what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Pi3web-DoS.c
Posted May 23, 2003
Authored by Angelo Rosiello, rosiello | Site rosiello.org

A simple denial of service exists in the Pi3 webserver that allows a remote attacker to crash the daemon by feeding it a GET request with 354+ forward slashes after it.

tags | exploit, remote, denial of service
SHA-256 | d0d216a28eaf4658a4d2b9ad6dbe5182010977d617055973a17d6620ae03dea4

Related Files

Private Internet Access 3.3 Unquoted Service Path
Posted Mar 7, 2022
Authored by Saud Alenazi

Private Internet Access version 3.3 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | 9081a47374b387e598e4cbbd836ec0da7d432399214647b3c5d18c596c676d55
Pi-Hole Remove Commands Linux Privilege Escalation
Posted Jul 30, 2021
Authored by h00die, Emanuele Barbeno | Site metasploit.com

Pi-Hole versions 3.0 through 5.3 allows for command line input to the removecustomcname, removecustomdns, and removestaticdhcp functions without properly validating the parameters before passing to sed. When executed as the www-data user, this allows for a privilege escalation to root since www-data is in the sudoers.d/pihole file with no password.

tags | exploit, root
advisories | CVE-2021-29449
SHA-256 | 7265358e3e4327bc951c92f719451fce4a2ce957a5c1a6bde9f57d3d6646ee0f
Pi-hole 4.3.2 Remote Code Execution
Posted Aug 4, 2020
Authored by Luis Vacacas

Pi-hole version 4.3.2 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-8816
SHA-256 | 6c7ede8fd156dade480fdec18d5548dbf5d48ae94edd0fb6b8ff372bb2220dca
Pi-Hole 4.3.2 DHCP MAC OS Command Execution
Posted May 28, 2020
Authored by h00die, nateksec | Site metasploit.com

This Metasploit module exploits a command execution in Pi-Hole versions 4.3.2 and below. A new DHCP static lease is added with a MAC address which includes a remote code execution issue.

tags | exploit, remote, code execution
advisories | CVE-2020-8816
SHA-256 | 359e5af00d21f40799f66c4def97b9142ec248ec7b78fc2f54d6c7286881fa62
Pi-hole 4.4.0 Remote Code Execution
Posted May 27, 2020
Authored by Photubias

Pi-hole version 4.4.0 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-11108
SHA-256 | c7a92f42c54992e326709bf0e3e1ed94ba5f65503d1d8babc2253d1fecbc3a84
Pi-Hole 3.3 Command Execution
Posted May 26, 2020
Authored by h00die, Denis Andzakovic | Site metasploit.com

This Metasploit module exploits a command execution vulnerability in Pi-Hole versions 3.3 and below. When adding a new domain to the whitelist, it is possible to chain a command to the domain that is run on the OS.

tags | exploit
SHA-256 | cfc36a06914072c52416ddfd61eac6960d61e2221a60fe7ace44ef28f80b6a52
Pi-Hole heisenbergCompensator Blocklist OS Command Execution
Posted May 18, 2020
Authored by h00die, Nick Frichette | Site metasploit.com

This Metasploit module exploits a command execution in Pi-Hole versions 4.4 and below. A new blocklist is added, and then an update is forced (gravity) to pull in the blocklist content. PHP content is then written to a file within the webroot. Phase 1 writes a sudo pihole command to launch teleporter, effectively running a privilege escalation. Phase 2 writes our payload to teleporter.php, overwriting the content. Lastly, the phase 1 PHP file is called in the web root, which launches our payload in teleporter.php with root privileges.

tags | exploit, web, root, php
advisories | CVE-2020-11108
SHA-256 | e9e23eb75325d3d113b4298300162d67296d9023cbe19ae5f2709a0a7cace534
Pi-hole 4.4 Remote Code Execution / Privilege Escalation
Posted May 10, 2020
Authored by Nick Frichette

Pi-hole versions 4.4 and below remote code execution and privilege escalation exploit.

tags | exploit, remote, code execution
advisories | CVE-2020-11108
SHA-256 | 24dbec0272280c917c4f6f1294f5d251879231087642729ccdd7a1b727a27cff
Pi-hole 4.4 Remote Code Execution
Posted May 10, 2020
Authored by Nick Frichette

Pi-hole versions 4.4 and below suffer from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2020-11108
SHA-256 | c400406dcb79630cf4da18e7a41e5e507d3715a4c57d6150947c2924a9d53b97
Podman / Varlink Remote Code Execution
Posted Oct 15, 2019
Authored by Jeremy Brown

Remote exploit for Podman when configured with Varlink that allows for remote command execution, denial of service, directory traversal, and information disclosure vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, info disclosure
SHA-256 | 9dade0df8f26903fcb75bd7b183f65c133b07d815d2b11143e1d860fcdd45b69
Pidgin 2.13.0 Denial Of Service
Posted May 24, 2019
Authored by Alejandra Sanchez

