accept no compromises

Register | Login

FilesNewsUsersAuthors

Home Files News Services About Contact Add New

Showing 1 - 25 of 3,830

File Inclusion Files

Cisco DDR2200 / 2201v1 Insecure Direct Object Reference / Path Traversal

Posted Jul 14, 2017

Authored by The Gambler

Cisco DDR2200 and 2201v1 ADSL2+ Residential Gateway devices suffer from insecure direct object reference vulnerabilities that allow for remote code execution as well as a path traversal issue.

tags | exploit, remote, vulnerability, code execution, bypass, file inclusion

systems | cisco

MD5 | 3d75aff532e38b6b2a6184d2c0b2e44d

Download | Favorite | Comments (0)

CMS Made Simple 2.2.1 Local File Inclusion

Posted Jul 2, 2017

Authored by Zhiyang Zeng

CMS Made Simple versions 2.2.1 and below suffers from a local inclusion vulnerability.

tags | exploit, local, file inclusion

MD5 | b3f295af95e08dea0b4737419f60d4db

Download | Favorite | Comments (0)

WordPress Photo Gallery 1.3.34 / 1.3.42 Path Traversal

Posted Jun 21, 2017

Authored by Tom Adams

WordPress Photo Gallery plugin versions 1.3.34 and 1.3.42 suffer from a path traversal vulnerability.

tags | exploit, file inclusion

MD5 | e233d580717e45da84a27f5bb6456e20

Download | Favorite | Comments (0)

Aerohive AP340 HiveOS Remote Code Execution / Local File Inclusion

Posted Jun 15, 2017

Authored by Ike-Clinton

Aerohive AP340 HiveOS versions prior to 6.1r5 suffers from a local file inclusion vulnerability that allows for remote code execution.

tags | exploit, remote, local, code execution, file inclusion

MD5 | 23f7f0efaf290260644702d2fc4ec176

Download | Favorite | Comments (0)

Robert 0.5 CSRF / XSS / Directory Traversal / SQL Injection

Posted Jun 7, 2017

Authored by Cyril Vallicari

Robert version 0.5 suffers from cross site request forgery, cross site scripting, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion, csrf

MD5 | cfd060cdd873a90420373f8cc4f97108

Download | Favorite | Comments (0)

uc-httpd Local File Inclusion / Traversal

Posted May 31, 2017

Authored by keksec

uc-httpd suffers from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion

MD5 | 1ea3e2779de86530c91d5d4ec0c8c541

Download | Favorite | Comments (0)

Western Digital TV Media Player 1.03.07 LFI / CSRF / File Upload

Posted May 19, 2017

Authored by Fikri Fadzil, Wan Ikram | Site sec-consult.com

Western Digital TV Media Player version 1.03.07 suffers from file upload, local file inclusion, cross site request forgery, private key issue, remote SQL injection, and other vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion, file upload, csrf

MD5 | 25bbe7a316a961b85fad5f438278159a

Download | Favorite | Comments (0)

ASUS Routers CSRF / Information Disclosure

Posted May 10, 2017

Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

ASUS routers suffer from cross site request forgery and information disclosure vulnerabilities. Versions affected include RT-AC55U, RT-AC56R, RT-AC56S, RT-AC56U, RT-AC66U, RT-AC88U, RT-AC66R, RT-AC66U, RT-AC66W, RT-AC68W, RT-AC68P, RT-AC68R, RT-AC68U, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC53U, RT-AC1900P, RT-AC3100, RT-AC3200, RT-AC5300, RT-N11P, RT-N12 (D1 version only), RT-N12+, RT-N12E, RT-N18U, RT-N56U, RT-N66R, RT-N66U (B1 version only), and RT-N66W.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf

advisories | CVE-2017-5891, CVE-2017-5892

MD5 | 3d95db7d42745579a0c76b4da4866297

Download | Favorite | Comments (0)

fimap Inclusion Scanner

Posted May 1, 2017

Authored by Iman Karim | Site tha-imax.de

fimap is a little python tool which can find, prepare, audit, exploit and even google automatically for local and remote file inclusion bugs in web applications.

tags | tool, remote, web, local, scanner, python, file inclusion

systems | unix

MD5 | c521918aff624c30203b6f8679f04c80

Download | Favorite | Comments (0)

Alerton Webtalk 2.5 / 3.3 Hash Disclosure / CSRF / Command Injection

Posted Apr 27, 2017

Authored by David Tomaschik

Alerton Webtalk versions 2.5 and 3.3 suffer from cross site request forgery, password hash disclosure, command injection, and login flow vulnerabilities.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf

MD5 | 6e847214fd97cdfd1149ec741c350114

Download | Favorite | Comments (0)

Trend Micro Threat Discovery Appliance 2.6.1062r1 logoff.cgi Directory Traversal

Posted Apr 20, 2017

Authored by Roberto Suggi Liverani, mr_me

Trend Micro Threat Discovery Appliance versions 2.6.1062r1 and below suffer from a logoff.cgi directory traversal authentication bypass vulnerability.

tags | exploit, cgi, bypass, file inclusion

advisories | CVE-2016-7552

MD5 | e64dcba98301f1ab384f8984e9224a9b

Download | Favorite | Comments (0)

