Showing 1 - 15 of 15

Files from Alexandre Zanni

Joomla! 4.2.7 Unauthenticated Information Disclosure: Posted Mar 24, 2023; Authored by Alexandre Zanni, Zewei Zhang; Joomla! versions prior to 4.2.8 suffer from an unauthenticated information disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2023-23752; SHA-256 | 417f9d6c26b8a1e0793bc9e5aaf8fe1808d869eb6f3e3c535d5813d71577788d; Download | Favorite | View

iTop Remote Command Execution: Posted May 23, 2022; Authored by Markus Krell, Alexandre Zanni; iTop versions prior to 2.7.5 authenticated remote command execution exploit.; tags | exploit, remote; advisories | CVE-2022-24780; SHA-256 | a0b99a6ffb1e72f424f072c032f45fd3c9811762bc3e6fd6ab9132aafab59e6c; Download | Favorite | View

Easy!Appointments Information Disclosure: Posted Apr 12, 2022; Authored by Alexandre Zanni, Francesco Carlucci; Easy!Appointments versions prior to 1.4.3 suffers from an unauthenticated PII disclosure vulnerability.; tags | exploit, info disclosure; advisories | CVE-2022-0482; SHA-256 | 1da2f1556f091a16878c1f5ff43c96ee13603b821be2cf36f4eddc3bdda3b756; Download | Favorite | View

OpenEMR 5.0.1.3 Shell Upload: Posted Jul 13, 2021; Authored by Alexandre Zanni; OpenEMR version 5.0.1.3 authenticated remote shell upload exploit that leverages a vulnerability discovered in 2018.; tags | exploit, remote, shell; advisories | CVE-2018-15139; SHA-256 | c870808a4f9a9a137fcb679a6a3037401a0616eb79f037981dc723adf1f8b701; Download | Favorite | View

OpenEMR 5.0.1.7 Path Traversal: Posted Jul 5, 2021; Authored by Alexandre Zanni; OpenEMR version 5.0.17 path traversal exploit.; tags | exploit, file inclusion; advisories | CVE-2019-14530; SHA-256 | d922d48e6a0bee902e565673aa1c4471cc5327d78c48154ce121df3691d4e7ac; Download | Favorite | View

Monitorr 1.7.6m Bypass / Information Disclosure / Shell Upload: Posted Jun 23, 2021; Authored by Alexandre Zanni; This ruby script is a 4-in-1 exploit that leverages shell upload, bypass, and information disclosure vulnerabilities in Monitorr version 1.7.6m.; tags | exploit, shell, vulnerability, bypass, info disclosure, ruby; advisories | CVE-2020-28871, CVE-2020-28872; SHA-256 | 4e0943b39fe8d3aa212ab05eca89a795f48e2fb9a93af0d03270d8b8be76b4de; Download | Favorite | View

OpenNetAdmin 18.1.1 Remote Command Execution: Posted May 10, 2021; Authored by Alexandre Zanni; OpenNetAdmin versions 8.5.14 through 18.1.1 remote command execution exploit written in Ruby. This exploit was based on the original discovery of the issue by mattpascoe.; tags | exploit, remote, ruby; SHA-256 | b82e6c61d40806f2604b1313677e7f7e64221c2886c94d83d210370a8aca9611; Download | Favorite | View

CMSUno 1.6.2 Remote Code Execution: Posted Jan 28, 2021; Authored by Alexandre Zanni; CMSUno version 1.6.2 authenticated remote code execution exploit. The original discovery for the vulnerability leveraged is attributed to Fatih Celik in November of 2020.; tags | exploit, remote, code execution; advisories | CVE-2020-25538, CVE-2020-25557; SHA-256 | 2477146e721d33c19e7c9e103dfd83b0cfc4343413f007eb0260e88e64259065; Download | Favorite | View

Fuel CMS 1.4 Remote Code Execution: Posted Nov 16, 2020; Authored by Alexandre Zanni; Fuel CMS version 1.4 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2018-16763; SHA-256 | 291fe5bb50db9c427fe22ed5bc2893e3d0b8edcccce7f8c12d6f4f5035056f37; Download | Favorite | View

Bludit 3.9.2 Authentication Bruteforce Mitigation Bypass: Posted Aug 17, 2020; Authored by Alexandre Zanni; Bludit version 3.9.2 suffer from an authentication bruteforce mitigation bypass vulnerability.; tags | exploit, bypass; advisories | CVE-2019-17240; SHA-256 | 87cea634a93b6826dcf3d595856b2558aa443aa641240735859083ddbc23b850; Download | Favorite | View

Umbraco CMS 7.12.4 Remote Code Execution: Posted Aug 3, 2020; Authored by Alexandre Zanni | Site github.com; Umbraco CMS version 7.12.4 authenticated remote code execution exploit.; tags | exploit, remote, code execution; SHA-256 | 4803c0e0fa7c2b8b46513e0c18ccdda2e3ef0f8a6e89f50277c62186110ffe4e; Download | Favorite | View

OpenEMR 5.0.1 Remote Code Execution: Posted Aug 3, 2020; Authored by Alexandre Zanni | Site github.com; OpenEMR versions 5.0.1 and below authenticated remote code execution exploit written in ruby.; tags | exploit, remote, code execution, ruby; SHA-256 | 7f48877b7731f082b5433de3e5ae805d4a0f4a8de62daf8987025281c09c42ae; Download | Favorite | View

AtMail Email Server Appliance 6.4 XSS / CSRF / Code Execution: Posted Aug 3, 2020; Authored by Alexandre Zanni | Site github.com; Atmail Email Server Appliance version 6.4 exploit toolchain that leverages cross site scripting and cross site request forgery to achieve code execution.; tags | exploit, code execution, xss, csrf; SHA-256 | 94c1dd5802aaefb4d1b163864dccf7213ba1a4e93f31e08474f4fd1c46586d41; Download | Favorite | View

Alfresco 5.2.4 Cross Site Scripting: Posted Mar 3, 2020; Authored by Alexandre Zanni, Romain Loisel; Alfresco version 5.2.4 suffers from multiple persistent cross site scripting vulnerabilities.; tags | exploit, vulnerability, xss; advisories | CVE-2020-8776, CVE-2020-8777, CVE-2020-8778; SHA-256 | e8b6bf3c9d0342e4295b21ad9cf44c5ed78bd87235425b6da9f85a1f54a77b2f; Download | Favorite | View

REDCap Cross Site Scripting: Posted Jul 19, 2019; Authored by Dylan Garnaud, Alexandre Zanni; REDCap versions prior to 9.1.2 suffer from a cross site scripting vulnerability.; tags | exploit, xss; advisories | CVE-2019-13029; SHA-256 | d2e6506288ad691c7d35d2ee8deb7084ec20344a1b0c6d6abc48f0d2eb2668c1; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days