Showing 1 - 4 of 4

Files from Benjamin Daniel Mussler

Vtiger CRM 6.3.0 Authenticated Logo Upload Remote Command Execution: Posted Jul 30, 2018; Authored by Benjamin Daniel Mussler, Touhid M.Shaikh | Site metasploit.com; Vtiger version 6.3.0 CRM's administration interface allows for the upload of a company logo. Instead of uploading an image, an attacker may choose to upload a file containing PHP code and run this code by accessing the resulting PHP file. This Metasploit module was tested against vTiger CRM version 6.3.0.; tags | exploit, php; advisories | CVE-2015-6000, CVE-2016-1713; SHA-256 | 0e5c78b52a8faacfdb2de57265661b6c719a85c4847298f55630458f64d9b2ed; Download | Favorite | View

Open-Xchange Guard 2.4.2 Cross Site Scripting: Posted Sep 13, 2016; Authored by Martin Heiland, Benjamin Daniel Mussler; Open-Xchange Guard versions 2.4.2 and below suffer from multiple cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2016-6851, CVE-2016-6853, CVE-2016-6854; SHA-256 | b6b00b94ecd8a6eb1ccee7f194f7bf72d2f3738376ca2774dec5ff0fb5b81020; Download | Favorite | View

D-Link NAS / DNS Cross Site Scripting: Posted Aug 4, 2016; Authored by Benjamin Daniel Mussler; D-Link NAS and DNS series devices suffer from a stored cross site scripting vulnerability leveraged via unauthenticated smb.; tags | exploit, xss; SHA-256 | 9bea630d3d38c702848bb36c64938bc6d9f67aa4a832a9ec706a406f0d228f6d; Download | Favorite | View

Vtiger CRM 6.3 Remote Code Execution: Posted Sep 29, 2015; Authored by Benjamin Daniel Mussler; Vtiger CRM versions 6.3 and below suffer from an authenticated remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2015-6000; SHA-256 | 96b388a6a1d5f8b1624567791aa9ea216d7831e2fe9b587518ffa4e13d1e477c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days