what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from David Aaron

Bitweaver Overlay_type Directory Traversal

Posted Sep 1, 2024

Authored by sinn3r, Jonathan Claudius, David Aaron | Site metasploit.com

This Metasploit module exploits a directory traversal vulnerability found in Bitweaver. When handling the overlay_type parameter, view_overlay.php fails to do any path checking/filtering, which can be abused to read any file outside the virtual directory.

tags | exploit, php

advisories | CVE-2012-5192

SHA-256 | 75260c8739219589832630db597ad076c6fa9dee26583aeb19f2537f54e959f0

Download | Favorite | View

Bitweaver 2.8.1 Cross Site Scripting / Local File Inclusion

Posted Oct 25, 2012

Authored by Jonathan Claudius, David Aaron | Site trustwave.com

Bitweaver version 2.8.1 suffers from local file inclusion and multiple cross site scripting vulnerabilities.

tags | exploit, local, vulnerability, xss, file inclusion

advisories | CVE-2012-5192, CVE-2012-5193

SHA-256 | 47ea855b5b88d6c3266a6179cebd05aafa03ffcf5121153a984f4e7fad08a2bc

Download | Favorite | View