Showing 26 - 50 of 78

Files from Akastep

First Active	2011-01-02
Last Active	2015-03-17

MotoCMS 1.3.3 Password File Disclosure / Shell Upload: Posted Jan 8, 2013; Authored by Akastep; MotoCMS versions 1.3.3 and below suffer from password file disclosure and shell upload vulnerabilities.; tags | exploit, shell, vulnerability, info disclosure; SHA-256 | 50ef5f1a3f0f908dddc8abdea740939f5d9baf76b7b62233a900f21d57fdd029; Download | Favorite | View

XML Sitemap Generator 3.2.8 Code Injection: Posted Jan 8, 2013; Authored by Akastep; XML Sitemap Generator for WordPress versions 3.2.8 and below suffers from a remote PHP code injection vulnerability.; tags | exploit, remote, php; SHA-256 | 392e6bee500cdf72349e1e6a1fa71c23a6256f393a3c9c89859bb4d62cc50e32; Download | Favorite | View

WordPress Spam Free 1.9.2 Filter Bypass: Posted Jan 5, 2013; Authored by Akastep; WordPress Spam Free plugin version 1.9.2 suffers from a filter bypass due to letting the client define the "comment" source IP address as a variable being passed to the server.; tags | exploit, bypass; SHA-256 | a4bff041963cdaab3664b99e8efe9ad4aed56f50b5b3e27f611f817c324772e5; Download | Favorite | View

osTicket 1.7 DPR3 XSS / Disclosure / Redirect / SQL Injection: Posted Jan 2, 2013; Authored by Akastep; osTicket version 1.7 DPR3 suffers from cross site scripting, path disclosure, open redirection, and remote blind SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, xss, sql injection, info disclosure; SHA-256 | f41bccaa0226cbecc381d721ba9315fcf74a7847d74a106ef0094c82852aedce; Download | Favorite | View

osTicket 1.6 ST CSRF / SQL Injection: Posted Jan 2, 2013; Authored by Akastep; osTicket version 1.6 stable suffers from cross site request forgery and remote blind SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection, csrf; SHA-256 | cd698e414cb67a7c234b27341925e285901d58be5a6e0ad8d597914224f8757d; Download | Favorite | View

osTicket 1.7 RC2 CSRF / Disclosure / XSS / Redirect: Posted Jan 2, 2013; Authored by Akastep; osTicket version 1.7 RC2 suffers from cross site request forgery, cross site scripting, path disclosure, and open redirection vulnerabilities.; tags | exploit, vulnerability, xss, csrf; SHA-256 | d49668d8ebd530b36b21f1defe4f01ce2d5e639b0faa1112f39129e21422710b; Download | Favorite | View

WordPress Sahifa 2.4.0 Cross Site Request Forgery / Path Disclosure: Posted Jan 1, 2013; Authored by Akastep; WordPress Sahifa theme version 2.4.0 suffers from cross site request forgery and path disclosure vulnerabilities.; tags | exploit, vulnerability, file inclusion, info disclosure, csrf; SHA-256 | f115bac0fb87d670a37616d6226e447df22839805d05c7a1b38d19d31df39ef9; Download | Favorite | View

Newscoop 4.0.2 Path Disclosure / SQL Injection: Posted Dec 3, 2012; Authored by Akastep, KASIB_OGLAN; Newscoop version 4.0.2 suffers from path disclosure and remote blind SQL injection vulnerabilities. Note that this finding houses site-specific data.; tags | exploit, remote, vulnerability, sql injection, info disclosure; SHA-256 | 1f994a8d225a2775ca5787a4cb6f4092b00101fb1d4cb00c69aa00ca9b4e44e2; Download | Favorite | View

Incomedia WebSite X5 Evolution 9.0.4.1748 XSS / Bypass: Posted Nov 26, 2012; Authored by Akastep; Incomedia WebSite X5 Evolution versions 9.0.4.1748 and below suffer from bypass and cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 6c4adfb0b186de88cf8aa1d1d84f4ddb0f4cd1d3e8f1f19606cace93970fa3a1; Download | Favorite | View

Greenstone XSS / Password Disclosure / Log Forging: Posted Nov 23, 2012; Authored by Akastep; Greenstone Digital Library Software suffers from cross site scripting, password file disclosure, broken salt, and log forging vulnerabilities.; tags | exploit, vulnerability, xss, info disclosure; SHA-256 | 6abb1bda55fdf2a144f85a5781c58e9555df57ab3346329f169d03b28b7f55e7; Download | Favorite | View

Inout Article Base Ultimate SQL Injection / CSRF: Posted Oct 25, 2012; Authored by Akastep; Inout Article Base Ultimate versions prior to 2 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection, csrf; SHA-256 | 831d1c4d5bb5f52d532ddd88097b54985d05095d7c28b49e19626e680e99fa2a; Download | Favorite | View

cPanel Pro 11.32.5.11 Cross Site Request Forgery: Posted Oct 22, 2012; Authored by Akastep; cPanel Pro version 11.32.5.11 suffers from multiple cross site request forgery vulnerabilities.; tags | exploit, vulnerability, csrf; SHA-256 | 62e54f57ea468cd7f398a764eb340cade258cb335a001a7ea61badbbad00d34e; Download | Favorite | View