Pidgin version 2.13.0 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | dbed3b7cdf9c51d8959568e09d67a7eb7e08fd52ceb6d262662bccfb08103b9a
PicaJet FX 2.6.5 Denial Of Service
Posted Sep 12, 2018
Authored by Gionathan Reale

PicaJet FX version 2.6.5 denial of service proof of concept exploit.

tags | exploit, denial of service, proof of concept
SHA-256 | 258345cae00b435b60cc604bc4af4f1742c50a767c4f6e4d814931c241df4a16
Piazza Cross Site Request Forgery
Posted Jun 1, 2018
Authored by David Fifield

Piazza.com suffered from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 1b2030289cad4a20106ac8be6b8a25a000bd94375c973764ee8ae0f32165fd02
Android Private Internet Access Denial Of Service
Posted Oct 27, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

The Android application provided by Private Internet Access (PIA) VPN service can be crashed by downloading a large file containing a list of current VPN servers. This can be exploited by an MITM attacker via intercepting and replacing this file. While the file is digitally signed, it is not served over SSL and the application did not contain logic for checking if the provided file is very large. The vendor has fixed this issue in version 1.3.3.1 and users should install the latest version.

tags | exploit, denial of service
advisories | CVE-2017-15882
SHA-256 | 800f549876739334d620586c15f309262e80b5ce74344d37893a980b9345e1e9
PIKATEL 96338L-2M-8M Unauthenticated Remote DNS Changer
Posted Sep 13, 2016
Authored by Todor Donev

PIKATEL 96338L-2M-8M unauthenticated remote DNS changer exploit.

tags | exploit, remote
SHA-256 | f31def2cd14ba72db4bf55b1aef4e8bc057ad948d670593d351e85195d3dd034
PIKATEL 96338WS Unauthenticated Remote DNS Changer
Posted Sep 12, 2016
Authored by Todor Donev

PIKATEL 96338WS unauthenticated remote DNS changer exploit.

tags | exploit, remote
SHA-256 | 596be1de21272fb1b77bedf46d16b77640ce788f243002e315626dc0d7df7e35
Pi-Hole 2.8.1 Cross Site Scripting
Posted Aug 16, 2016
Authored by loneferret

Pi-Hole version 2.8.1 with web interface version 1.3 suffers from a persistent cross site scripting vulnerability.

tags | exploit, web, xss
SHA-256 | dcdfd8e2b303c612ea99f185e33cfd910d4a217f8d34dbe3ab23d1823435c694
WordPress Pie Register 2.0.18 SQL Injection
Posted Oct 12, 2015
Authored by David Moore

WordPress Pie Register plugin version 2.0.18 suffers from multiple remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
advisories | CVE-2015-7682
SHA-256 | d7fec7c39380b4a2ab59c117e7c49906a8f6757f6bdc391c0b0ce08670bfad2d
WordPress Pie Register 2.0.18 Cross Site Scripting
Posted Oct 12, 2015
Authored by David Moore

WordPress Pie Register plugin version 2.0.18 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2015-7377
SHA-256 | ef061d8a63c49d1c9c92a2b3e63ae35351ce03271bba75bd55dfec9ea6f02101
Position Independent / Alphanumeric 64-Bit /bin/sh Shellcode
Posted Nov 10, 2014
Authored by Breaking.Technology

87 bytes small position independent and alphanumeric 64-bit execve("/bin/sh\0",NULL,NULL); shellcode.

tags | shellcode
SHA-256 | e1d1bfc09c2a1228a04d049674175d98a8bf646ec605a86ae7016e728e8e2c16
PicsEngine 2 Beta Cross Site Scripting / SQL Injection
Posted Mar 9, 2014
Authored by indoushka

PicsEngine version 2 Beta suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 1e714132046d251548c187f0b1692c34a5726c1200cfcf10827a33f1010ac66f
PicoPublisher 2.0 SQL Injection
Posted Mar 29, 2012
Authored by ZeTH

PicoPublisher version 2.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8589422d53bbbd4b33ee700206a84b88b5972c5bd4cc284f934442e74079f7d5
PicoWiki Cross Site Scripting
Posted Feb 8, 2012
Authored by Sony

PicoWiki suffers from a cross site scripting vulnerability.

tags | advisory, xss
SHA-256 | 2db3290ae0be6fa125ed88ed8f0318a1dc8e786e0e2969c2f3a3f06b127a64c6
Pika CMS Local File Inclusion
Posted Jun 1, 2011
Authored by KnocKout

Pika CMS suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
SHA-256 | 3b36530cf7aa0f05e4c5a5f4e35157a173a4fe72219938c7ddcb4a989d67188d
Pika CMS baza_mysql.php File Disclosure
Posted Jun 1, 2011
Authored by KnocKout

Pika CMS suffers from a baza_mysql.php disclosure vulnerability.

tags | exploit, php, info disclosure
SHA-256 | 7b542fc6f0fcf4be4d4cd1a945a7920682471568b48b88d37149cfb6929ad73d
Page 1 of 4
Back1234Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close