what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 1,937 RSS Feed

Bypass Files

D-Link DSL 320B Password Extractor
Posted Aug 31, 2024
Authored by Michael Messner | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in D-Link DSL 320B less than or equal tov1.23. This vulnerability allows to extract the credentials for the remote management interface.

tags | exploit, remote, bypass
SHA-256 | 46b12d46c687aab16789fe43c6f1a2ff95ae781adbba6ee2c13bae048f23ea0c
Netgear PNPX_GetShareFolderList Authentication Bypass
Posted Aug 31, 2024
Authored by temp66, Grant Willcox | Site metasploit.com

This Metasploit module targets an authentication bypass vulnerability in the mini_http binary of several Netgear Routers running firmware versions prior to 1.2.0.88, 1.0.1.80, 1.1.0.110, and 1.1.0.84. The vulnerability allows unauthenticated attackers to reveal the password for the admin user that is used to log into the routers administrative portal, in plaintext. Once the password has been been obtained, the exploit enables telnet on the target router and then utiltizes the auxiliary/scanner/telnet/telnet_login module to log into the router using the stolen credentials of the admin user. This will result in the attacker obtaining a new telnet session as the "root" user. This vulnerability was discovered and exploited by an independent security researcher who reported it to SSD.

tags | exploit, root, bypass
SHA-256 | b64800ebe35ccd348243151eddc846891e371e499d5629a34a60850c0cbe7c61
Oracle Secure Backup Authentication Bypass / Command Injection
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in login.php in order to execute arbitrary code via a command injection vulnerability in property_box.php. This Metasploit module was tested against Oracle Secure Backup version 10.3.0.1.0 (Win32).

tags | exploit, arbitrary, php, bypass
systems | windows
advisories | CVE-2010-0904
SHA-256 | 6863a81671e2c9181fc762b376462302051ea799490c07fe8f165bc20e6d3514
Oracle Secure Backup Authentication Bypass / Command Injection
Posted Aug 31, 2024
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits an authentication bypass vulnerability in login.php in order to execute arbitrary code via a command injection vulnerability in property_box.php. This Metasploit module was tested against Oracle Secure Backup version 10.3.0.1.0 (Win32).

tags | exploit, arbitrary, php, bypass
systems | windows
advisories | CVE-2009-1977, CVE-2009-1978
SHA-256 | 16474ed0f873351c852148c57a073ca86fa3cdb0b63dfb8b35602ac09c210c32
Progress MOVEit SFTP Authentication Bypass for Arbitrary File Read
Posted Aug 31, 2024
Authored by sfewer-r7 | Site metasploit.com

This Metasploit module exploits CVE-2024-5806, an authentication bypass vulnerability in the MOVEit Transfer SFTP service. The following version are affected: * MOVEit Transfer 2023.0.x (Fixed in 2023.0.11) * MOVEit Transfer 2023.1.x (Fixed in 2023.1.6) * MOVEit Transfer 2024.0.x (Fixed in 2024.0.2) The module can establish an authenticated SFTP session for a MOVEit Transfer user. The module allows for both listing the contents of a directory, and the reading of an arbitrary file.

tags | exploit, arbitrary, bypass
advisories | CVE-2024-5806
SHA-256 | e42c18fe2ecf06ede012b90f30e4d6c190c704e7d0189584fe141737a2f2eeab
HP ProCurve SNAC Domain Controller Credential Dumper
Posted Aug 31, 2024
Authored by rgod, juan vazquez | Site metasploit.com

This Metasploit module will extract Domain Controller credentials from vulnerable installations of HP SNAC as distributed with HP ProCurve 4.00 and 3.20. The authentication bypass vulnerability has been used to exploit remote file uploads. This vulnerability can be used to gather important information handled by the vulnerable application, like plain text domain controller credentials. This Metasploit module has been tested successfully with HP SNAC included with ProCurve Manager 4.0.

tags | exploit, remote, bypass, file upload
SHA-256 | aed454bc14ce73f32076d32a64079806c8be0da490907a6f04fd8ad00e038838
Samsung Internet Browser SOP Bypass
Posted Aug 31, 2024
Authored by Tod Beardsley, Jeffrey Martin, Dhiraj Mishra | Site metasploit.com

This Metasploit module takes advantage of a Same-Origin Policy (SOP) bypass vulnerability in the Samsung Internet Browser, a popular mobile browser shipping with Samsung Android devices. By default, it initiates a redirect to a child tab, and rewrites the innerHTML to gather credentials via a fake pop-up.

