Showing 1 - 9 of 9

Files from Fikri Fadzil

Email address	fikri.fadzil at impact-alliance.org
First Active	2014-09-06
Last Active	2018-05-14

MyBiz MyProcureNet 5.0.0 File Upload / Cross Site Scripting: Posted May 14, 2018; Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh, Ahmad Ramadhan Amizudin | Site sec-consult.com; MyBiz MyProcureNet version 5.0.0 suffers from remote file upload and cross site scripting vulnerabilities.; tags | advisory, remote, vulnerability, xss, file upload; advisories | CVE-2018-11091, CVE-2018-11090; SHA-256 | 051be9c96f5fc1dcdd65d667cf867817b2d9754a57b28812ac9fe96bc7e1ca84; Download | Favorite | View

ClipBucket SQL Injection / Command Injection / File Upload: Posted Feb 27, 2018; Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh, Ahmad Ramadhan Amizudin | Site sec-consult.com; ClipBucket versions prior to 4.0.0 Release 4902 suffer from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.; tags | exploit, remote, arbitrary, vulnerability, sql injection, file upload; SHA-256 | 9c6e2a39e41028f37a5698b02254f9b2ad0ed428ace7ac29e792084d6d5b69b5; Download | Favorite | View

OpenEMR 5.0.0 Command Injection / Cross Site Scripting: Posted Dec 4, 2017; Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh | Site sec-consult.com; OpenEMR version 5.0.0 suffers from code execution and cross site scripting vulnerabilities.; tags | exploit, vulnerability, code execution, xss; SHA-256 | cb323afd4eb9936c8fd21b2415f3e7b565e714471a0bae50bb61af03fdd63c92; Download | Favorite | View

Western Digital TV Media Player 1.03.07 LFI / CSRF / File Upload: Posted May 19, 2017; Authored by Fikri Fadzil, Wan Ikram | Site sec-consult.com; Western Digital TV Media Player version 1.03.07 suffers from file upload, local file inclusion, cross site request forgery, private key issue, remote SQL injection, and other vulnerabilities.; tags | advisory, remote, local, vulnerability, sql injection, file inclusion, file upload, csrf; SHA-256 | 385687d49d2c40482bc4095866410a41b9a17b1428c065bcb0a4be85c09e9a45; Download | Favorite | View

I, Librarian PDF Manager 4.6 / 4.7 Command Injection / SSRF / Enumeration: Posted May 9, 2017; Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh | Site sec-consult.com; I, Librarian PDF Manager versions 4.6 and below along with version 4.7 suffer from command injection, server-side request forgery, cross site scripting, and directory enumeration vulnerabilities.; tags | exploit, vulnerability, xss; SHA-256 | 7c325bdc1f88a6aa340e376d6463a768c9678e77c7cc0d563169c21c0f5a558f; Download | Favorite | View

MyBB 1.8.10 Server-Side Request Forgery: Posted Apr 7, 2017; Authored by Fikri Fadzil, Wan Ikram, Jasveer Singh | Site sec-consult.com; MyBB version 1.8.10 suffers from a server-side request forgery vulnerability.; tags | exploit; advisories | CVE-2017-7566; SHA-256 | 6def021f002d068b7afcd4018825a75bd63b3083cfd72ea4e1babc7809fe489e; Download | Favorite | View

PHP 7.1.2 fsockopen Misbehavior: Posted Apr 3, 2017; Authored by Fikri Fadzil | Site sec-consult.com; PHP version 7.1.2 suffers from an incorrect behavior with fsockopen.; tags | exploit, php; SHA-256 | f95a66bf357d7a4d4cc45ea50c1c6154b09b14db99cf7f747b69412d4f11e0e0; Download | Favorite | View

Western Digital My Cloud Command Injection / File Upload: Posted Mar 7, 2017; Authored by Fikri Fadzil, Wan Ikram | Site sec-consult.com; Western Digital My Cloud suffers from unauthenticated OS command injection and arbitrary file upload vulnerabilities.; tags | exploit, arbitrary, vulnerability, file upload; SHA-256 | 51f0b3c25ef788a912ab98c33ba93698f1e03c6437ab8611aaf32ab9e41abb83; Download | Favorite | View

WordPress Bulk Delete Users By Email 1.0 CSRF: Posted Sep 6, 2014; Authored by Fikri Fadzil; WordPress Bulk Delete Users By Email plugin version 1.0 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | d2725f5b703ed37f87518d0c5da43c8cbf2aead833b535f3cfcc379d0c5e671f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days