Showing 1 - 25 of 32

Files from Metin Yunus Kandemir

First Active	2019-04-03
Last Active	2024-10-07

ManageEngine ADManager Plus Privilege Escalation: Posted Oct 7, 2024; Authored by Metin Yunus Kandemir; ManageEngine ADManager Plus builds prior to 7210 suffers from a privilege escalation vulnerability.; tags | advisory; advisories | CVE-2024-24409; SHA-256 | 3b9941aa9efcb746685c3ff7341274059f2a5c45bbffedd341d4a38c6fdff3c0; Download | Favorite | View

Microsoft Office NTLMv2 Disclosure: Posted Oct 2, 2024; Authored by Metin Yunus Kandemir; Microsoft Office 2019 MSO build 1808 (16.0.10411.20011) and Microsoft 365 MSO version 2403 build 16.0.17425.20176 suffer from an NTLMv2 hash disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2024-38200; SHA-256 | a515b741cb4fdee423e7ca948fc50654803bd1c926175eccc8866a749034e338; Download | Favorite | View

ManageEngine ADManager Plus Recovery Password Disclosure: Posted Feb 13, 2024; Authored by Metin Yunus Kandemir; ManageEngine ADManager Plus versions prior to build 7183 suffers from a recovery password disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2023-31492; SHA-256 | 7874929a14fe57fd79cdf95718b05cd915fe981a7a2e42784b174c59bf45ff2e; Download | Favorite | View

ManageEngine ADSelfService Plus Build 6118 NTLMv2 Hash Exposure: Posted May 11, 2022; Authored by Metin Yunus Kandemir; ManageEngine ADSelfService Plus build 6118 suffers from an NTLMv2 hash exposure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2022-29457; SHA-256 | f42a82f890c3591b725d59a439ef11e7ca7de7237e5ed593bd8a81bf354e0e19; Download | Favorite | View

ManageEngine ADSelfService Plus 6.1 User Enumeration: Posted Apr 19, 2022; Authored by Metin Yunus Kandemir; ManageEngine ADSelfService Plus version 6.1 suffers from a user enumeration vulnerability.; tags | exploit; SHA-256 | eb9a81d41b9726f90f1a950f6c1fd4f1b49ee04e2d812c1fb2175672b960b945; Download | Favorite | View

Abusing LAPS: Posted Jan 19, 2022; Authored by Metin Yunus Kandemir; Whitepaper that explains a misconfiguration based flaw about Local Administrator Password Solution.; tags | paper, local; SHA-256 | afd186867562453b4d7f00ad96270e7a4c5c6b2facd655ef9e4e3c6d602fb576; Download | Favorite | View

Seagate BlackArmor NAS sg2000-2000.1331 Command Injection: Posted Jul 16, 2021; Authored by Metin Yunus Kandemir; Seagate BlackArmor NAS version sg2000-2000.1331 remote command injection exploit.; tags | exploit, remote; SHA-256 | 9a7285a69805f1136bd7054963d9148897967e805a6a67a1cd1ffbf3c3dc7172; Download | Favorite | View

Thecus N4800Eco Command Injection: Posted Jun 2, 2021; Authored by Metin Yunus Kandemir; Thecus N4800Eco NAS server control panel suffers from a command injection vulnerability.; tags | exploit; SHA-256 | d7870fac7e6397017a08b261b256c7b60acc08e3f5738cb24318e34a48335819; Download | Favorite | View

ManageEngine ADSelfService Plus 6.1 CSV Injection: Posted May 19, 2021; Authored by Metin Yunus Kandemir; ManageEngine ADSelfService Plus version 6.1 suffers from a CSV injection vulnerability.; tags | exploit; SHA-256 | 685e14de90f446d314247608c72480994fb1618eb955e9fa368d505ba1cfb3f7; Download | Favorite | View

BRAdmin Professional 3.75 Unquoted Service Path: Posted Mar 19, 2021; Authored by Metin Yunus Kandemir; BRAdmin Professional version 3.75 suffers from an unquoted service path vulnerability.; tags | exploit; SHA-256 | 3beb108939a4de6047c2b0d5853c1c309a64fe01ffab40efff973d2695853137; Download | Favorite | View

Klog Server 2.4.1 Command Injection: Posted Feb 15, 2021; Authored by Brendan Coles, Metin Yunus Kandemir, B3KC4T | Site metasploit.com; This Metasploit module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and prior. The authenticate.php file uses the user HTTP POST parameter in a call to the shell_exec() PHP function without appropriate input validation, allowing arbitrary command execution as the apache user.; tags | exploit, web, arbitrary, php; advisories | CVE-2020-35729; SHA-256 | 5ec6676b8d5b72c304f3f383a6b3a1bbcb4df27ceff247690cd2cd511bbf75bb; Download | Favorite | View

Openlitespeed WebServer 1.7.8 Command Injection: Posted Feb 11, 2021; Authored by Metin Yunus Kandemir; Openlitespeed WebServer version 1.7.8 remote command injection exploit. Original discovery of command injection in this version is attributed to cm0s from SunCSR in January of 2021.; tags | exploit, remote; SHA-256 | 60f1f051bd798dab7089a4bee09f5a1d2479058f12087a17278967d49b845cf1; Download | Favorite | View

