exploit the possibilities
Showing 1 - 25 of 96 RSS Feed

Files

X2Engine 4.1.7 Unrestricted File Upload
Posted Sep 23, 2014
Authored by EgiX

X2Engine versions 4.1.7 and below suffer from an unrestricted file upload vulnerability due to poor use of a blacklist.

tags | exploit, file upload
advisories | CVE-2014-5298
MD5 | 146f05b73cebbdf28b5a12d4a6a158f2

Related Files

SugarCRM Web Logic Hooks Module Path Traversal
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a path traversal vulnerability. User input passed through the "webhook_target_module" parameter is not properly sanitized before being used to save PHP code into the hooks file through the Web Logic Hooks module. This can be exploited to carry out path traversal attacks and e.g. create arbitrary directories. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, web, arbitrary, php
MD5 | 0a73c52a5465fdc38ae3bede2f424098
SugarCRM Web Logic Hooks Module PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through the "trigger_event" parameter is not properly sanitized before being used to save PHP code into the 'logic_hooks.php' file through the Web Logic Hooks module. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, web, arbitrary, php
MD5 | bc08aaf51fef23154d37431b75e27168
SugarCRM addLabels PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through key values of the 'labels_' parameters is not properly sanitized before being used to save PHP code within the "ParserLabel::addLabels()" method when saving labels through the Module Builder. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, arbitrary, php
MD5 | a185f42ec61a0417ce4c9024f155944a
Oracle Application Express AnyChart Flash-Based Cross Site Scripting
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

Oracle Application Express versions prior to 5.1.4.00.08 suffer from a cross site scripting vulnerability. The vulnerability is located in the OracleAnyChart.swf file. User input passed through the "__externalobjid" GET parameter is not properly sanitized before being passed to the "ExternalInterface.call" method.

tags | exploit, xss
advisories | CVE-2018-2699
MD5 | 1878f1ac9c3a185afe84dab79f99b4fe
SugarCRM WorkFlow PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.4.0 and 7.11.0.0 suffer from a PHP code injection vulnerability in the WorkFlow module. User input passed through the $_POST['base_module'] parameter to the "Save" action of the WorkFlow module is not properly sanitized before being used to write data into the 'workflow.php' file. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, arbitrary, php
MD5 | 695389da1dad0e4c2419d379b1d1e132
SugarCRM SaveDropDown PHP Code Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.5.0, 8.0.2, and 8.2.0 suffer from a PHP code injection vulnerability. User input passed through key values of the 'list_value' JSON parameter is not properly sanitized before being used to save PHP code when adding/saving dropdowns through the Module Builder. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires admin privileges.

tags | exploit, arbitrary, php
MD5 | d7144a03e522ca3b40f5f45efbaea7dd
SugarCRM portal_get_related_notes SQL Injection
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.4.0 and 7.11.0.0 suffer from a remote SQL injection vulnerability. The vulnerability is located within the SOAP API, specifically into the "portal_get_related_notes()" SOAP function. User input passed through the "order_by" parameter is not properly sanitized before being used to construct an "ORDER BY" clause of a SQL query from within the "get_notes_in_contacts()" or "get_notes_in_module()" functions. This can be exploited by Portal API Users to e.g. read sensitive data from the database through time-based SQL injection attacks.

tags | exploit, remote, sql injection
MD5 | 61b9e60763ce19a37159b100d11ccf2b
SugarCRM ConnectorsController Server-Side Request Forgery
Posted Jan 1, 2019
Authored by EgiX | Site karmainsecurity.com

SugarCRM versions prior to 7.9.4.0 and 7.11.0.0 suffer from a server-side request forgery vulnerability. The vulnerability is located within the "ConnectorsController::action_CallRest()" method. User input passed through the "url" request parameter is not properly sanitized before being used in a call to the "file_get_contents" function.

tags | exploit
MD5 | e437e1ac25dea0512229ef9d9063a774
Kisisel Portfolyo Scripti 4.031 SQL Injection
Posted Dec 23, 2017
Authored by indoushka

Kisisel Portfolyo Scripti version 4.031 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | fe8c94f1b8ad1c684268cdad28cce66f
Tuleap 9.6 Second-Order PHP Object Injection
Posted Oct 24, 2017
Authored by EgiX | Site karmainsecurity.com

Tuleap versions 9.6 and below suffer from a second order PHP object injection vulnerability.

tags | advisory, php
advisories | CVE-2017-7411
MD5 | 2a4b257f70f6f54a3226a84d41b3ca08
PEAR HTML_AJAX 0.5.7 PHP Object Injection
Posted Feb 6, 2017
Authored by EgiX | Site karmainsecurity.com

PEAR HTML_AJAX versions 0.5.7 and below suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | d2e6428ee37fd292066c41b75c9463b4
Piwik 2.16.0 PHP Object Injection
Posted Nov 8, 2016
Authored by EgiX | Site karmainsecurity.com

Piwik version 2.16.0 and below suffer from a saveLayout PHP object injection vulnerability.

tags | exploit, php
MD5 | bd3245f114f5d320f885b704e6a5d15e
Symantec Web Gateway 5.2.2 OS Command Injection
Posted Oct 6, 2016
Authored by EgiX | Site karmainsecurity.com

