CVE-2023-5561
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
Github link:
https://github.com/rootxsushant/CVE-2023-5561-POC-Updated
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
Github link:
https://github.com/rootxsushant/CVE-2023-5561-POC-Updated
GitHub
GitHub - rootxsushant/CVE-2023-5561-POC-Updated: Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561
Updated POC for Unauth Post Author Email Disclosures WordPress CVE-2023-5561 - rootxsushant/CVE-2023-5561-POC-Updated
CVE-2022-22536
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
Github link:
https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
Github link:
https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit
GitHub
GitHub - BecodoExploit-mrCAT/SAPGateBreaker-Exploit: SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request…
SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between I...
CVE-2025-29927
None
Github link:
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
None
Github link:
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
GitHub
GitHub - Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927: A basic proof of concept of the CVE-2025-29927 vulnerability…
A basic proof of concept of the CVE-2025-29927 vulnerability that allows to bypass the middleware scripts. - Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
CVE-2023-27163
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/G4sp4rCS/htb-sau-automated
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/G4sp4rCS/htb-sau-automated
GitHub
GitHub - G4sp4rCS/htb-sau-automated: SSRF CVE-2023-27163 + maltrail vuln RCE
SSRF CVE-2023-27163 + maltrail vuln RCE. Contribute to G4sp4rCS/htb-sau-automated development by creating an account on GitHub.