exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 254 RSS Feed

Files from KedAns-Dz

Email addressKed-h at hotmail.com
First Active2011-02-19
Last Active2015-12-04
Uploadify jQuery Generic File Upload
Posted Dec 24, 2012
Authored by KedAns-Dz

This Metasploit module an arbitrary file upload and code execution vulnerability in Uploadify.

tags | exploit, arbitrary, code execution, file upload
SHA-256 | a6f12738518c4ce18f38b79ba62f721ae6a586c334e491f20b73787b6ac9b356
Feindura CMS 2.0.4 Shell Upload
Posted Dec 24, 2012
Authored by KedAns-Dz

Feindura CMS version 2.0.4 suffers from a remote PHP shell upload vulnerability.

tags | exploit, remote, shell, php
SHA-256 | ecdc36ddddd1f08e0556a367db6dfb88df06cfe8bcf67905c47bfa7040e0a29b
Havalite 1.1.7 Cross Site Scripting / Shell Upload
Posted Dec 10, 2012
Authored by KedAns-Dz

Havalite version 1.1.7 suffers from cross site scripting and shell upload vulnerabilities. Some of these are known issues but the author has included a Metasploit module that demonstrates the shell upload vulnerability.

tags | exploit, shell, vulnerability, xss
advisories | CVE-2012-5892, CVE-2012-5893, CVE-2012-5894, OSVDB-80770, OSVDB-80769, OSVDB-80768
SHA-256 | b16f36dc19e8d0743633a1a4d99736d1d3e32acb6b946225ecccce25b7379ade
Web@All CMS 2.0 Shell Upload / Local File Inclusion
Posted Sep 6, 2012
Authored by KedAns-Dz

Web@All CMS version 2.0 suffers from remote shell upload and local file inclusion vulnerabilities.

tags | exploit, remote, web, shell, local, vulnerability, file inclusion
SHA-256 | 89fe4d72c6e0633b4f99cb3605416a0313e9dc5ff6be7db1ec4dabe98a5e2d72
Reverse Shell Shellcode
Posted Jul 13, 2012
Authored by KedAns-Dz

61 bytes small Unix/x86 reverse shell TCP port 30 shellcode.

tags | shell, x86, tcp, shellcode
systems | unix
SHA-256 | a9c4dce2bac819a7c3727dbb9373b2ad7d3a42ec3a4b4326b3d68c91e79d8c9d
Xoops Extgallery 1.0.8 Shell Upload / File Download
Posted Jul 13, 2012
Authored by KedAns-Dz

Xoops module extgallery version 1.0.8 suffers from shell upload and file download vulnerabilities.

tags | exploit, shell, vulnerability
SHA-256 | efd88a83367f65c5f985484f2a284435e4bff9c2448221292782b342964edd58
WordPress Generic Plugin Shell Upload
Posted Jul 13, 2012
Authored by KedAns-Dz

This Metasploit module exploits an arbitrary PHP File Upload and Code Execution flaw in some WordPress blog software plugins. The vulnerability allows for arbitrary file upload and remote code execution POST Data to Vulnerable Script/File in the plugin.

tags | exploit, remote, arbitrary, php, code execution, file upload
SHA-256 | b0f467c2f9513aea9fd89d25f94d00be23be09c42cfc54f3bbc14d023bf918cf
Chyrp 2.1.2 SQL Injection / Shell Upload
Posted Jul 13, 2012
Authored by KedAns-Dz

Chyrp version 2.1.2 suffers from shell upload and blind SQL injection vulnerabilities.

tags | exploit, shell, vulnerability, sql injection
SHA-256 | e287513c0cbb0dcc32a8b6b9e7fb601aed6506581291ac9d0276249d744f6812
WordPress Katalyst Timthumb 1.0 Shell Upload
Posted Jun 14, 2012
Authored by KedAns-Dz

WordPress Katalyst Timthumb plugin version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | bb46b34f899224734d5a56a9e1990f7732880b333f1cf0d3704ee29b7ec80813
Zimplit CMS 3.0 CSRF / LFI / Shell Upload
Posted Jun 12, 2012
Authored by KedAns-Dz

Zimplit CMS version 3.0 suffers from cross site request forgery, local file inclusion, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, local, vulnerability, file inclusion, csrf
SHA-256 | d687242f45ad944f038ec802f8b8dca7bd6897fa90332f14a9e5e39818973784
Joomla Joomsport SQL Injection / Shell Upload
Posted Jun 11, 2012
Authored by KedAns-Dz

The Joomla Joomsport component suffers from remote shell upload and remote SQL injection vulnerabilities.

tags | exploit, remote, shell, vulnerability, sql injection
SHA-256 | e9a76ab29955a0166d426cadbc1fb84359eeca77c4401ff86095bc6d467591ee
XoopsCube Shell Upload
Posted Jun 10, 2012
Authored by KedAns-Dz

The XoopsCube FileManager module suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | a9ac7d70fc41409ef34e23c595566b5d39812245a10314c96b4d2144cbe481ef
WordPress WP Easy Gallery 1.8 Shell Upload
Posted Jun 8, 2012
Authored by KedAns-Dz