Symantec Web Gateway versions 5.2.2 and below suffer from an OS command injection vulnerability in new_whitelist.php.

tags | exploit, web, php
advisories | CVE-2016-5313
MD5 | 38e30c2ae231c0c90aef4db50c02c12c
IPS Community Suite 4.1.12.3 PHP Code Injection
Posted Jul 7, 2016
Authored by EgiX | Site karmainsecurity.com

IPS Community Suite versions 4.1.12.3 and below suffer from a remote PHP code injection vulnerability.

tags | exploit, remote, php
advisories | CVE-2016-6174
MD5 | 6818425f032118305ebc187f36a5a134
Concrete5 5.7.3.1 Local File Inclusion
Posted Jun 29, 2016
Authored by EgiX | Site karmainsecurity.com

Concrete5 versions 5.7.3.1 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | 7aad8a3d1adf10f05ea51ee8ca0e546d
Concrete5 5.7.3.1 Cross Site Scripting
Posted Jun 29, 2016
Authored by EgiX | Site karmainsecurity.com

Concrete5 versions 5.7.3.1 and below suffer from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
MD5 | d058d3ec001d3a60cfa71271ebc40d36
Concrete5 5.7.3.1 Cross Site Request Forgery
Posted Jun 29, 2016
Authored by EgiX | Site karmainsecurity.com

Concrete5 versions 5.7.3.1 and below suffer from multiple cross site request forgery vulnerabilities.

tags | advisory, vulnerability, csrf
MD5 | a9b43ed5dadf22c5af4f6e27e76b6a2d
SugarCRM 6.5.23 SugarRestSerialize.php PHP Object Injection
Posted Jun 24, 2016
Authored by EgiX

SugarCRM versions 6.5.23 and below suffer from a PHP object injection vulnerability.

tags | advisory, php
MD5 | 75a86f0ba47e36424e523dde32a8cfb9
SugarCRM 6.5.18 fopen() Command Injection / XSS / SSRF
Posted Jun 24, 2016
Authored by EgiX

SugarCRM versions 6.5.18 and below suffer from a MySugar::addDashlet insecure fopen() usage that can lead to command injection, cross site scripting, and server-side request forgery exploitation.

tags | exploit, xss
MD5 | d4aa80fa1772da234e2d9b4d7bd5e299
SugarCRM 6.5.18 PHP Code Injection
Posted Jun 24, 2016
Authored by EgiX

SugarCRM versions 6.5.18 and below suffer from two PHP code injection vulnerabilities.

tags | exploit, php, vulnerability
MD5 | 58722361e515edc078b6dc8a90758f93
SugarCRM 6.5.18 Missing Authorization
Posted Jun 24, 2016
Authored by EgiX

SugarCRM versions 6.5.18 and below suffer from a missing authorization check vulnerability.

tags | exploit
MD5 | 7b4962bd34be471d7a0aac23a8f25eaa
SugarCRM 6.5.18 SAML Authentication XML External Entity
Posted Jun 24, 2016
Authored by EgiX

SugarCRM versions 6.5.18 CE and below suffer from a SAML authentication XML external entity vulnerability.

tags | advisory, xxe
MD5 | c28483be9e51e708f3c48952da13852e
Magento 1.9.2.2 RSS Feed Information Disclosure
Posted Feb 25, 2016
Authored by EgiX

Magento versions 1.9.2.2 and below suffer from an information disclosure vulnerability in their RSS feed.

tags | exploit, info disclosure
advisories | CVE-2016-2212
MD5 | 72ef98d834f769976ae3af136b7e032f
CakePHP 3.2.0 CSRF Bypass
Posted Jan 17, 2016
Authored by EgiX

CakePHP versions 3.2.0 and below suffer from a _method cross site request forgery protection bypass vulnerability.

tags | exploit, bypass, csrf
advisories | CVE-2015-8379
MD5 | 4194ead0bfff2ad25e670ee6ecb9f903
Piwik 2.14.3 PHP Object Injection
Posted Nov 4, 2015
Authored by EgiX

Piwik versions 2.14.3 and below suffer from a PHP object injection vulnerability that can lead to remote code execution.

tags | exploit, remote, php, code execution
advisories | CVE-2015-7816
MD5 | 7c5bbac17aa1381c3f80fba1d07afc93
Page 1 of 4
Back1234Next

File Archive:

April 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    21 Files
  • 2
    Apr 2nd
    35 Files
  • 3
    Apr 3rd
    21 Files
  • 4
    Apr 4th
    16 Files
  • 5
    Apr 5th
    15 Files
  • 6
    Apr 6th
    1 Files
  • 7
    Apr 7th
    2 Files
  • 8
    Apr 8th
    23 Files
  • 9
    Apr 9th
    19 Files
  • 10
    Apr 10th
    15 Files
  • 11
    Apr 11th
    14 Files
  • 12
    Apr 12th
    11 Files
  • 13
    Apr 13th
    2 Files
  • 14
    Apr 14th
    5 Files
  • 15
    Apr 15th
    14 Files
  • 16
    Apr 16th
    19 Files
  • 17
    Apr 17th
    19 Files
  • 18
    Apr 18th
    8 Files
  • 19
    Apr 19th
    4 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close