exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 31 RSS Feed

Files

XAMPP 5.6.8 Cross Site Scripting / SQL Injection
Posted Feb 19, 2019
Authored by Rafael Pedrero

XAMPP version 5.6.8 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
advisories | CVE-2019-8923, CVE-2019-8924
SHA-256 | aee21c0f747793895d521255fb087042b76b5acfe5559a745fee582d264300ed

Related Files

XAMPP 5.6.40 SQL Injection
Posted Mar 4, 2024
Authored by Andrey Stoykov

XAMPP version 5.6.40 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 388ddb4dde51e1972477265a1ca501e1b0ccc13ac7cdae3357edbf821cc9e47b
XAMPP 3.3.0 Buffer Overflow
Posted Oct 27, 2023
Authored by Talson

XAMPP version 3.3.0 .ini unicode + SEH buffer overflow exploit.

tags | exploit, overflow
advisories | CVE-2023-46517
SHA-256 | 1ca692b072e3e08fac192c7f2fc261d0ac4feb8be639620958ba27b295c9541f
XAMPP 8.2.4 Unquoted Service Path
Posted Jul 12, 2023
Authored by Andrey Stoykov

XAMPP version 8.2.4 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 013b0dbd256f27abaa69c15d5aeec4553beac733154cfc7e150b3559ea0da2d5
XAMPP 7.4.3 Privilege Escalation
Posted Sep 27, 2021
Authored by Salman Asad

XAMPP version 7.4.3 suffers from a local privilege escalation vulnerability.

tags | exploit, local
advisories | CVE-2020-11107
SHA-256 | 0f5c7877625783cce13ce18ad512bfe8d734d9d56724b3d2d03dd5e65b70849a
XAMPP File Overwrite Vulnerability
Posted Jun 3, 2021
Authored by Ravindu Priyankara

This is a whitepaper that details exploitation of the XAMPP file overwrite vulnerability.

tags | paper
SHA-256 | 599c840a9119e2c8108281701779707886926208b2da13457cc0150074c5afdf
MaraCMS 7.5 Remote Code Execution
Posted Sep 28, 2020
Authored by Erik Wynter, Michele Cisternino | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability in MaraCMS versions 7.5 and below in order to execute arbitrary commands. The module first attempts to authenticate to MaraCMS. It then tries to upload a malicious PHP file to the web root via an HTTP POST request to codebase/handler.php. If the php target is selected, the payload is embedded in the uploaded file and the module attempts to execute the payload via an HTTP GET request to this file. For the linux and windows targets, the module uploads a simple PHP web shell. Subsequently, it leverages the CmdStager mixin to deliver the final payload via a series of HTTP GET requests to the PHP web shell. Valid credentials for a MaraCMS admin or manager account are required. This module has been successfully tested against MaraCMS 7.5 running on Windows Server 2012 (XAMPP server).

tags | exploit, web, arbitrary, shell, root, php, file upload
systems | linux, windows
advisories | CVE-2020-25042
SHA-256 | 46bcd0fb88548beb443fdf27155d8d4343ca495c9eb2a3289d06a46da4ac2b7b
ZenTao Pro 8.8.2 Remote Code Execution
Posted Jul 22, 2020
Authored by Daniel Monzon, Erik Wynter, Melvin Boers | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in ZenTao Pro 8.8.2 and earlier versions in order to execute arbitrary commands with SYSTEM privileges. Valid credentials for a ZenTao admin account are required. This module has been successfully tested against ZenTao 8.8.1 and 8.8.2 running on Windows 10 (XAMPP server).

tags | exploit, arbitrary
systems | windows
advisories | CVE-2020-7361
SHA-256 | 191b945627084957824fcc0caf7eb0edfafb74b14433e38de0cb21c995667b52
XAMPP Control Panel 3.2.2 Buffer Overflow
Posted Nov 13, 2018
Authored by Gionathan Reale, Semen Alexandrovich Lyhin

XAMPP Control Panel version 3.2.2 SEH unicode buffer overflow exploit.

tags | exploit, overflow
SHA-256 | 8bd240bd7bb81248ab6c58a6fd1da8911cf666e166f20e68128a64569d22ed9f
XAMPP Control Panel 3.2.2 Denial Of Service
Posted Sep 17, 2018
Authored by Gionathan Reale

XAMPP Control Panel version 3.2.2 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 11279e477c61380d58a61cf39382e89f695a6bbd0417558865cc986d0b28498a
XAMPP 7.1.1-0-VC14 DLL Hijacking
Posted May 6, 2017
Authored by Stefan Kanthak

The win32 installer for XAMPP version 7.1.1-0-VC14 suffers from a dll hijacking vulnerability.

tags | exploit
systems | windows
SHA-256 | a8fc7e5606eb5e86648baa5594604a3f400211d28987f06793ec8ef3d4d629d2
XAMPP Control Panel Denial Of Service
Posted Dec 24, 2016
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

