Exploit the possiblities
Showing 26 - 44 of 44 RSS Feed

Files from xistence

Email addressprivate
First Active2011-06-24
Last Active2015-10-14
View User Profile
Western Digital Arkeia Remote Code Execution
Posted Sep 20, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits a vulnerability found in Western Digital Arkeia Appliance version 10.0.10 and lower. By abusing the upload.php file from the scripts directory, a malicious user can upload arbitrary code to the ApplianceUpdate file in the temp directory without any authentication. Abusing the local file inclusion in the lang cookie to parse this file, results in arbitrary code execution, also without any authentication. The module has been tested successfully on Arkeia 10.0.10. The issues have been fixed in version 10.1.10.

tags | exploit, arbitrary, local, php, code execution, file inclusion
MD5 | bd9d0aefacadd5854df4107283f8bdce
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
Posted Sep 20, 2013
Authored by xistence | Site metasploit.com

This Metasploit module exploits a vulnerability found in OpenEMR version 4.1.1 Patch 14 and lower. When logging in as any non-admin user it's possible to retrieve the admin SHA1 password hash from the database through SQL injection. The SQL injection vulnerability exists in the "new_comprehensive_save.php" page. This hash can be used to log in as the admin user. After logging in, the "manage_site_files.php" page will be used to upload arbitrary code.

tags | exploit, arbitrary, php, sql injection
MD5 | 35fc05e9cd467ed94aa6be2b04ec3c52
Western Digital Arkeia Appliance 10010 Upload / LFI
Posted Sep 17, 2013
Authored by xistence

Western Digital Arkeia Appliance version 10.0.10 suffers from local file inclusion and unauthenticated firmware upload vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, file upload
MD5 | f4f69b8da20f1f808a07c0c30f179c9a
OpenEMR 4.1.1 Patch 14 SQL Injection / Shell Upload
Posted Sep 17, 2013
Authored by xistence

OpenEMR version 4.1.1 Patch 14 suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
MD5 | fc85bb950ca8fefa1757abd901f0ab41
TP-Link TD-W8951ND Cross Site Request Forgery / Cross Site Scripting
Posted Aug 30, 2013
Authored by xistence

TP-Link TD-W8951ND Firmware 4.0.0 Build 120607 Release 30923 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | 9df222ebb90b0f43b8c66e5c2e0010d7
Alienvault OSSIM Cross Site Scripting
Posted Jul 25, 2013
Authored by xistence

Alienvault OSSIM versions prior to 4.3.0 suffer from multiple reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 7e00cea61a072e5a7d6a76b224857d56
Motion 3.2.12 XSS / CSRF / Buffer Overflow / SQL Injection
Posted Jun 26, 2013
Authored by xistence

Motion version 3.2.12 suffers from buffer overflow, cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, overflow, vulnerability, xss, sql injection, csrf
MD5 | d433040aaad85f7333cbeac89d60b5be
CAREL pCOWeb 1.5.0 Default Credential Shell Access
Posted May 23, 2013
Authored by xistence | Site carel.com

The CAREL pCOWeb firmware version 1.5.0 and lower has two passwordless default accounts that allow direct shell access via telnet. These accounts are not exposed in the associated Web UI. CAREL pCOWeb is an embedded device used primarily for HVAC systems.

tags | advisory, web, shell
MD5 | b37d81c41778047bb0442f6b465ecef7
Astium VoIP PBX 2.1 Denial Of Service
Posted Jan 2, 2013
Authored by xistence

Astium VoIP PBX versions 2.1 build 25399 and below remote crash proof of concept exploit that causes astiumd to crash when sent a large buffer.

tags | exploit, remote, denial of service, proof of concept
MD5 | 84bf4038b7b0ddd73ca846aed61c24d8
Astium VoIP PBX 2.1 Remote Root
Posted Jan 2, 2013
Authored by xistence

Astium is prone to multiple vulnerabilities. This exploit uses SQL injection to bypass authentication on the login page and get access as an administrator. After that it uploads and executes a PHP script that will modify the "/usr/local/astium/web/php/config.php" script with a reverse shell and run a "sudo /sbin/service astcfgd reload". Version 2.1 build 25399 is affected.

tags | exploit, web, shell, local, php, vulnerability, sql injection
MD5 | 2d2fb95ee7360c0097a0bae216b5772c
Ubiquiti AirOS 5.5.2 Command Execution
Posted Dec 29, 2012
Authored by xistence

Ubiquiti AirOS versions 5.5.2 and below suffer from a remote post-authentication root-level command execution vulnerability.

tags | exploit, remote, root
MD5 | eb14d79e3b11169bae191e2cc055a870
YeaLink IP Phone 9.70.0.100 CSRF / Default Credentials
Posted Dec 21, 2012
Authored by xistence

YeaLink IP Phone SIP TxxP firmware versions 9.70.0.100 and below suffer from default credential and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, info disclosure, csrf
MD5 | 351bbea8ba597d64b1915caf9c09ccb8
ManageEngine Security Manager Plus 5.5 build 5505 SQL Injection
Posted Oct 28, 2012
Authored by egypt, sinn3r, xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page, which results in remote code execution under the context of SYSTEM in Windows; or as the user in Linux. Authentication is not required in order to exploit this vulnerability.

tags | exploit, remote, code execution, sql injection
systems | linux, windows
MD5 | d3ae3405d31d907b6c62f95cb8355fee
ManageEngine Security Manager Plus 5.5 SQL Injection
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 remote SYSTEM/root SQL injection exploit that spawns a shell.

tags | exploit, remote, shell, root, sql injection
MD5 | 1b48562560c48a7af945467cd240593f
ManageEngine Security Manager Plus 5.5 Traversal
Posted Oct 19, 2012
Authored by xistence

ManageEngine Security Manager Plus versions 5.5 build 5505 and below suffer from a path traversal vulnerability.

tags | exploit, file inclusion
MD5 | 72da4a00f3eb055d1602108c23a8a93b
ManageEngine Security Manager Plus 5.5 Build 5505 Code Execution
Posted Oct 19, 2012
Authored by xistence | Site metasploit.com

This Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. No authentication is necessary to exploit this.

tags | exploit, web, root, sql injection
MD5 | 0f6fdd57f7fa8fe6c3b3613fad8b23a2
ManageEngine Support Center Plus 7908 XSS / Shell Upload
Posted Oct 16, 2012
Authored by xistence

ManageEngine Support Center Plus versions 7908 and below suffer from multiple cross site scripting and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, xss
MD5 | c9ab97fb735ab931f94a1ce36b7e482d
ManageEngine Support Center Plus 7903 XSS / SQL Injection
Posted Apr 15, 2012
Authored by xistence

ManageEngine Support Center Plus versions 7903 and below suffer from backup related, unauthorized access, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 2ed59e889c55685447141b2eb6ab6a64
ManageEngine Support Center Plus 7.8 Directory Traversal
Posted Jun 24, 2011
Authored by xistence

ManageEngine Support Center Plus versions 7801 and below of the 7.8 build suffer from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 022ced1f067456c62699c5ed616c591c
Page 2 of 2
Back12Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close