exploit the possibilities
Showing 1 - 16 of 16 RSS Feed

Files

Kaseya 6.2.0.0 Cross Site Scripting
Posted Apr 20, 2012
Authored by Mark Lachniet | Site foofus.net

Kaseya version 6.2.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 9b6299913957ab6d905e3764be038b98

Related Files

Kaseya VSA Agent 9.5 Privilege Escalation
Posted Sep 2, 2019
Authored by NF

Kaseya VSA Agent versions 9.5 and below suffer from a privilege escalation vulnerability.

tags | exploit
MD5 | e980158828850c66f90be3ed967dec76
Kaseya Virtual System Administrator (VSA) Local Privilege Escalation
Posted Mar 23, 2018
Authored by Filip Palian

The Kaseya Virtual System Administrator (VSA) agent "AgentMon.exe" suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2017-12410
MD5 | 814ffa943c77c27f80eeda9249f12e0c
Kaseya VSA 9.2 Authentication Bypass
Posted Jan 15, 2018
Authored by Securify B.V., Kin Hung Cheng, Robert Hartshorn

Kaseya VSA version 9.2 suffers from an authentication bypass vulnerability.

tags | exploit, bypass
MD5 | 7283fc16d75dc79988225cb4c903d5c5
Kaseya VSA 9.2 Shell Upload
Posted Jan 15, 2018
Authored by Securify B.V., Kin Hung Cheng, Robert Hartshorn

Kaseya VSA version 9.2 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | 907b91ed2f652a5d04feabc0ab331cb0
Kaseya VSA R9.2 Arbitrary File Read
Posted Jan 15, 2018
Authored by Securify B.V., Kin Hung Cheng, Robert Hartshorn

A security vulnerability was found in Kaseya VSA file download file functionality. Using this vulnerability an authenticated user in a Kaseya VSA environment is able to download arbitrary files from the server (including source code of Kaseya, the database backups, configuration files, and even windows files). Version R9.2 was found affected.

tags | exploit, arbitrary
systems | windows
MD5 | 605ce3e61e7a1e700654afd0b394ab11
Kaseya VSA 9.02.00.04 Information Disclosure
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 9.02.00.04 suffers from an information disclosure vulnerability.

tags | exploit, info disclosure
MD5 | d8342ca721048f9dbe543531be1a409f
Kaseya VSA 6.5.0.0 XSS / Brute Force
Posted Apr 4, 2017
Authored by Patrick Webster

Kaseya VSA version 6.5.0.0 suffers from cross site scripting and brute forcing vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | 422ace8363b61c9858ef75bd8a974044
Kaseya VSA uploader.aspx Arbitrary File Upload
Posted Oct 2, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This Metasploit module has been tested with Kaseya v7.0.0.17, v8.0.0.10 and v9.0.0.3.

tags | exploit, arbitrary, code execution, asp, file upload
advisories | CVE-2015-6922
MD5 | 1ed310adae7ef7d86de486f92950fe9d
Kaseya Virtual System Administrator Code Execution / Privilege Escalation
Posted Sep 30, 2015
Authored by Pedro Ribeiro

Kaseya Virtual System Administrator suffers from multiple code execution vulnerabilities and a privilege escalation vulnerability. VSA versions 7.0.0.0 through 7.0.0.32, 8.0.0.0 through 8.0.0.22, 9.0.0.0 through 9.0.0.18, and 9.1.0.0 through 9.1.0.8 are affected.

tags | exploit, vulnerability, code execution
advisories | CVE-2015-6589, CVE-2015-6922
MD5 | c5ce0ad42b5f4e9209f7d699f7abb8c9
Kaseya Virtual System Administrator File Download / Open Redirect
Posted Jul 14, 2015
Authored by Pedro Ribeiro

Kaseya Virtual System Administrator suffers from arbitrary file download open redirection vulnerabilities.

tags | exploit, arbitrary, vulnerability
MD5 | f09ecb1305712aebae36fcd9c0b8ffd3
Kaseya Browser 7.0 Android Path Traversal
Posted Jan 29, 2015
Authored by Denis Andzakovic | Site security-assessment.com

This advisory details a vulnerability found within Kaseya Browser Android application. A path traversal vulnerability was discovered within an exported content provider, resulting in the disclosure of arbitrary files, including internal application files.

tags | exploit, arbitrary, file inclusion
MD5 | e96819aa7e39e1623c71e59dd7bf05a2
Kaseya BYOD Gateway 7.0.2 SSL Certificate Validation / Redirection
Posted Jan 29, 2015
Authored by Denis Andzakovic | Site security-assessment.com

This advisory details multiple vulnerabilities found within the Kaseya BYOD Gateway software. By chaining a combination of lacking SSL verification, poor authentication mechanisms and arbitrary redirection vulnerabilities, a malicious entity may potentially compromise any Kaseya BYOD installation. The Kaseya BYOD Gateway software uses a redirection feature, wherein users are redirected to their local Kaseya installation via Kaseya's hosted servers. The update request from the BYOD Gateway software to the Kaseya hosted servers was not found to verify SSL certificates and fails to implement any form of authentication, instead relying on the length of the gateway identifier to provide security. Thus, the security of the solution depends on an attacker's ability to enumerate the gateway identifier. Once a malicious user enumerates the Gateway identifier, then they may update the redirect rule for that customer in Kaseya's hosted servers, redirecting customers to a malicious Kaseya BYOD Gateway. Version 7.0.2 is affected.

tags | exploit, arbitrary, local, vulnerability
MD5 | f01ce6f62fb92059c9e3299103497252
Kaseya uploadImage Arbitrary File Upload
Posted Dec 4, 2013
Authored by Thomas Hibbert | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya versions below 6.3.0.2. A malicious user can upload an ASP file to an arbitrary directory without previous authentication, leading to arbitrary code execution with IUSR privileges.

tags | exploit, arbitrary, code execution, asp, file upload
advisories | OSVDB-99984
MD5 | 593b4d4095655301ec4bee6ac4bd2eb9
Kaseya 6.3 Shell Upload
Posted Nov 18, 2013
Authored by Thomas Hibbert | Site security-assessment.com

Kaseya version 6.3 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | ba9df26f912013a1dd6253f10c4024de
Kaseya 6.2 Cross Site Scripting
Posted Dec 1, 2012
Authored by Cartel

Kaseya version 6.2 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss
MD5 | 0d199c86dc9c0ba6e3bf9045283cf42d
Secunia Security Advisory 48946
Posted Apr 26, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Mark Lachniet has reported a vulnerability in Kaseya, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 5ba9ff5c874998a38375396811b6df59
Page 1 of 1
Back1Next

File Archive:

January 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    8 Files
  • 2
    Jan 2nd
    11 Files
  • 3
    Jan 3rd
    11 Files
  • 4
    Jan 4th
    2 Files
  • 5
    Jan 5th
    2 Files
  • 6
    Jan 6th
    18 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    10 Files
  • 10
    Jan 10th
    13 Files
  • 11
    Jan 11th
    2 Files
  • 12
    Jan 12th
    4 Files
  • 13
    Jan 13th
    21 Files
  • 14
    Jan 14th
    18 Files
  • 15
    Jan 15th
    12 Files
  • 16
    Jan 16th
    18 Files
  • 17
    Jan 17th
    11 Files
  • 18
    Jan 18th
    3 Files
  • 19
    Jan 19th
    2 Files
  • 20
    Jan 20th
    15 Files
  • 21
    Jan 21st
    22 Files
  • 22
    Jan 22nd
    19 Files
  • 23
    Jan 23rd
    4 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close