what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 8 of 8

Files from Aaron Bishop

Castel NextGen DVR 1.0.0 Bypass / CSRF / Disclosure

Posted Jun 5, 2020

Authored by Aaron Bishop

Castel NextGen DVR version 1.0.0 suffers from authorization bypass, credential disclosure, and cross site request forgery vulnerabilities.

tags | exploit, vulnerability, bypass, info disclosure, csrf

advisories | CVE-2020-11679, CVE-2020-11680, CVE-2020-11681, CVE-2020-11682

SHA-256 | 479f4579b4b9aa4978606f0a9f84e9bbac7947654e1a57a9e42f9f18e0988c1b

Download | Favorite | View

MITREid 1.3.3 Cross Site Scripting

Posted Feb 28, 2020

Authored by Aaron Bishop

MITREid versions 1.3.3 and below suffer from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2020-5497

SHA-256 | beaafdc5dee4b589fa59d194bbcda3aad72131beb6a748f37bda94014f9e24e2

Download | Favorite | View

WiKID Systems 2FA Enterprise Server 4.2.0-b2032 SQL Injection / XSS / CSRF

Posted Oct 18, 2019

Authored by Aaron Bishop

WiKID Systems 2FA Enterprise Server version 4.2.0-b2032 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection, csrf

advisories | CVE-2019-16917, CVE-2019-17114, CVE-2019-17115, CVE-2019-17116, CVE-2019-17117, CVE-2019-17118, CVE-2019-17119, CVE-2019-17120

SHA-256 | 16f7edc4af940d18ad1ea3af320f681ee3a9432185f93f6bbc0ce222543bcacf

Download | Favorite | View

BlogEngine.NET 3.3.6 / 3.3.7 path Directory Traversal

Posted Jun 25, 2019

Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from a path directory traversal vulnerability.

tags | exploit, file inclusion

SHA-256 | 6a2c42641d4296f9a21aee848c4725f2494a67b5f3c258c250034179e2a48cf2

Download | Favorite | View

BlogEngine.NET 3.3.6 / 3.3.7 XML Injection

Posted Jun 20, 2019

Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from an XML external entity injection vulnerability.

tags | exploit

advisories | CVE-2019-10718

SHA-256 | ea9cce46fe1e633d5ecd8f5b8e4501e05e2076a41e5a621d85937aa00c53d207

Download | Favorite | View

BlogEngine.NET 3.3.6 / 3.3.7 Theme Cookie Directory Traversal / Remote Code Execution

Posted Jun 19, 2019

Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from theme Cookie directory traversal and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion

advisories | CVE-2019-10720

SHA-256 | 6ddbf2e35dcad7a8a7865c141fac337889ced5f852566982530475e1477f1862

Download | Favorite | View

BlogEngine.NET 3.3.6 / 3.3.7 dirPath Directory Traversal / Remote Code Execution

Posted Jun 19, 2019

Authored by Aaron Bishop

BlogEngine.NET versions 3.3.6 and 3.3.7 suffer from dirPath directory traversal and remote code execution vulnerabilities.

tags | exploit, remote, vulnerability, code execution, file inclusion

advisories | CVE-2019-10719

SHA-256 | 96fbb39239f6872a454f71d93276f23a8480b6faf27b47ebcec346971bcb727a

Download | Favorite | View

Zyxel ZyWall Cross Site Scripting

Posted Apr 16, 2019

Authored by Aaron Bishop

ZyWall 310, ZyWall 110, USG1900, ATP500, and USG40 devices suffer from a cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2019-9955

SHA-256 | 81540b3aa097eb20c487c7beb07f37000e14749f428121afdc08a3ecc9515357

Download | Favorite | View