all things security
Showing 1 - 25 of 3,847 RSS Feed

File Inclusion Files

3CX Phone System 15.5.3554.1 Directory Traversal
Posted Oct 16, 2017
Authored by Jens Regel

3CX Phone System version 15.5.3554.1 suffers from an authentication directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2017-15359
MD5 | a9779e9950c10976260d9d215e0f3f96
DuckieTV CMS 1.1.5 Local File Inclusion
Posted Oct 13, 2017
Authored by M.R.S.L.Y

DuckieTV CMS version 1.1.5 suffers from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
advisories | CVE-2016-4314
MD5 | 0f7c3ac190d24812bb19d4a0af0f7e8a
WordPress Ad Widget 2.10.0 Local File Inclusion
Posted Oct 10, 2017
Authored by DefenseCode, Neven Biruski

WordPress Ad Widget plugin versions 2.10.0 and below suffer from a local file inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | a02c1bb177145fdea032f28a60278396
WordPress Smush Image 2.7.4.1 Directory Traversal
Posted Oct 4, 2017
Authored by Ricardo Sanchez

WordPress Smush Image plugin version 2.7.4.1 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 74031598272cf1973422350b4130cab0
LAquis SCADA 4.1.0.2385 Directory Traversal
Posted Sep 29, 2017
Authored by James Fitts | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability found in the LAquis SCADA application. The vulnerability is triggered when sending a series of dot dot slashes (../) to the vulnerable NOME parameter found on the listagem.laquis file. This Metasploit module was tested against version 4.1.0.2385.

tags | exploit, file inclusion
advisories | CVE-2017-6020
MD5 | cc55558411a9a1f9c6a327132bf52ec2
Cloudview NMS 2.00b Writable Directory Traversal Execution
Posted Sep 15, 2017
Authored by James Fitts | Site metasploit.com

This Metasploit module exploits a vulnerability found in Cloudview NMS server. The software contains a directory traversal vulnerability that allows a remote attacker to write arbitrary file to the file system, which results in code execution under the context 'SYSTEM'.

tags | exploit, remote, arbitrary, code execution, file inclusion
MD5 | f21104622ef288e328fae776f93497a0
Carel PlantVisor 2.4.4 Directory Traversal
Posted Sep 15, 2017
Authored by James Fitts | Site metasploit.com

Carel PlantVisor version 2.4.4 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
advisories | CVE-2011-3487
MD5 | 53c47349d004a5da5be6c028fec32469
Indusoft Web Studio Directory Traversal
Posted Sep 15, 2017
Authored by James Fitts | Site metasploit.com

This Metasploit module exploits a flaw found in Indusoft Web Studio versions 7.1 and below before SP2 Patch 4. This specific flaw allows users to browse outside of the webroot to download files found on the underlying system.

tags | exploit, web, file inclusion
advisories | CVE-2014-0780
MD5 | 16f7cb4a150432863c9bfba04db5b70a
Carlo Gavazzi Powersoft 2.1.1.1 Directory Traversal
Posted Sep 15, 2017
Authored by James Fitts | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability found in Carlo Gavazzi Powersoft versions 2.1.1.1 and below. The vulnerability is triggered when sending a specially crafted GET request to the server. The location parameter of the GET request is not sanitized and the sendCommand.php script will automatically pull down any file requested

tags | exploit, php, file inclusion
MD5 | 7ead626f719b2712cc6f6e65a79e2c9f
LIFE CMS Directory Traversal
Posted Sep 12, 2017
Authored by Renzi

LIFE SISTEMAS CMS suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | fcf18dd822df0ed672bf0cff3f598547
JGI CMS 1.0 Directory Traversal
Posted Sep 11, 2017
Authored by Renzi

JGI CMS version 1.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | be892befef82a66cb3a045ec3df6749a
WiseGiga NAS CSRF / LFI / Command Execution
Posted Sep 11, 2017
Authored by Pierre Kim

WiseGiga NAS suffers from cross site request forgery, local file inclusion, command execution, and default credential vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, csrf
MD5 | 047939def71293ad9bd51f3067e33736
Huawei HG255s Directory Traversal
Posted Sep 8, 2017
Authored by Ahmet Mersin

Huawei HG255s suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | adeb025562e7f5dd4093670510800427
Ultimate HR System 1.2 Cross Site Scripting / Directory Traversal
Posted Sep 5, 2017
Authored by 8bitsec

Ultimate HR System versions 1.2 and below suffer from cross site scripting and directory traversal vulnerabilities.

tags | exploit, vulnerability, xss, file inclusion
MD5 | 7ef8c382c84bd564a779cefd35abf93a
Philex CMS 0.2 Directory Traversal
Posted Aug 16, 2017
Authored by Renzi