Videosmate Organizer 4.2 Authentication Bypass / Path Disclosure: Posted Oct 16, 2012; Authored by Akastep; Videosmate Organizer version 4.2 suffers from authentication bypass and path disclosure vulnerabilities.; tags | exploit, vulnerability, bypass, info disclosure; SHA-256 | 880befa250d4287f9d17efed7dffd5623e713602127613fb7304b05c5fb437f4; Download | Favorite | View

TP-LINK TD-W8151N Cross Site Request Forgery: Posted Oct 2, 2012; Authored by Akastep; TP-LINK TD-W8151N 150Mbps wireless N ADSL+2 modem router suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 427ec14298c7ccdd86476a0829cf8b76602d498105b951c45aba638947ed5cb6; Download | Favorite | View

Drupal 7.15 Path Disclosure: Posted Sep 24, 2012; Authored by Akastep; Drupal version 7.15 suffers from multiple path disclosure vulnerabilities.; tags | exploit, vulnerability; SHA-256 | da97f6c6b621a645409067c51ab630e17eccce383e667955d67f4fe8018bec3e; Download | Favorite | View

WordPress 3.4.2 Cross Site Request Forgery: Posted Sep 22, 2012; Authored by Akastep; WordPress version 3.4.2 appears to suffer from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 8af686881751d2aa70f5450175099f61552a275371353ead762482baa2fc2edc; Download | Favorite | View

WordPress 3.4.2 User Enumeration / Path Disclosure: Posted Sep 18, 2012; Authored by Akastep; WordPress version 3.4.2 appears to suffer from user enumeration and path disclosure vulnerabilities.; tags | exploit, vulnerability, info disclosure; SHA-256 | f672ffa3fe1c2cdc32145c392c8ccd21e2a5005b5593a62f5cdd4f6628b98a9b; Download | Favorite | View

Studio-One CMS 1.11b / 1.7.1 Blind SQL Injection: Posted Sep 3, 2012; Authored by Akastep; Studio-One CMS versions 1.7.1 and 1.11b suffer from a remote blind SQL Injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | 5ad28110810d3f7b1fc935a71ea4f62fa3c6db304eb9c0724237c8a7c67db3d4; Download | Favorite | View

Flexap.am Control Panel 5.1 Blind SQL Injection: Posted Sep 3, 2012; Authored by Akastep; Flexap.am Control Panel version 5.1 suffer from a remote blind SQL injection vulnerability. Note that this finding houses site-specific data.; tags | exploit, remote, sql injection; SHA-256 | affb027023e9cdd295090a22d861742d331f68bea85915f81cc6f4a624a6658d; Download | Favorite | View

Sitemax Maestro 2.0 SQL Injection / Local File Inclusion: Posted Sep 3, 2012; Authored by Akastep; Sitemax Maestro version 2.0 suffers from local file inclusion and remote SQL injection vulnerabilities.; tags | exploit, remote, local, vulnerability, sql injection, file inclusion; SHA-256 | e2f491d67885ede5c96a111fb35eb48b8ab56eaf65ab53718559aefdf65d3442; Download | Favorite | View

Fluger Edit 2 Blind SQL Injection / Cross Site Scripting: Posted Sep 2, 2012; Authored by Akastep; Fluger Edit version 2 suffers from cross site scripting and remote blind SQL injection vulnerabilities. Note that this finding houses site-specific data.; tags | exploit, remote, vulnerability, xss, sql injection; SHA-256 | 776957ea2e591ce4de92073c69025a61eb40469401729fc6ccd644600e0fcd1f; Download | Favorite | View

Sciretech 3.0.0 SQL Injection / CSRF: Posted Sep 2, 2012; Authored by Akastep; Sciretech file Manager version 3.0.0 and Multimedia Manager version 3.0.0 suffer from cross site request forgery and remote blind SQL injection vulnerabilities.; tags | exploit, remote, vulnerability, sql injection, csrf; SHA-256 | 7f0570634cc662059586bc24b8e757681338abfe415fefd46664042dde9f941d; Download | Favorite | View

MagyCMS 2.0.1121 BETA Blind SQL Injection: Posted Aug 12, 2012; Authored by Akastep, BOT_25, CAMOUFL4G3; This is a blind SQL injection exploit written in AutoIt3 that takes advantage of MagyCMS version 2.0.1121 BETA.; tags | exploit, sql injection; SHA-256 | 7bb2ad445113e3b10884ac186a263b5ff015ba59fe813ee16a5c886a16e1e7ef; Download | Favorite | View

europ INNET Web Studio Administration Program 2.0 XSS / CSRF / LFI: Posted Jul 26, 2012; Authored by Akastep; europ INNET Web Studio Administration Program version 2.0 suffers from cross site request forgery, cross site scripting, local file inclusion, path disclosure, and remote SQL injection vulnerabilities.; tags | exploit, remote, web, local, vulnerability, xss, sql injection, file inclusion, csrf; SHA-256 | 8b945b66041046c68f9608814b1da5af72c0a32cca28ec9997b10974d6f42623; Download | Favorite | View

Shahumyanmedia CMS 2010 Authentication Bypass: Posted Jul 22, 2012; Authored by Akastep, BOT_25; Shahumyanmedia CMS 2010 suffers from an authentication bypass vulnerability. Proof of concept code included.; tags | exploit, proof of concept, bypass; systems | linux; SHA-256 | 6ac8ee86a9dc1a3b5060656cdad5bfd5ebf07f42f98648432dd21f90f0dd5023; Download | Favorite | View

Page 2 of 4 Back 1 2 3 4 Next

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Files from Akastep

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems