php, code execution
advisories | CVE-2013-1349
MD5 | da99d91f8a19ec46699763b1e01053d4
openSIS 5.2 PHP Code Injection
Posted Dec 7, 2013
Authored by EgiX

openSIS versions 4.5 through 5.2 suffer from a remote PHP code injection vulnerability.

tags | exploit, remote, php
advisories | CVE-2013-1349
MD5 | d3caebab3ffea990f9754fa5fabdc247
Page 2 of 6
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close