Philex CMS version 0.2 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
MD5 | 2506b9c0aa524dc31cfbd3aa844da9b1
ClipBucket 2.8.3 SQL Injection / Arbitrary File Read / Write
Posted Aug 15, 2017
Authored by bRpsd

ClipBucket version2.8.3 suffers from remote SQL injection, arbitrary file read/write, and default credential vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, sql injection, file inclusion
MD5 | ad009dbfbe414a249ac5f206ca71f955
Advantech SUSIAccess 3.0 Directory Traversal / Information Disclosure
Posted Aug 1, 2017
Authored by James Fitts | Site metasploit.com

This Metasploit module exploits an information disclosure vulnerability found in Advantech SUSIAccess versions 3.0 and below. The vulnerability is triggered when sending a GET request to the server with a series of dot dot slashes (../) in the file parameter.

tags | exploit, file inclusion, info disclosure
advisories | CVE-2016-9349
MD5 | b99b70a5c20733224e88b86d90cc3957
Cisco DDR2200 / 2201v1 Insecure Direct Object Reference / Path Traversal
Posted Jul 14, 2017
Authored by The Gambler

Cisco DDR2200 and 2201v1 ADSL2+ Residential Gateway devices suffer from insecure direct object reference vulnerabilities that allow for remote code execution as well as a path traversal issue.

tags | exploit, remote, vulnerability, code execution, bypass, file inclusion
systems | cisco
MD5 | 3d75aff532e38b6b2a6184d2c0b2e44d
CMS Made Simple 2.2.1 Local File Inclusion
Posted Jul 2, 2017
Authored by Zhiyang Zeng

CMS Made Simple versions 2.2.1 and below suffers from a local inclusion vulnerability.

tags | exploit, local, file inclusion
MD5 | b3f295af95e08dea0b4737419f60d4db
WordPress Photo Gallery 1.3.34 / 1.3.42 Path Traversal
Posted Jun 21, 2017
Authored by Tom Adams

WordPress Photo Gallery plugin versions 1.3.34 and 1.3.42 suffer from a path traversal vulnerability.

tags | exploit, file inclusion
MD5 | e233d580717e45da84a27f5bb6456e20
Aerohive AP340 HiveOS Remote Code Execution / Local File Inclusion
Posted Jun 15, 2017
Authored by Ike-Clinton

Aerohive AP340 HiveOS versions prior to 6.1r5 suffers from a local file inclusion vulnerability that allows for remote code execution.

tags | exploit, remote, local, code execution, file inclusion
MD5 | 23f7f0efaf290260644702d2fc4ec176
Robert 0.5 CSRF / XSS / Directory Traversal / SQL Injection
Posted Jun 7, 2017
Authored by Cyril Vallicari

Robert version 0.5 suffers from cross site request forgery, cross site scripting, remote SQL injection, and directory traversal vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, file inclusion, csrf
MD5 | cfd060cdd873a90420373f8cc4f97108
uc-httpd Local File Inclusion / Traversal
Posted May 31, 2017
Authored by keksec

uc-httpd suffers from local file inclusion and directory traversal vulnerabilities.

tags | exploit, local, vulnerability, file inclusion
MD5 | 1ea3e2779de86530c91d5d4ec0c8c541
Western Digital TV Media Player 1.03.07 LFI / CSRF / File Upload
Posted May 19, 2017
Authored by Fikri Fadzil, Wan Ikram | Site sec-consult.com

Western Digital TV Media Player version 1.03.07 suffers from file upload, local file inclusion, cross site request forgery, private key issue, remote SQL injection, and other vulnerabilities.

tags | advisory, remote, local, vulnerability, sql injection, file inclusion, file upload, csrf
MD5 | 25bbe7a316a961b85fad5f438278159a
ASUS Routers CSRF / Information Disclosure
Posted May 10, 2017
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

ASUS routers suffer from cross site request forgery and information disclosure vulnerabilities. Versions affected include RT-AC55U, RT-AC56R, RT-AC56S, RT-AC56U, RT-AC66U, RT-AC88U, RT-AC66R, RT-AC66U, RT-AC66W, RT-AC68W, RT-AC68P, RT-AC68R, RT-AC68U, RT-AC87R, RT-AC87U, RT-AC51U, RT-AC53U, RT-AC1900P, RT-AC3100, RT-AC3200, RT-AC5300, RT-N11P, RT-N12 (D1 version only), RT-N12+, RT-N12E, RT-N18U, RT-N56U, RT-N66R, RT-N66U (B1 version only), and RT-N66W.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf
advisories | CVE-2017-5891, CVE-2017-5892
MD5 | 3d95db7d42745579a0c76b4da4866297
Page 1 of 154
Back12345Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    8 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close