Coppermine Gallery 1.5.44 Directory Traversal

Posted Apr 14, 2017

Authored by Hacker Fantastic

Coppermine Gallery versions 1.5.44 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion

MD5 | dda5a509b6541344f2cf734ab2ab3028

Download | Favorite | Comments (0)

XiongMai uc-http 1.0.0 Local File Inclusion / Directory Traversal

Posted Apr 12, 2017

Authored by Project Insecurity, sxcurity | Site insecurity.zone

uc-httpd is an HTTP daemon used by a wide array of IoT devices and is vulnerable to local file inclusion and directory traversal bugs.

tags | exploit, web, local, file inclusion

MD5 | 4dbd99715c3ee94349afae497d07d4cf

Download | Favorite | Comments (0)

MyBB Directory Traversal

Posted Apr 11, 2017

Authored by Zhiyang Zeng

MyBB versions prior to 1.8.11 suffer from a directory traversal vulnerability.

tags | exploit, file inclusion

MD5 | dbf0e2512ca759d8dd910d1da5c2a2bf

Download | Favorite | Comments (0)

D-Link DWR-116 Directory Traversal

Posted Apr 7, 2017

Authored by Patryk Bogdan

D-Link DWR-116 suffers from an arbitrary file download vulnerability via a directory traversal attack.

tags | exploit, arbitrary, file inclusion

advisories | CVE-2017-6190

MD5 | 239863ae7ceec29277f1ab7399cb62e8

Download | Favorite | Comments (0)

Computer Associates (Layer7) API Gateway 7 / 8 / 9 CRLF Response Splitting / Directory Traversal

Posted Apr 4, 2017

Authored by Patrick Webster

Computer Associates API Gateway versions 7, 8, and 9 suffer from CRLF response splitting and directory traversal vulnerabilities.

tags | exploit, vulnerability, file inclusion

MD5 | aa9a6a201080c8ae019201036b421b1b

Download | Favorite | Comments (0)

Dell OpenManage Server Administrator 8.4 Directory Traversal

Posted Apr 3, 2017

Authored by Harrison Neal

OpenManage Server Administrator version 8.4 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2016-4004

MD5 | 011a0fd4b9583379978aa92d49c83500

Download | Favorite | Comments (0)

GeoMoose 2.9.2 Directory Traversal

Posted Apr 3, 2017

Authored by Sander Ferdinand

GeoMoose versions 2.9.2 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion

MD5 | f2cb14903dfe2ded38a20a99c9ecc2bc

Download | Favorite | Comments (0)

Miele Professional PG 8528 Directory Traversal

Posted Mar 24, 2017

Authored by Jens Regel

The Miele Professional PG 8528 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

advisories | CVE-2017-7240

MD5 | 050cd30174f650cbbfac138073fe4caf

Download | Favorite | Comments (0)

Sparrow Web Server Directory Traversal

Posted Mar 24, 2017

Authored by Nassim Asrir

Sparrow Web Server suffers from a directory traversal vulnerability.

tags | exploit, web, file inclusion

MD5 | d1783f0002f84e97b130c4c5da1a1fac

Download | Favorite | Comments (0)

HttpServer 1.0 Directory Traversal

Posted Mar 20, 2017

Authored by malwrforensics

HttpServer version 1.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

MD5 | cff6ae54878a47c9255d6d1cd8613290

Download | Favorite | Comments (0)

dnaLIMS Code Execution / XSS / Traversal / Session Hijacking

Posted Mar 10, 2017

Authored by Nicholas von Pechmann

dnaLIMS DNA sequencing application suffers from an improperly protected web shell, a directory traversal, insecure password storage, session hijacking, cross site scripting, and improperly protected content vulnerabilities.

tags | exploit, web, shell, vulnerability, xss, file inclusion

advisories | CVE-2017-6526, CVE-2017-6527, CVE-2017-6528, CVE-2017-6529

MD5 | b192d5704b262c433258f2c3017c4ab2

Download | Favorite | Comments (0)

Joomla Akeeba Backup 5.2.5 Directory Traversal

Posted Mar 7, 2017

Authored by Mojtaba MobhaM

Joomla Akeeba Backup component version 5.2.5 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion

MD5 | 7af40fd2a0774230dd4fd2f32528ea7c

Download | Favorite | Comments (0)

Veritas NetBackup DoS / Command Execution / Privilege Escalation / Traversal

Posted Mar 1, 2017

Authored by Andrew Griffiths, Google Security Research, Sven Blumenstein, Xiaoran Wang

Veritas NetBackup versions 6.5.6 and 7.6.10 suffer from remote command execution, denial of service, path traversal, and privilege escalation vulnerabilities.

tags | exploit, remote, denial of service, vulnerability, file inclusion

MD5 | 37a97b8dac4781674a2adc592b1913de

Download | Favorite | Comments (0)

Coppermine Gallery 1.5.44 Directory Traversal

Posted Feb 15, 2017

Authored by Hacker Fantastic

Coppermine Gallery versions 1.5.44 and below suffer from a directory traversal vulnerability.

tags | exploit, file inclusion

MD5 | ea866f35dc4615d7d9332fbdb8551ec7

Download | Favorite | Comments (0)