XAMPP Control Panel suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | f05b21834528a55bfaf91568b2e88205225e6f5c80809bcdd2ebf4368df72f26
XAMPP 3.2.1 / phpMyAdmin 4.1.6 XSS / CSRF
Posted Apr 5, 2014
Authored by Mayank Kapoor

phpMyAdmin version 4.1.6 with XAMPP version 3.2.1 installed suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | db293ab011cdc60d620e9739d4aeeccff597c504701522f9f6b87250ff3c95a5
XAMPP 3.2.1 Cross Site Scripting
Posted Jan 15, 2014
Authored by DevilScreaM

XAMPP version 3.2.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 7e4de4aa57bfb79c844e7b693a14cc3809880e3e4222a8e2b4765d28905bc3cf
XAMPP Local Write Access
Posted Oct 15, 2013
Authored by Iranian_Dark_Coders_Team

XAMPP suffers from a local write access vulnerability.

tags | exploit, local
SHA-256 | d4e1c79f52b45915d4796dddbec5e1b6afeb47624dcc78e39ebde1fa02f92986
XAMPP 1.8.1 Local Write Access
Posted Sep 26, 2013
Authored by Manuel Garcia Cardenas | Site isecauditors.com

XAMPP version 1.8.1 allows an unprivileged user the ability to write to the local disk.

tags | exploit, local
advisories | CVE-2013-2586
SHA-256 | 4d1631d6f469e4eec20739ed04366120ee8ad777df5da5df3840c88f67f32135
XAMPP Windows 1.7.7 SQL Injection / Cross Site Scripting
Posted Jun 13, 2012
Authored by Sangteamtham

XAMPP Windows version 1.7.7 suffers from cross site scripting and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
systems | windows
SHA-256 | c08378ff45c8e8932736adeab30d3ea9518220e800f304ef446108b4d0e95627
XAMPP WebDAV PHP Upload
Posted Jan 6, 2012
Site metasploit.com

This Metasploit module exploits weak WebDAV passwords on XAMPP servers. It uses supplied credentials to upload a PHP payload and execute it.

tags | exploit, php
SHA-256 | 266b96091c73fa65688997de64ad65104556726a23ade7379e1e3b33659a86e7
XAMPP 1.7.7 Cross Site Scripting
Posted Nov 7, 2011
Authored by LiquidWorm | Site zeroscience.mk

XAMPP suffers from multiple cross site scripting issues in several scripts that use the 'PHP_SELF' variable. Attackers can exploit these weaknesses to execute arbitrary HTML and script code in a user's browser session.

tags | exploit, arbitrary, xss
SHA-256 | ae86da0652f8c09783eb8bc4f705626d86610066456102912826b1a3357b4def
Xampp 1.7.4 For Windows Cross Site Scripting
Posted Oct 26, 2011
Authored by Sangteamtham

Xampp version 1.7.4 for Windows suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | windows
SHA-256 | cd1c116e00f67c7bd2d9a1dffc91e3af3e2a36d6d43eac27b4dc04258e04bcc5
Xampp 1.7.3 Cross Site Scripting
Posted Nov 8, 2010
Authored by Sangteamtham

Xampp version 1.7.3 suffers from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | cfa75a86bb04fd0187323ca1520ef21ceb770a0cb9dc22d7071c54e13b557fb2
XAMPP 1.7.3 Cross Site Scripting / File Disclosure
Posted Nov 2, 2010
Authored by TheLeader

XAMPP versions 1.7.3 and below suffer from cross site scripting and file disclosure vulnerabilities.

tags | exploit, vulnerability, xss, info disclosure
SHA-256 | 5074d9a88205305ade7bae520a91f91ef678952b22e07c1a77236a103c0faf43
XAMPP Cross Site Request Forgery / Cross Site Scripting / Path Disclosure / SQL Injection / Traversal
Posted Jan 29, 2010
Authored by MustLive

XAMPP versions 1.6.8 and below suffer from cross site request forgery, cross site scripting, path disclosure, remote SQL injection and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion, csrf
SHA-256 | 98714ff1d8ab1f70017793ae6fa8f89b89eaac83f325a07dcb0b841989499dc1
XAMPP 1.7.2 Administrative Bypass
Posted Dec 7, 2009
Authored by bi0

The page used to change the administrative password in XAMPP version 1.7.2 has no access restrictions in place.

tags | exploit
SHA-256 | 632fd915fb3a1632c5e4271b01e7efb96cc07878cde952d35948092a5c19524d
XAMPP For Windows Cross Site Scripting
Posted Jun 30, 2009
Authored by Cru3l.b0y | Site deltahacking.ir

XAMPP for Windows suffers from phpinfo and cross site scripting vulnerabilities. Versions 1.4.9, 1.5.0, 1.5.1, and 1.6.4 are affected.

tags | exploit, vulnerability, xss
systems | windows
SHA-256 | 60935ec6be7f5fb4deb26711efb9b60a04780eda94243ede59b9d4971ca716ab
XAMPP 1.6.8 Password Exploit
Posted Dec 8, 2008
Authored by Michael Brooks | Site rooksecurity.com

XAMPP version 1.6.8 cross site request forgery exploit that changes the administrative password.

tags | exploit, csrf
SHA-256 | ec3a73d7d95b2c2beed4df05ae39dcd55297c2a015022002311391168d66da31
Page 1 of 2
Back12Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close