what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

Files from Anti Rais

Email addressantirais at gmail.com
First Active2016-11-20
Last Active2019-09-06
October CMS Upload Protection Bypass Code Execution
Posted Sep 6, 2019
Authored by Anti Rais, Touhid M.Shaikh, SecureLayer7.net | Site metasploit.com

This Metasploit module exploits an Authenticated user with permission to upload and manage media contents can upload various files on the server. Application prevents the user from uploading PHP code by checking the file extension. It uses black-list based approach, as seen in octobercms/vendor/october/rain/src/Filesystem/ Definitions.php:blockedExtensions(). This module was tested on October CMS version version 1.0.412 on Ubuntu.

tags | exploit, php
systems | linux, ubuntu
advisories | CVE-2017-1000119
SHA-256 | 018cfd6c1eb8529baff5fa0a0a5365e86412dcf24e53e0a9dac7f7b274f80338
Download | Favorite | View
Gitea 1.7.3 HTML Injection
Posted Mar 18, 2019
Authored by Anti Rais

Gitea versions 1.7.0 through 1.7.3 suffer from a stored html injection vulnerability.

tags | exploit
SHA-256 | 253ed51f7af489f1307804b4289f3d88966fed3070de63f9f7e892dd2a22ed63
Download | Favorite | View
b2evolution CMS 6.8.10 PHP Code Execution
Posted Jan 3, 2018
Authored by Anti Rais

b2evolution CMS versions 6.6.0 through 6.8.10 suffer from a php code execution vulnerability.

tags | exploit, php, code execution
advisories | CVE-2017-1000423
SHA-256 | 18f4539cf4fe17463b3faf5e2e74c177b2bf60a531b9f8efa46e3f91d9e46207
Download | Favorite | View
MODX Revolution 2.5.6 SQL Injection
Posted May 2, 2017
Authored by Anti Rais

MODX Revolution versions 2.0.1 through 2.5.6 suffer from a remote blind SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 9ca53f1352f8bd1e513b06cdda62e23b39b10558818e68e30de8e25e1cc7f5eb
Download | Favorite | View
October CMS 1.0.412 Code Execution / Shell Upload
Posted Apr 20, 2017
Authored by Anti Rais

October CMS version 1.0.412 suffers from access bypass, cross site scripting, code execution, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, code execution, xss
SHA-256 | f133ae1a00c61dc5828a8d5a4a01eaa1cff8d008fd292fc06836a939242285de
Download | Favorite | View
Joomla K2 2.7.1 Shell Upload / Cross Site Request Forgery
Posted Nov 20, 2016
Authored by Anti Rais

Joomla K2 extension versions 2.5.0 through 2.7.1 suffer from cross site request forgery and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, csrf
SHA-256 | 51360de63be1747db41906a1d00213fd070daf72507686e977bfdec5cc249b1b
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close