what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 26 - 50 of 66

Files from Hadji Samir

Ebay Magento Application-Side Cross Site Scripting

Posted Jul 2, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Ebay Magento suffered from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 1877bf2efd520a4e279c8cd2c6440a772f0767895e4283736ccc68c2ec1184ec

Download | Favorite | View

ZTE ZXV10 W300 3.1.0c_DR0 UI Session Delete

Posted Jun 19, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

ZTE ZXV10 W300 version 3.1.0c_DR0 suffers from a session vulnerability that allows a remote attacker to delete network settings and more.

tags | exploit, remote

SHA-256 | e6b4753445eecdc540f323caf6ddd8959dc3d0dc105d4e6952e16e30eb542b98

Download | Favorite | View

eBay Magento Cross Site Request Forgery

Posted Jun 19, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

eBay Magento suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | b3c0c736ffb72d43d1fe671c55dffcbc1392deeada1261b19a1a3ef5cb7b4d6c

Download | Favorite | View

eBay Magento Persistent Script Insertion

Posted Jun 19, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

A persistent input validation web vulnerability has been discovered in the official Magento xCommerce web-application. The vulnerability allows remote attackers to inject own script code to the application-side of the affected service module. The vulnerability is located in the filename value of the image upload module. The attacker needs to create a New Message with upload to change the filename to a malicious payload. The attack vector of the issue is located on the application-side and the request method to inject the script code is POST.

tags | exploit, remote, web

SHA-256 | 2d046bdbb2f5dbd96eb46e550a4e42059c43e67f2b94273651e0cdfbf7805252

Download | Favorite | View

eBay Magento Cross Site Scripting

Posted Jun 19, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

A client-side cross site scripting web vulnerability has been discovered in the official Magento Commerce Premium Theme front-end web-application. The non-persistent xss vulnerability allows remote attackers to inject own script code to the application-side of the vulnerable online-service module.

tags | exploit, remote, web, xss

SHA-256 | 93f9dd7fd63830ad50de3dc317332c7a3e7b19e91c8f617f35ef178a5970df46

Download | Favorite | View

Yahoo eMarketing Cross Site Scripting

Posted May 7, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Yahoo eMarketing suffered from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 3bacff349693e5ea813834e701aade59652625f85083bb51b8ad8288a57cc70f

Download | Favorite | View

HUAWEI MobiConnect 23.9.17.216 Privilege Escalation

Posted May 4, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

HUAWEI MobiConnect version 23.9.17.216 suffers from a privilege escalation vulnerability.

tags | exploit

SHA-256 | e0f66e5d1324944478f82502238a27ac1c865f60b3336ad06e08d1317be9f5bf

Download | Favorite | View

Cisco (Newsroom) Cross Site Scripting

Posted May 4, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Cisco (Newsroom) suffers from a client-side cross site scripting vulnerability.

tags | exploit, xss

systems | cisco

SHA-256 | 7c5b5851992715bb52ac56fd8e8fb0e29f7e705589c9939882176e22d9fe0e36

Download | Favorite | View

Wireless File Transfer Pro Android Cross Site Request Forgery

Posted Feb 27, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Wireless File Transfer Pro Android suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

SHA-256 | f709cfd1847fd656f23afa2f5a198b95fcf11abe5bc5307c2b3e6986922ffa41

Download | Favorite | View

ES File Explorer 3.2.4.1 Path Traversal

Posted Feb 17, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

ES File Explorer version 3.2.4.1 suffers from a path traversal vulnerability.

tags | exploit

advisories | CVE-2015-1876

SHA-256 | b664b0fa935a7e23700055f21d93485cc52bc04420786148ceb2c3350d171408

Download | Favorite | View

Wireless File Transfer Pro 1.0.1 CSRF

Posted Feb 9, 2015

Authored by Hadji Samir

Wireless File Transfer Pro version 1.0.1 suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf

SHA-256 | 14135bf3ad59a0a749b01822ac0e2d9019544be4e5a8b7b73f77b3942088efbd

Download | Favorite | View

ZTE Datacard Telecom MF626 Modem Privilege Escalation

Posted Feb 9, 2015

Authored by Hadji Samir

ZTE Datacard Telecom MF626 Modem (PCW_TNZNZLV1.0.0B02) suffers from a local privilege escalation vulnerability.

tags | exploit, local

SHA-256 | e283b8aeb6550cb3c312b4c4cf0631977c73528e96b67228c86c65dec990a084

Download | Favorite | View

PhotoSync 1.1.3 Command Injection

Posted Jan 21, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

PhotoSync version 1.1.3 suffers from a command injection vulnerability.

tags | exploit

SHA-256 | 5abcb1cd75bd59aeb57996761ca95b4e509dc474bc01ddc164dee199ccc8913b

Download | Favorite | View

Remote Desktop 0.9.4 Android CSRF / Command Injection

Posted Jan 20, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Remote Desktop version 0.9.4 Android suffers from local command injection and cross site request forgery vulnerabilities.

