Ismail Tasdelen - Security Researcher

Freelancy version 1.0.0 suffers from a remote code execution vulnerability. Exploit Code : # Exploit Title: Freelancy - Freelance Management App v1.0.0 - RCE (Authenticated) Arbitrary File Download # Date: 03-01-2019 # Exploit Author: Ismail Tasdelen # Vendor Homepage: https://vaaip.com/ # Software Link: https://codecanyon.net/item/freelancy-freelance-project-management-application/25288636 # Software: Freelancy - Freelance Management App # Product Version: v1.0.0 # Vulernability Type: Code Injection # Vulenrability: Remote Code Execution ( RCE ) # CVE : CVE-2020-5505 # Description : # Freelancy v1.0.0 allows remote command execution via # the "file":"data:application/x-php;base64 substring (in conjunction with # "type":"application/x-php"} to the /api/files/ URI. # RCE Example : https://SERVER/storage/file/FileNAME.php?cmd=cat%20/etc/passwd # HTTP Request : POST /api/files/ HTTP/1.1 Host: SERVER User-Agent: Mozilla/5.0 (X11; Linux x86...

Heatmiser Netmonitor version 3.03 suffers from a hardcoded credential vulnerability. Exploit Code : # Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials # Date: 2019-12-22 # Exploit Author: Ismail Tasdelen # Vendor Homepage: https://www.heatmiser.com/en/ # Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf # Software: Netmonitor v3.03 # Product Version: Netmonitor v3.03 # CWE : CWE-798 # Vulenrability: Use of Hard-coded Credentials # CVE: N/A # Decription : # Hard-coded Credentials security vulnerability of Netmonitor model v3.03 # from Heatmiser manufacturer has been discovered. With this # vulnerability, the hidFrm form in the source code of the page # anonymously has access to hidden input codes. This information is # contained in the input field of the hidFrm form in the source code # lognm and logpd.    Source : https://packetstormsecurity.com/files/155767/Heatmiser-Netmonitor-3.03-Hardcoded-Credentials.html