what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 22 of 22 RSS Feed

Files from Yann CAM

Real NameYann CAM ycam
Email addressprivate
Websiteyann.cam
First Active2012-12-06
Last Active2017-04-03
View User Profile

Personal Background

Independent Senior CyberSecurity Consultant (https://yann.cam)
Security Researcher @ASafety (www.asafety.fr)
Certified Ethical Hacker - CEH

- About : https://yann.cam
- LinkedIn : https://www.linkedin.com/in/yann-cam-621b0b42
- YesWeHack : https://jobs.yeswehack.com/cv/yann-cam
- Root-Me : https://www.root-me.org/ycam
- GitHub : https://github.com/yanncam/

Contributions / Hall of Fame :
Google, Microsoft, EFF, UnitedNation, Mozilla, Adobe, NASA, Western Union, eBay, Oracle, RedHat, Gogo Air, Silent Circle, Mastercard, Fiat Chrysler Automobiles, Twilio, FoxyCart, Indeed, CARD.com, CERT-EU...


Chimein.mozilla.org Cross Site Scripting
Posted Apr 3, 2017
Authored by Yann CAM

Chimein.mozilla.org suffers from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 677bf08f3abab45727864c625f11fef8a1d0809f03498843151760f1272f19e3
pfSense 2.3.2 Cross Site Request Forgery / Cross Site Scripting
Posted Mar 3, 2017
Authored by Yann CAM

pfSense version 2.3.2 suffers from cross site request forgery and cross site scripting vulnerabilities that can assist in gaining a reverse-shell remotely as root.

tags | exploit, shell, root, vulnerability, xss, csrf
SHA-256 | cd39c0002c9cbad6f84b7ff1bc8b8dfac8bd266558a55a8c5b35198aec6c2e57
IPFire proxy.cgi Remote Command Execution
Posted Jun 9, 2016
Authored by h00die, Yann CAM | Site metasploit.com

IPFire, a free linux based open source firewall distribution, versions prior to 2.19 Update Core 101 contain a remote command execution vulnerability in the proxy.cgi page.

tags | exploit, remote, cgi
systems | linux
SHA-256 | 4455d8714ad0f2e393232ebc31503bf395db118a9964e731f57356a841e46f2a
IPFire XSS / CSRF / Command Execution
Posted May 4, 2016
Authored by Yann CAM

IPFire versions prior to 2.19 Update Core 101 suffer from cross site request forgery, cross site scripting, and remote command execution vulnerabilities.

tags | exploit, remote, vulnerability, xss, csrf
SHA-256 | 393c4154c8ab09e53ef78432d4d5a0accb2f9b3bd87cd8af0908b10dc7dbb5b3
access.redhat.com Cross Site Scripting
Posted May 2, 2016
Authored by Yann CAM

access.redhat.com suffered from a cross site scripting vulnerability.

tags | exploit, xss
systems | linux, redhat
SHA-256 | 96ad56fe26f9c2e147c24cf7b7252f6f7db7be5f8055546b074f93638fcc666a
Fortinet Cross Site Scripting
Posted Dec 4, 2015
Authored by Yann CAM

The login.fortinet.com site suffered from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 66571f8144851a8371be1d5f8d2edae17f7278739655c44af22a1cea57e1fcba
Checkpoint Cross Site Scripting
Posted Nov 11, 2015
Authored by Yann CAM

Multiple Checkpoint.com subdomains suffered from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | b045743d4a38a25084493dfc1460f3946c324bcbf543693134beed4eb46cbd10
tools.cisco.com Cross Site Scripting
Posted Oct 31, 2015
Authored by Yann CAM

Cisco's tools site suffered from multiple cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
systems | cisco
SHA-256 | 1f9fd61e7de68f122c09b61c8fb1d95447232133a9e9981cbe4adf441844fcdc
Oracle.com Cross Site Scripting
Posted Apr 6, 2015
Authored by Yann CAM

Oracle.com suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 6c4b6e99ca086b5b03c0f64ae43d2959fece8ee22e1ed5f22a41e02102ac10d6
Synology.com Cross Site Scripting
Posted Apr 3, 2015
Authored by Yann CAM

Synology.com suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | df36960f10fd715ad89f78bcc5f4c2fdfa17ca95a83d0ace087bc886131e0aec
Samba / OpenLDAP Jitterbug Cross Site Scripting
Posted Apr 2, 2015
Authored by Yann CAM