tags | exploit, remote, local, vulnerability, csrf

SHA-256 | 81c31b606da552a492c3156c3ce1015ada9039256b0cd83c13a8feb14c06663a

Download | Favorite | View

Webinars 2.2.26.0 Script Insertion

Posted Jan 20, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Webinars version 2.2.26.0 suffers from a client-side script insertion vulnerability.

tags | exploit

SHA-256 | 95540c3f1a53b361187b285ddccd27b26ed9baa6240a8ce04205aacfb2574a3c

Download | Favorite | View

Remote Web Desktop Full 5.9.5 Cross Site Request Forgery / Cross Site Scripting

Posted Jan 20, 2015

Authored by Hadji Samir, Vulnerability Laboratory | Site vulnerability-lab.com

Remote Web Desktop Full version 5.9.5 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, remote, web, vulnerability, xss, csrf

SHA-256 | b223fe2da6af965eb62693f470a44f543390166fd7bb6f547b33a5c0b6cebd3c

Download | Favorite | View

WiFi File Browser Pro 2.0.8 Code Execution

Posted Jan 14, 2015

Authored by Hadji Samir, Vulnerability Laboratory

WiFi File Browser Pro version 2.0.8 suffers from a code execution vulnerability.

tags | exploit, code execution

SHA-256 | 3a17fedccf065dba2df2c8cc06ab986128e6739ee172a59e2c48817e94704d18

Download | Favorite | View

ZTE Datacard MF180 Privilege Escalation / DLL Hijacking

Posted Jan 12, 2015

Authored by Hadji Samir

ZTE Datacard MF180 suffers from privilege escalation and DLL hijacking vulnerabilities.

tags | exploit, vulnerability

systems | windows

SHA-256 | 61549ca54b62be8573a682ec61570172bcfc6079ecb46713ff0cf356b3781bbc

Download | Favorite | View

Tenda W150D Cross Site Request Forgery

Posted Jan 10, 2015

Authored by Hadji Samir

Tenda W150D suffers from multiple cross site request forgery vulnerabilities.

tags | exploit, vulnerability, csrf

SHA-256 | b47836fa200ded31d836c8f4a0919f87320cd4cc198d64975c6b2daeca37d121

Download | Favorite | View

ZTE Datacard MF19 Privilege Escalation / DLL Hijacking

Posted Jan 5, 2015

Authored by Hadji Samir

ZTE Datacard MF19 suffers from privilege escalation and DLL hijacking vulnerabilities.

tags | exploit, vulnerability

systems | windows

advisories | CVE-2015-0974

SHA-256 | 0a58cb293ab6ca5b7c6dd277d515cac9ffd400d28d730f8ccc40983565e47648

Download | Favorite | View

UCell Software For ZTE Modems DLL Hijacking

Posted Dec 31, 2014

Authored by Hadji Samir

UCell Software for ZTE Modems suffers from a DLL hijacking vulnerability.

tags | exploit

systems | windows

SHA-256 | 0e24a72da1d26722ab921c8a7e01a34c4923fc932c51d571a3e8cc8dc5da3259

Download | Favorite | View

iFunbox 2014 3.4.697.652 DLL Hijacking

Posted Dec 30, 2014

Authored by Hadji Samir

iFunbox 2014 version 3.4.697.652 suffers from a DLL hijacking vulnerability.

tags | exploit

systems | windows

SHA-256 | f033e80213c84a7e20b391dabec5c66d13570107fda94bfe9a7516a5665fc8cc

Download | Favorite | View

MobiConnect 23.009.17.00.216 Privilege Escalation / DLL Hijacking

Posted Dec 30, 2014

Authored by Hadji Samir

MobiConnect version 23.009.17.00.216 suffers from privilege escalation and DLL hijacking vulnerabilities.

tags | exploit, vulnerability

systems | windows

SHA-256 | 4a4174ff19066125ed42b5ae92ca5e419039ccfcf50221062540e741a066a1ac

Download | Favorite | View

Phoenix Service Software 2012.16.004.48159(Nokia) DLL Hijacking

Posted Dec 30, 2014

Authored by Hadji Samir

Phoenix Service Software version 2012.16.004.48159(Nokia) suffers from a DLL hijacking vulnerability.

tags | exploit

systems | windows

SHA-256 | a12cd60163bee6e23ed400006be20f466036112966bd91079130d5507e38677e

Download | Favorite | View

iExplorer 3.6.3.0 DLL Hijacking

Posted Dec 30, 2014

Authored by Hadji Samir

iExplorer version 3.6.3.0 suffers from a DLL hijacking vulnerability.

tags | exploit

systems | windows

SHA-256 | 7d94137800b3ed544d3ffc8ad471b871367529331fe7dba2da2a01062f297e8a

Download | Favorite | View