what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 17 of 17

Files from Arash Khazaei

WordPress Responsive Thumbnail Slider Arbitrary File Upload

Posted Jul 27, 2018

Authored by Arash Khazaei, Shelby Pace | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability in Responsive Thumbnail Slider Plugin v1.0 for WordPress post authentication.

tags | exploit, arbitrary, file upload

SHA-256 | 8ee01269b9ed74a3a7ab070775e8793353cb3fbec90f61759ae14ae92e25bdfa

Download | Favorite | View

Zapya Desktop 1.803 Privilege Escalation

Posted Sep 12, 2016

Authored by Arash Khazaei

Zapya Desktop version 1.803 suffers from a privilege escalation vulnerability.

tags | exploit

SHA-256 | 1204fdb3dca01a1547ffc9eb6eb38df0d60edd8a43261e989e340d837522878f

Download | Favorite | View

FTPShell Client 5.24 Buffer Overflow

Posted Feb 6, 2016

Authored by Arash Khazaei

FTPShell Client version 5.24 suffers from a local buffer overflow vulnerability.

tags | exploit, overflow, local

SHA-256 | 39f0901fa8ec8cf5b431f7fc42d467c020a8c21351dae0d31f759fe3938ea531

Download | Favorite | View

WordPress Gallery Master 1.0.22 Cross Site Scripting

Posted Dec 21, 2015

Authored by Arash Khazaei

WordPress Gallery Master plugin version 1.0.22 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 125e65f3414e32a56870065345499c7ecdcb1682aa4ebdfd986de2b0949e860f

Download | Favorite | View

WordPress Easy Media Gallery 1.3.47 Cross Site Scripting

Posted Sep 8, 2015

Authored by Arash Khazaei

WordPress Easy Media Gallery plugin version 1.3.47 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 2aa1cca005dbf2916fc30b3389929efd09d8fabec255a96d17c3ddf946ac3351

Download | Favorite | View

WordPress Testimonial Slider 1.2.1 Cross Site Scripting

Posted Aug 31, 2015

Authored by Arash Khazaei

WordPress Testimonial Slider plugin version 1.2.1 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | c42a3e7a53fa032347f8db34ca336504c038103182ac19af39975cd7d2507601

Download | Favorite | View

WordPress Captain Slider 1.0.6 Cross Site Scripting

Posted Aug 28, 2015

Authored by Arash Khazaei

WordPress Captain Slider plugin version 1.0.6 suffers from a stored cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 73470cb284596d274c1d8c36303b9ebc55b5a11435c41374e907a1eb3ff10eae

Download | Favorite | View

WordPress Responsive Thumbnail Slider 1.0 Shell Upload

Posted Aug 28, 2015

Authored by Arash Khazaei

WordPress Responsive Thumbnail Slider plugin version 1.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell

SHA-256 | f98b6997588b3f30ced3103e420f4be371274ba241219a5a03d4d7d3c513cfc0

Download | Favorite | View

Pligg CMS 2.0.2 Cross Site Request Forgery

Posted Aug 25, 2015

Authored by Arash Khazaei

Pligg CMS version 2.0.2 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf

advisories | CVE-2015-6655

SHA-256 | e8df6ea13dde593af7dce761b232c1d61d5a0fb061392ea66d9fa5a7ea0f440d

Download | Favorite | View

Pligg CMS 2.0.2 Open Redirect

Posted Aug 18, 2015

Authored by Arash Khazaei

Pligg CMS version 2.0.2 suffers from an open redirection vulnerability.

tags | exploit

SHA-256 | 8de2916fb64edab5627798231d00a3bccfd6941441919181802ea8d1d12632d0

Download | Favorite | View

Frog CMS 0.9.5 Open Redirect

Posted Aug 10, 2015

Authored by Arash Khazaei

Frog CMS version 0.9.5 suffers from an open redirection vulnerability.

tags | exploit

SHA-256 | 25146709ae210870dc86ac03f1bf8b4109480705ca00c7eda11f7e4537afb3ba

Download | Favorite | View

GetSimple CMS 3.3.5 Open Redirect

Posted Aug 10, 2015

Authored by Arash Khazaei

GetSimple CMS version 3.3.5 suffers from an open redirection vulnerability.

tags | advisory

SHA-256 | fe268ea6719cc22c2208a18c4acf1b9d327f1224bac515f7193384e4c28384b3

Download | Favorite | View

Wolf CMS 0.8.2 Open Redirect

Posted Aug 9, 2015

Authored by Arash Khazaei

Wolf CMS version 0.89.3 suffers from an open redirection vulnerability.

tags | exploit

SHA-256 | 2f842fe9745c43994929c4989b8f2046bc2df9349fed75bf7210cc48f2c296c0

Download | Favorite | View

Tendoo CMS 1.3 Cross Site Scripting

Posted Jul 28, 2015

Authored by Arash Khazaei

Tendoo CMS version 1.3 suffers from stored and reflective cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss

SHA-256 | cd9b09823f3b4f903977a3d92b3b7084b6e40bcacb0756fc6aafefeeafb8108a

Download | Favorite | View

Seditio CMS 1.7.1 Password Disclosure

Posted Jul 27, 2015

Authored by Arash Khazaei

Seditio CMS version 1.7.1 suffers from an administrator password disclosure vulnerability.

tags | exploit, info disclosure

SHA-256 | 1780346582854c7fdc89148449d9eeb1ad330538db092f6b047b6f4ff3c1e490

Download | Favorite | View

Seditio CMS 1.7.1 Open Redirect

Posted Jul 27, 2015

Authored by Arash Khazaei

Seditio CMS version 1.7.1 suffers from an open redirect vulnerability.

tags | exploit

SHA-256 | 2ff996b84f5e2517c42761313b4f6b91deae750fa6ae089104e6d04642bfc884

Download | Favorite | View

WordPress NativeChurch Theme 1.0 / 1.5 Arbitrary File Download

Posted Jun 13, 2015

Authored by Arash Khazaei

WordPress NativeChurch theme versions 1.0 through 1.5 suffer from an arbitrary file download vulnerability.

tags | exploit, arbitrary, info disclosure

SHA-256 | 6618b3ba418a0c1db66dbc8a7366c534e8ca74ffccc1b6b8527db3ed7323d919

Download | Favorite | View