Samba and OpenLDAP Jitterbug instances suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 4b67442c2d4607cdb7bef4db6decebca7bad32c636e64c6031a791331f5c7bfe
Java.com Cross Site Scripting
Posted Apr 1, 2015
Authored by Yann CAM

Java.com suffered from multiple cross site scripting vulnerabilities.

tags | exploit, java, vulnerability, xss
SHA-256 | f43f2c501c3edc319bb1b75fa7176fd0ea09edceb2d1d23e7062ae9c772ff818
NASA.gov Cross Site Scripting
Posted Apr 1, 2015
Authored by Yann CAM

NASA.gov suffered from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 1940dedc996e0a901e36e9ad94a1152f1b3844fb6cf1697bc6d72173b54ec02d
NASA.gov Cross Site Scripting
Posted Jan 27, 2015
Authored by Yann CAM

Multiple nasa.gov subdomains suffered from cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | 6191218f1434ba043aed4a65a60f43793bbac40fe0e83ed770b31f5accb7a689
SmoothWall 3.1 Cross Site Request Forgery / Cross Site Scripting
Posted Dec 22, 2014
Authored by Yann CAM

SmoothWall version 3.1 suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 0ecd6b1d2c66cc12e55433bc1802ad78969ec513f2f9896445b3df9992cf57b2
eBay.com ocsnext CSS Injection
Posted Dec 22, 2014
Authored by Yann CAM

The eBay.com ocsnext sub-domain suffers from a CSS injection vulnerability.

tags | exploit
SHA-256 | 14a1a806af2d04d309cc8ea67c5c091b21b8e0f149d31e638c6272bf68d40cbc
IPCop 2.1.4 Cross Site Request Forgery / Cross Site Scripting
Posted Dec 22, 2014
Authored by Yann CAM

IPcop versions 2.1.4 and below suffers from cross site request forgery and cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss, csrf
SHA-256 | 7e439926866485cdf320f5390188f46feb4dc5a8ae64a514bf41d3797c973712
get3.adobe.com Cross Site Scripting
Posted Dec 8, 2014
Authored by Yann CAM

Adobe's get3.adobe.com site suffered from a reflective cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 5d5629ac99ef89b0f45c5ad8cfe201d0e1d75d982e7e15012c86a8b9be463662
ZeroShell Remote Code Execution
Posted Sep 25, 2013
Authored by Yann CAM | Site metasploit.com

This Metasploit module exploits a vulnerability found in ZeroShell 2.0 RC2 and lower. It will leverage an unauthenticated local file inclusion vulnerability in the "/cgi-bin/kerbynet" url. The file retrieved is "/var/register/system/ldap/rootpw". This file contains the admin password in cleartext. The password is used to login as the admin user. After the authentication process is complete it will use the RunScript action to execute the payload with root privileges.

tags | exploit, local, cgi, root, file inclusion
SHA-256 | f2193eea137458685913c7447d099d29999247310ec1af67fb445ea5bf5576dc
ZeroShell 2.0RC2 File Disclosure / Command Execution
Posted Aug 13, 2013
Authored by Yann CAM

ZeroShell version 2.0RC2 suffers from remote command execution and file disclosure vulnerabilities.

tags | exploit, remote, vulnerability, info disclosure
SHA-256 | a3301b1b1b854ed7a03d68ac3c2b4962977e82f6b314949e717334f8076016a4
pfSense 2.0.1 XSS / CSRF / Command Execution
Posted Jan 4, 2013
Authored by Yann CAM

pfSense version 2.0.1 suffers from cross site request forgery and cross site scripting vulnerabilities. The cross site request forgery proof of concept also demonstrates a remote command execution vulnerability.

tags | exploit, remote, vulnerability, xss, proof of concept, csrf
SHA-256 | 94f420cccc815bf5e6c23bf9a91dc74dd47d39e3a3f76ad09f158b2b4de134dc
m0n0wall 1.33 Cross Site Request Forgery
Posted Dec 6, 2012
Authored by Yann CAM

m0n0wall version 1.33 suffers from a cross site request forgery vulnerability that can allow for remote root access to the system.

tags | exploit, remote, root, csrf
SHA-256 | 1b261f2077e935c28820221d08703fe931bcb8ca1a2cf5cd6c210fe30523260a
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close