Klog Server 2.4.1 Command Injection: Posted Feb 1, 2021; Authored by Metin Yunus Kandemir; Klog Server version 2.4.1 remote command injection exploit.; tags | exploit, remote; advisories | CVE-2021-3317; SHA-256 | 99012dfbcefb01247d5d331d8643bce4efa6371eef0857ac2fc0aa91cc3e96a4; Download | Favorite | View

Klog Server 2.4.1 Command Injection: Posted Jan 26, 2021; Authored by Metin Yunus Kandemir, B3KC4T | Site metasploit.com; This Metasploit module exploits an unauthenticated command injection vulnerability in Klog Server versions 2.4.1 and below.; tags | exploit; advisories | CVE-2020-35729; SHA-256 | 4b98d5b04b6e749217209691c5bf8ebd2011def2f86e1db79d9419e0830fa90f; Download | Favorite | View

Cockpit 234 Server-Side Request Forgery: Posted Jan 8, 2021; Authored by Metin Yunus Kandemir; Cockpit version 234 suffers from an unauthenticated server-side request forgery vulnerability.; tags | exploit; SHA-256 | 7d5320612c3c2171833bc0f579b2434057c4c62e25ce3e66372baa4bc0bb0e83; Download | Favorite | View

SuperMicro IPMI 03.40 Cross Site Request Forgery: Posted Jul 9, 2020; Authored by Metin Yunus Kandemir; SuperMicro IPMI version 03.40 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; advisories | CVE-2020-15046; SHA-256 | f0c9c09b826203240ee4c6af353756b9f273a44846c5e01f9f40f3ee9ca0f51c; Download | Favorite | View

CSZ CMS 1.2.7 HTML Injection: Posted Apr 21, 2020; Authored by Metin Yunus Kandemir; CSZ CMS version 1.2.7 suffers from an html injection vulnerability.; tags | exploit; SHA-256 | b071ec3b56d0f80f701af10014a9989aaadb203765ef4561fbe56ef470fba5fe; Download | Favorite | View

CSZ CMS 1.2.7 Cross Site Scripting: Posted Apr 21, 2020; Authored by Metin Yunus Kandemir; CSZ CMS version 1.2.7 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | c84df5f5c5e62b67520a1d22c9fb41f1465fa5306e3650dc1f6b33b1e0e0e167; Download | Favorite | View

Exagate Sysguard 6001 Cross Site Request Forgery: Posted Mar 20, 2020; Authored by Metin Yunus Kandemir; Exagate Sysguard 6001 suffers from a cross site request forgery vulnerability.; tags | exploit, csrf; SHA-256 | 97013bfb1dbd21c33b3ea58f30c8b9c3f862968f7e7dba05b502e4556780c348; Download | Favorite | View

Complaint Management System 4.0 Remote Code Execution: Posted Jan 7, 2020; Authored by Metin Yunus Kandemir; Complaint Management System version 4.0 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 7b0aa980a77d3f44b50de965bfd78bcc8506a9e151f332e040c46eef55d76f21; Download | Favorite | View

Online Course Registration 2.0 Remote Code Execution: Posted Jan 2, 2020; Authored by Metin Yunus Kandemir; Online Course Registration version 2.0 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; SHA-256 | 111753551568881bfe89880e1b09bb623051b7e801414cc97d971695f59c804e; Download | Favorite | View

Hospital Management System 4.0 SQL Injection: Posted Jan 1, 2020; Authored by Metin Yunus Kandemir; Hospital Management System version 4.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection; SHA-256 | bcaf939ae34732279682937d7a4e19c5c0715fc37b15d7cc69c314edbf75de6f; Download | Favorite | View

Shopping Portal ProVersion 3.0 SQL Injection: Posted Jan 1, 2020; Authored by Metin Yunus Kandemir; Shopping Portal ProVersion version 3.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.; tags | exploit, remote, sql injection; SHA-256 | 6edca2e8d0f9d1ae2d8f481dcd908e8b1ebdae5c8b26ea01e110ac95fdba0880; Download | Favorite | View

Snipe-IT Open Source Asset Management 4.7.5 Cross Site Scripting: Posted Dec 9, 2019; Authored by Metin Yunus Kandemir; Snipe-IT Open Source Asset Management version 4.7.5 suffers from a persistent cross site scripting vulnerability.; tags | exploit, xss; SHA-256 | c275463593eb3ad5d471d6a71d8677632baba810d9fef6a9ca6da6a50e707e22; Download | Favorite | View

Dolibarr ERP-CRM 10.0.1 Cross Site Scripting: Posted Sep 13, 2019; Authored by Metin Yunus Kandemir; Dolibarr ERP-CRM version 10.0.1 suffers from a user-agent cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2019-16197; SHA-256 | 0187de9002d59f341d170b546ca8984e4ebf01432ab6172e13141bf0b1e44251; Download | Favorite | View

Page 1 of 2 Back 1 2 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 57 files
LiquidWorm 23 files
Debian 19 files
indoushka 15 files
Apple 9 files
Google Security Research 5 files
Gentoo 5 files
Chokri Hammedi 3 files
Alter Prime 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,158)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,830)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,245)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,969)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

Files from Metin Yunus Kandemir

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems