Showing 1 - 7 of 7

Files from Thurein Soe

First Active	2023-01-31
Last Active	2023-07-20

Hikvision Hybrid SAN Ds-a71024 SQL Injection: Posted Jul 20, 2023; Authored by Thurein Soe; Hikvision Hybrid SAN Ds-a71024 firmware suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2022-28171; SHA-256 | 9004daadddb908c449ed0c8cd1fe390b2183ffaa2fea3b3933f83d62aba1e09c; Download | Favorite | View

MobileTrans 4.0.11 Weak Service Permissions: Posted May 19, 2023; Authored by Thurein Soe; MobileTrans version 4.0.11 suffers from having a weak service permission vulnerability.; tags | exploit; advisories | CVE-2023-31748; SHA-256 | b5c0b13eb7b2bcaa442dfeb0fc7d258541a7ac1ebefd77f5f4083f487eb40f0a; Download | Favorite | View

Filmora 12 Build 1.0.0.7 Unquoted Service Path: Posted May 19, 2023; Authored by Thurein Soe; Filmora version 12 Build 1.0.0.7 suffers from an unquoted service path vulnerability.; tags | exploit; advisories | CVE-2023-31747; SHA-256 | d7e6ab84b73383d1389ef2f6d893e67aaa9ed1dd4fff240782beb124f44bd7d2; Download | Favorite | View

Wondershare Dr Fone 12.9.6 Weak Permissions / Privilege Escalation: Posted Mar 9, 2023; Authored by Thurein Soe; Wondershare Dr Fone version 12.9.6 suffers from a weak service permission vulnerability that can allow for privilege escalation.; tags | exploit; advisories | CVE-2023-27010; SHA-256 | 415e057e5a343dc2284618d87f1acaf45a64699e33bd6db074ef12f80deda77b; Download | Favorite | View

VX Search 13.8 Unquoted Service Path: Posted Mar 9, 2023; Authored by Thurein Soe; VX Search version 13.8 suffers from an unquoted service path vulnerability.; tags | advisory; advisories | CVE-2023-24671; SHA-256 | 149dd7da07aea956bea9831bdd2e0db21239017e45fb91917af415f451404478; Download | Favorite | View

Hikvision Remote Code Execution / XSS / SQL Injection: Posted Jan 31, 2023; Authored by Thurein Soe; Some Hikvision Hybrid SAN products were vulnerable to multiple remote code execution (command injection) vulnerabilities, including reflected cross site scripting, Ruby code injection, classic and blind SQL injection resulting in remote code execution that allows an adversary to execute arbitrary operating system commands and more. However, an adversary must be on the same network to leverage this vulnerability to execute arbitrary commands.; tags | advisory, remote, arbitrary, vulnerability, code execution, xss, sql injection, ruby; advisories | CVE-2022-28171, CVE-2022-28172; SHA-256 | 9ef9e4e937841d3becdae9ba498b3199c7ac7dfcaea39831e8e5a468cd2d8f10; Download | Favorite | View

mRemoteNG 1.76.20 Privilege Escalation: Posted Jan 31, 2023; Authored by Thurein Soe; mRemoteNG version 1.76.20 suffers from a weak permission privilege escalation vulnerability.; tags | exploit; advisories | CVE-2020-24307; SHA-256 | aa08068eda449c43f5c76d0ec56fca19930c2ac6719246bec693e3037f692da6; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days