WordPress WP Easy Gallery plugin version 1.8 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
SHA-256 | 8708a0229d8e3a219d0453c71acd6c833c8bd82aad0dd4b8bc7581d531a0648c
WordPress ImageDrop 1.1.2 Blind SQL Injection
Posted Jun 8, 2012
Authored by KedAns-Dz

WordPress ImageDrop version 1.1.2 suffers from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 929d96fbea46ad77a8ffaf61d68d7b45be6933347b445989f0cdbe2ca946c103
WordPress SS-Downloads 1.4.3 Cross Site Request Forgery / File Disclosure
Posted Jun 8, 2012
Authored by KedAns-Dz

WordPress SS-Downloads plugin version 1.4.3 suffers from cross site request forgery and file disclosure vulnerabilities.

tags | exploit, vulnerability, file inclusion, info disclosure, csrf
SHA-256 | f3dcba6853387ae2e9f0e6e00ca447dcb176d0b3a7a487ae1dbc3387c7d6c81f
Zoph 0.9pre2 CSRF / File Disclosure / SQL Injection
Posted Jun 4, 2012
Authored by KedAns-Dz

Zoph version 0.9pre2 suffers from cross site request forgery, remote file disclosure, and remote blind SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, info disclosure, csrf
SHA-256 | 865a2df0f072694ea17b80a8230b7ca7e96ee5bb8f33c6a27d742f75a8af1e29
TinyCMS 1.3 CSRF / LFI / File Upload
Posted Jun 3, 2012
Authored by KedAns-Dz

TinyCMS version 1.3 suffers from cross site request forgery, file upload, and local file inclusion vulnerabilities.

tags | exploit, local, vulnerability, file inclusion, file upload, csrf
SHA-256 | 33264e933a369719404982af97acd9acf0325409d6a5a63d9aba45c2297777a0
AdaptCMS 2.0.2 (TinyURL) SQL Injection
Posted Jun 3, 2012
Authored by KedAns-Dz

AdaptCMS version 2.0.2 (TinyURL) suffers from multiple remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection
SHA-256 | ecc9c9dc887b3df0475b0f5e46b2f86ca3d6efa6d62a9d722afa1e8502476d61
TYPO3 4.7 Cross Site Request Forgery
Posted Jun 3, 2012
Authored by KedAns-Dz

TYPO3 version 4.7 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | c80632c90b1ac04efcd7f77e078df6219065d85fb6eba49067507d5de0f365e5
VAMCart-InternetShop 0.9 File Upload Code Execution
Posted May 29, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability in the TinyMCE/tinybrowser plugin. This plugin is not secured in version 0.9 of VAMCart and allows the upload of files on the remote server. By renaming the uploaded file this vulnerability can be used to upload/execute code on the affected system.

tags | exploit, remote
SHA-256 | 2f631d7a476c9b413ae2de8686ab1f98d4e0e9c4ff4f224e34949b05e6bbf3c0
VAMCart-InternetShop 0.9 Cross Site Request Forgery / Shell Upload
Posted May 29, 2012
Authored by KedAns-Dz

VANCart-InternetShop version 0.9 suffers from cross site request forgery and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, csrf
SHA-256 | a3d1a0eb4bb484d54b974426fd346ef862dfc26b4788bc1577f86886d324b2b8
PBBoard 2.1.4 Cross Site Request Forgery
Posted May 29, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits multiple cross site request forgery (CSRF) vulnerabilities in admin.php in PBBoard 2.1.4 to allow for arbitrary file upload / command execution.

tags | exploit, arbitrary, php, vulnerability, file upload, csrf
advisories | CVE-2012-1216, OSVDB-79218
SHA-256 | f39d87cd2d0ecdc33b13e8ce46c0cbdb325accad08219c2178ea9f86295312c7
DornCMS 1.4 (add_page.php) Arbitrary File Upload
Posted May 25, 2012
Authored by KedAns-Dz | Site metasploit.com

This Metasploit module exploits a vulnerability found in Dorn Content Management Script (CMS), version 1.4. By abusing the add_page.php file, the attacker can upload/add a new file (.php) to the /cms/pages/ directory without any authentication, which results in arbitrary code execution.

tags | exploit, arbitrary, php, code execution
SHA-256 | d9e8467b701cbfb9bbe903c58d26bef4b2a9541424f51ceb8b51542282f6f250
DynPage 1.0 Cross Site Request Forgery / Shell Upload
Posted May 25, 2012
Authored by KedAns-Dz

DynPage version 1.0 suffers from cross site request forgery and shell upload vulnerabilities.

tags | exploit, shell, vulnerability, csrf
SHA-256 | 37621a0070cbaef6aa5d4f64bb886aef4c1af19162680673b6c79897100c5b03
Ajaxmint-Gallery 1.0 Cross Site Request Forgery
Posted May 20, 2012
Authored by KedAns-Dz

Ajaxmint-Gallery version 1.0 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
SHA-256 | 75aab5ec49b45f29fd9cd17396f521f35a6baa0bb85bb434c5e2a2a7d7f276d2
Page 2 of 11
Back12345Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close