39 matches found
WordPress ACF Frontend Display Plugin 2.0.5 - File Upload Vulnerability
Exploit for php platform in category web applications +---------------------------------------------------------------------------+ + Author: TUNISIAN CYBER + Title: WP Plugin Free ACF Frontend Display File Upload Vulnerability + Date: 3-07-2015 + Type: WebAPP + Download Plugin:...
WordPress Plugin ACF Frontend Display 2.0.5 - Arbitrary File Upload
+---------------------------------------------------------------------------+ + Author: TUNISIAN CYBER + Title: WP Plugin Free ACF Frontend Display File Upload Vulnerability + Date: 3-07-2015 + Type: WebAPP + Download Plugin: https://downloads.wordpress.org/plugin/acf-frontend-display.2.0.5.zip +...
elFinder 2 Remote Command Execution (Via File Creation) Vulnerability
Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Title: elFinder 2 Remote Command Execution Via File Creation Vulnerability + Date: 06-05-2015 + Vendor: https://github.com/Studio-42/elFinder + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Time Lin...
elFinder 2 Remote Command Execution
Author: TUNISIAN CYBER + Title: elFinder 2 Remote Command Execution Via File Creation Vulnerability + Date: 06-05-2015 + Vendor: https://github.com/Studio-42/elFinder + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Time Line: 03-05-2015:Vulnerability Discovered...
elFinder 2 - Remote Command Execution (via File Creation)
Author: TUNISIAN CYBER + Title: elFinder 2 Remote Command Execution Via File Creation Vulnerability + Date: 06-05-2015 + Vendor: https://github.com/Studio-42/elFinder + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Time Line: 03-05-2015:Vulnerability Discovered...
Free MP3 CD Ripper 2.6 2.8 - .wav File Buffer Overflow (SEH)
Free MP3 CD Ripper 2.6 2.8 - .wav File Buffer Overflow SEH !/usr/bin/env perl original p0c https://www.exploit-db.com/exploits/36465/ credit to TUNISIAN CYBER however he was attemping to vanilla buffer overflow in fact it is SEH based exploit using the address 0x7C9D30D7 is limit the targets whic...
WebUI v1.5b6 Remote Code Execution Vulnerability
Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Title: WebUI Remote Code Execution Vulnerability + Date: 21-04-2015 + Vendor: https://github.com/baram01/webui/ + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R + Proof of concept:...
Open-Letters - Remote PHP Code Injection
Open-Letters - Remote PHP Code Injection / errorreporting0; settimelimit0; iniset"defaultsockettimeout", 5; function httpsend$host, $packet if !$sock = fsockopen$host, 80 die "\n- No response from $host:80\n"; fwrite$sock, $packet; return streamgetcontents$sock; print "+ Author: TUNISIAN CYBER\n"...
Open-Letters - Remote PHP Code Injection
/ errorreporting0; settimelimit0; iniset"defaultsockettimeout", 5; function httpsend$host, $packet if !$sock = fsockopen$host, 80 die "\n- No response from $host:80\n"; fwrite$sock, $packet; return streamgetcontents$sock; print "+ Author: TUNISIAN CYBER\n"; print "+ Script coded BY: Egidio Romano...
win32/xp sp3 Create ("file.txt") - 83 bytes
/ + Author: TUNISIAN CYBER + Title: Shellcode: win32/xp sp3 Create "file.txt" 83 bytes + Date: 15-04-2015 + Type: Local Exploits + Tested on: WinXp 32bit SP3 + Friendly Sites: sec4ever.com + Twitter: @TCYB3R + Credits: steve hanna projectshellcode.com ============================= Assembly:...
IDM-6.20-Local-Buffer
Author: TUNISIAN CYBER + Exploit Title: IDM v6.20 Local Buffer Overflow + Date: 27-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Vendor: https://www.internetdownloadmanager.com/ + Friendly Sites: sec4ever.com...
UltraISO 9.6.2.3059 DLL Hijacking
Author: TUNISIAN CYBER + Exploit Title: UltraISO v9.6.2.3059 DLL Hijacking + Date: 28-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Friendly Sites: sec4ever.com + Twitter: @TCYB3R + Poc:http://i.imgur.com/naHAdJF.png + Create Compile the file then rename it to daemon.dll then...
HTTrack Website Copier 3.48-21 DLL Hijacking
Author: TUNISIAN CYBER + Exploit Title: HTTrack Website Copier v3.48-21 DLL Hijacking + Date: 28-03-2015 + Type: Local Exploits + Vendor: https://httrack.com/page/2/fr/index.html + Tested on: WinXp/Windows 7 Pro + Friendly Sites: sec4ever.com + Twitter: @TCYB3R + Create Compile the file then...
Internet Download Manager 6.20 Local Buffer Overflow
!/usr/bin/env python + Author: TUNISIAN CYBER + Exploit Title: IDM v6.20 Local Buffer Overflow + Date: 27-03-2015 + Type: Local Exploits + Tested on: WinXp/Windows 7 Pro + Vendor: https://www.internetdownloadmanager.com/ + Friendly Sites: sec4ever.com + Twitter: @TCYB3R +...
WordPress CIP4 Folder Download 1.10 Local File Inclusion
Exploit Title: CIP4 Folder Download Widget LFI Google Dork: index of :/cip4-folder-download-widget Date: 13-01-2015 Exploit Author: Ben khlifa Fahmi XTnR3v0lt Vendor Homepage: http://community.cip4.org Software Link: https://wordpress.org/plugins/cip4-folder-download-widget/ Version: 1.10 Tested...
OpenSupports 2.x - Auth Bypass/CSRF Vulnerabilities
No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: OpenSupports v2.x AuthBypass/CSRF Vulnerabilities + Date: 15-03-2014 + Category: WebApp + Version: 2.x + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-302/CWE-89 + Vendor: http://www.opensupports.com/ + Friendly Sites:...
LuxCal 3.2.2 - Multiple Vulnerabilities (CSRF/Blind SQL Injection)
No description provided by source. + Author: TUNISIAN CYBER + Exploit Title: LuxCal v3.2.2 CSRF/Blind SQL Injection Vulnerabilities + Date: 09-03-2014 + Category: WebApp + Tested on: KaliLinux/Windows 7 Pro + CWE: CWE-352/CWE-89 + Vendor: http://www.luxsoft.eu/ + Friendly Sites:...
Light Audio Player 1.0.14 - Memory Corruption PoC
No description provided by source. !/usr/bin/python + Author: TUNISIAN CYBER + Exploit Title: Light Audio Player 1.0.14 Memory Corruption PoC + Date: 22-03-2014 + Category: DoS/PoC + Tested on: WinXp/Windows 7 Pro + Vendor: http://download.cnet.com/Light-Audio-Player/3000-21394-10791618.html +...
jetVideo 8.1.1 - Basic (.wav) Local Crash PoC
No description provided by source. !/usr/bin/python + Author: TUNISIAN CYBER + Exploit Title: jetVideo 8.1.1 Basic .wav Local Crash PoC + Date: 22-03-2014 + Category: DoS/PoC + Tested on: WinXp/Windows 7 Pro + Vendor: http://www.jetaudio.com/download/jetvideo.html + Friendly Sites:...
Sagem 2604 Password Disclosure
+Title: Sagem 2604 Password Discolusre vulnerability +Author: TUNISIAN CYBER +Date: 6/JUN/2014 +Type:WebApp +Risk:High +Affected Version: v2604 Hardware Version: 253251193 Software Version: 3.21a4G +Overview: Sagem modem suffers, from a password discolsure vulnerability. +Proof Of Concept:...