what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files from Giovanni Pellerano

Email addressevilaliv3 at ush.it
First Active2008-11-10
Last Active2022-07-06
EQS Integrity Line Cross Site Scripting / Information Disclosure
Posted Jul 6, 2022
Authored by Giovanni Pellerano | Site ush.it

EQS Integrity Line versions through 2022-07-01 suffer from cross site scripting and sensitive information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
advisories | CVE-2022-34007
SHA-256 | 21a47b9fbd11e6b29f25b46678eefbe67cd2ecd6ec063d64543e0d2d12795718
Vtiger CRM 5.2.0 Code Execution / Cross Site Scripting / Local File Inclusion
Posted Nov 18, 2010
Authored by Alessandro Tanasi, Giovanni Pellerano

Vtiger CRM 5.2.0 suffers from code execution, cross site scripting and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion
advisories | CVE-2010-3909, CVE-2010-3910, CVE-2010-3911
SHA-256 | ded3215c44adfd32a956127f5f678bade57d06fb1464aae34530de82afd5278b
Nginx, Varnish, Cherokee, etc Log Injection
Posted Jan 11, 2010
Authored by Francesco Ongaro, Alessandro Tanasi, Giovanni Pellerano | Site ush.it

Nginx, Varnish, Cherokee, thttpd, mini-httpd, WEBrick, Orion, AOLserver, Yaws and Boa are subject to log escape sequence injection vulnerabilities.

tags | exploit, vulnerability
advisories | CVE-2009-4487, CVE-2009-4488, CVE-2009-4489, CVE-2009-4490, CVE-2009-4491, CVE-2009-4492, CVE-2009-4493, CVE-2009-4494, CVE-2009-4495, CVE-2009-4496
SHA-256 | ca929167a6a430b66650857a093ae76e47f6db643eb8bafffa59b6ebc10896d0
Jetty 6.x / 7.x Information Disclosure / XSS
Posted Oct 26, 2009
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

Jetty versions 6.x and 7.x suffer from cross site scripting, injection, and information disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 5f6bdd64a6596d46cbd0a5ae2448106b4656a8543eb8f07317ef5d4b92ae82d9
Vtiger CRM 5.0.4 Code Exection / XSS / XSRF / LFI
Posted Aug 18, 2009
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

Vtiger CRM version 5.0.4 suffers from code execution, local file inclusion, cross site scripting, and cross site request forgery vulnerabilities.

tags | exploit, local, vulnerability, code execution, xss, file inclusion, csrf
SHA-256 | a0599a490c531c182849299f81372c277f5eeeadc04bccdc6e9da1eb256e8a74
PHP Filesystem Attack Vectors - Part Two
Posted Jul 28, 2009
Authored by Francesco Ongaro, Giovanni Pellerano | Site ush.it

Whitepaper discussing a large amount of PHP filesystem attack vectors. Take Two.

tags | paper, php
SHA-256 | 50ea2f5921192ef048630929273e79e8dc80d288a30593b6b7ef6639a9180257
SugarCRM 5.2.0e Code Execution
Posted Jun 15, 2009
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

SugarCRM versions 5.2.0e and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
SHA-256 | b46bbb1752deb1c9295ffea5807d2e474bb3c4c6de135549995c2c9d75270085
FormMail 1.92 XSS / HTTP Response Splitting
Posted May 13, 2009
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

FormMail version 1.92 suffers from cross site scripting, header injection, and HTTP response splitting vulnerabilities.

tags | exploit, web, vulnerability, xss
SHA-256 | dda541988029f268bc02136426254f2b6bbc63e0e3c487848827415005cc289e
Zabbix 1.6.2 XSRF / LFI / Code Execution
Posted Mar 3, 2009
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

Zabbix version 1.6.2 suffers from remote code execution, cross site request forgery, and local file inclusion vulnerabilities.

tags | exploit, remote, local, vulnerability, code execution, file inclusion, csrf
SHA-256 | 6fc6a1f1b3df47f2608e299ed5ea4014c5c4b5292607adb72d978c18e293dc26
PHP Filesystem Attack Vectors
Posted Feb 9, 2009
Authored by Francesco Ongaro, Giovanni Pellerano | Site ush.it

Whitepaper discussing a large amount of PHP filesystem attack vectors.

tags | paper, php
SHA-256 | cf9fb603acb1135b3f8a595653d1d18a8937d01270074b11448182d48a251260
Moodle 1.9.3 Remote Code Execution
Posted Dec 12, 2008
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

Moodle version 1.9.3 suffers from a remote code execution vulnerability. Full details provided.

tags | exploit, remote, code execution
SHA-256 | 604fed1136c665e395b41c51641f80c673942dba92e616551632c7f5f1aac44e
Collabtive 0.4.8 Multiple Vulnerabilities
Posted Nov 10, 2008
Authored by Francesco Ongaro, Antonio Parata, Giovanni Pellerano | Site ush.it

Collabtive version 0.4.8 suffers from cross site scripting, authentication bypass, and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, xss
SHA-256 | 79b3e4b4ba18d65ce36a36f1ab3e00c7d5d25169f28c965cb0522f75f65a1536
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close