CVE-2019-12725
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
Github link:
https://github.com/YZS17/CVE-2019-12725
Zeroshell 3.9.0 is prone to a remote command execution vulnerability. Specifically, this issue occurs because the web application mishandles a few HTTP parameters. An unauthenticated attacker can exploit this issue by injecting OS commands inside the vulnerable parameters.
Github link:
https://github.com/YZS17/CVE-2019-12725
GitHub
GitHub - YZS17/CVE-2019-12725: The EXP/POC of CVE-2019-12725
The EXP/POC of CVE-2019-12725. Contribute to YZS17/CVE-2019-12725 development by creating an account on GitHub.
CVE-2023-4966
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
Github link:
https://github.com/akshthejo/CVE-2023-4966-exploit
Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA ?virtual?server.
Github link:
https://github.com/akshthejo/CVE-2023-4966-exploit
GitHub
GitHub - akshthejo/CVE-2023-4966-exploit: CVE-2023-4966-exploit
CVE-2023-4966-exploit. Contribute to akshthejo/CVE-2023-4966-exploit development by creating an account on GitHub.
👍1
CVE-2024-40725
A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.
Users are recommended to upgrade to version 2.4.62, which fixes this issue.
Github link:
https://github.com/soltanali0/CVE-2024-40725
A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example, PHP scripts may be served instead of interpreted.
Users are recommended to upgrade to version 2.4.62, which fixes this issue.
Github link:
https://github.com/soltanali0/CVE-2024-40725
GitHub
GitHub - soltanali0/CVE-2024-40725: exploit CVE-2024-40725 (Apache httpd) with
exploit CVE-2024-40725 (Apache httpd) with . Contribute to soltanali0/CVE-2024-40725 development by creating an account on GitHub.