tags | exploit, bypass
advisories | CVE-2017-17692
SHA-256 | d84c00616d548716b9414d5a60ebf17fd0c1065bb413ce49d1a747e954c01fc0
Red Hat Security Advisory 2024-5982-03
Posted Aug 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5982-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-31315
SHA-256 | dea1c5df22b38b677801b6ea524c8a48a81a0f3f2ae4e8d30dd88d017d8b57a9
Red Hat Security Advisory 2024-5980-03
Posted Aug 29, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5980-03 - An update for linux-firmware is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-31315
SHA-256 | ac70b27d0174b640b0084de261db2ac80e0a082b60086fd3fed81943b2c9a0b1
Medical Center Portal 1.0 SQL Injection
Posted Aug 27, 2024
Authored by indoushka

Medical Center Portal version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 4d30a67a0ab94c8ceed55ef0165e2eedf1d276131b5341cfc581bf2954c04b02
Red Hat Security Advisory 2024-5815-03
Posted Aug 27, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5815-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2024-22018
SHA-256 | 569f61780dc9652437da28a87851c83315d45be578fe00cbe44247b6034288ab
Login System Project 1.0 SQL Injection
Posted Aug 27, 2024
Authored by indoushka

Login System Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 6246efe507f796ffbcf438b89a4e64415367c7c634bcb20d80f59a253f813619
Loan Management System 1.0 SQL Injection
Posted Aug 26, 2024
Authored by indoushka

Loan Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | ed75910910f3f594bf680ca801e599334e60fa3ca166470f03bfa31c27d4c6c4
Employee Record Management System 1.0 SQL Injection
Posted Aug 26, 2024
Authored by indoushka

Employee Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 48f74abd4ae2b0a4eefcbc41869e56c73b5b26ad8ea6f55bc7ef2939ebb312a7
DETS Project 1.0 SQL Injection
Posted Aug 26, 2024
Authored by indoushka

DETS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 8e871e7f49c2379860d7b67c7b6819a9dfb93577e9139f8863c582714f30982a
Company Visitor Management 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

Company Visitor Management version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | a3ae790e1f332d8ff787915e2feb853d7c3e614aeaea67361861ea7d18bb27df
Client Management System 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

Client Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 25d183ad1ab808d8eb37c605403875c32f55a1eb9742ca2f0a1e77e0b7ce0951
CCMS Project 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

CCMS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | de9151d5ff302677fb5da77053693b392b8644cb6845abb56a920fd62a7f579c
Biobook Social Networking Site 1.0 SQL Injection
Posted Aug 23, 2024
Authored by indoushka

Biobook Social Networking Site version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | fa0e4caf860abda8bbabc5103e38c78e393907f876e4a4b9d5dd3cb7513396cf
AVMS Project 1.0 SQL Injection
Posted Aug 22, 2024
Authored by indoushka

AVMS Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 44299386859b222bfbf61e5b31081de5872353d1be32639a637563ae9c557c3f
Karya Online Shopping Portal 2.0 SQL Injection
Posted Aug 19, 2024
Authored by indoushka

Karya Online Shopping Portal version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | ace5835235cc9816aa9586e82f7882eca16802f166866858074cc02f513e907c
Red Hat Security Advisory 2024-5200-03
Posted Aug 19, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5200-03 - Red Hat OpenShift Container Platform release 4.12.63 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-48795
SHA-256 | 2567d437c092512847a194b9f32fd74daa5a5e813f3857ccbe039c9ba188cc54
Human Resource Management System 2024 1.0 SQL Injection
Posted Aug 16, 2024
Authored by indoushka

Human Resource Management System 2024 version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 3800f1816111f1edbb9091c2250c05c9601784c51aa09742476281c2862e85c3
Hotel Management System 1.0 SQL Injection
Posted Aug 16, 2024
Authored by indoushka

Hotel Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

tags | exploit, remote, sql injection, bypass
SHA-256 | 2536c30b03f92e1a431ba68657f0b804165f343b2b4f604f1211f7bfc5be9a1a
Red Hat Security Advisory 2024-5315-03
Posted Aug 14, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-5315-03 - An update for open-vm-tools is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2023-20900
SHA-256 | 2e3007243d9646ee5654809507539754868647eb457320815e16f0558cbe2b6b
Page 3 of 78
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close