CVE-2024-1071
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Github link:
https://github.com/fa-rrel/CVE-2024-1071-SQL-Injection
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to SQL Injection via the 'sorting' parameter in versions 2.1.3 to 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.
Github link:
https://github.com/fa-rrel/CVE-2024-1071-SQL-Injection
GitHub
GitHub - gh-ost00/CVE-2024-1071-SQL-Injection: Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited
Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited - gh-ost00/CVE-2024-1071-SQL-Injection
CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/FirFirdaus/CVE-2023-38831
RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.
Github link:
https://github.com/FirFirdaus/CVE-2023-38831
GitHub
GitHub - FirFirdaus/CVE-2023-38831: A POC demo on CVE-2023-38831
A POC demo on CVE-2023-38831. Contribute to FirFirdaus/CVE-2023-38831 development by creating an account on GitHub.
CVE-2024-0195
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Github link:
https://github.com/fa-rrel/CVE-2024-0195-SpiderFlow
A vulnerability, which was classified as critical, was found in spider-flow 0.4.3. Affected is the function FunctionService.saveFunction of the file src/main/java/org/spiderflow/controller/FunctionController.java. The manipulation leads to code injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249510 is the identifier assigned to this vulnerability.
Github link:
https://github.com/fa-rrel/CVE-2024-0195-SpiderFlow
GitHub
GitHub - gh-ost00/CVE-2024-0195-SpiderFlow: CVE-2024-0195 Improper Control of Generation of Code ('Code Injection')
CVE-2024-0195 Improper Control of Generation of Code ('Code Injection') - gh-ost00/CVE-2024-0195-SpiderFlow
CVE-2023-29360
Microsoft Streaming Service Elevation of Privilege Vulnerability
Github link:
https://github.com/0xDivyanshu-new/CVE-2023-29360-
Microsoft Streaming Service Elevation of Privilege Vulnerability
Github link:
https://github.com/0xDivyanshu-new/CVE-2023-29360-
GitHub
GitHub - 0xDivyanshu-new/CVE-2023-29360-: POC for CVE-2023–29360
POC for CVE-2023–29360 . Contribute to 0xDivyanshu-new/CVE-2023-29360- development by creating an account on GitHub.
CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-
GitHub
GitHub - AhmedMansour93/Event-ID-263-Rule-Name-SOC287---Arbitrary-File-Read-on-Checkpoint-Security-Gateway-CVE-2024-24919-: 🔍 Just…
🔍 Just wrapped up an incident report on a Phishing Alert (Event ID 257, SOC282). Enhancing my expertise in email threat detection and response! 🚨 #Cybersecurity #SOCAnalyst #LetsDefend - AhmedManso...
CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/ThemeHackers/CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/ThemeHackers/CVE-2024-21413
GitHub
GitHub - ThemeHackers/CVE-2024-21413: CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC
CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulnerability PoC - ThemeHackers/CVE-2024-21413
CVE-2020-24972
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL.
Github link:
https://github.com/SpiralBL0CK/CVE-2020-24972
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL.
Github link:
https://github.com/SpiralBL0CK/CVE-2020-24972
GitHub
GitHub - SpiralBL0CK/CVE-2020-24972: PoC for CVE-2020-24972
PoC for CVE-2020-24972. Contribute to SpiralBL0CK/CVE-2020-24972 development by creating an account on GitHub.
CVE-2023-45866
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/AvishekDhakal/CVE-2023-45866_EXPLOITS
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/AvishekDhakal/CVE-2023-45866_EXPLOITS
GitHub
GitHub - AvishekDhakal/CVE-2023-45866_EXPLOITS: Exploits Tested in Mi A2 Lite and Realme 2 pro
Exploits Tested in Mi A2 Lite and Realme 2 pro. Contribute to AvishekDhakal/CVE-2023-45866_EXPLOITS development by creating an account on GitHub.
CVE-2023-42115
Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17434.
Github link:
https://github.com/isotaka134/cve-2023-42115
Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-17434.
Github link:
https://github.com/isotaka134/cve-2023-42115
GitHub
GitHub - isotaka134/cve-2023-42115: This module exploits a vulnerability in the target service identified as CVE-2023-42115.
This module exploits a vulnerability in the target service identified as CVE-2023-42115. - isotaka134/cve-2023-42115
CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Github link:
https://github.com/FlojBoj/CVE-2022-44268
ImageMagick 7.1.0-49 is vulnerable to Information Disclosure. When it parses a PNG image (e.g., for resize), the resulting image could have embedded the content of an arbitrary. file (if the magick binary has permissions to read it).
Github link:
https://github.com/FlojBoj/CVE-2022-44268
GitHub
GitHub - FlojBoj/CVE-2022-44268: ImageMagick 7.1.0-49 vulnerable to Information Disclosure
ImageMagick 7.1.0-49 vulnerable to Information Disclosure - FlojBoj/CVE-2022-44268
CVE-2023-26136
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Github link:
https://github.com/m-lito13/SealSecurity_Exam
Versions of the package tough-cookie before 4.1.3 are vulnerable to Prototype Pollution due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. This issue arises from the manner in which the objects are initialized.
Github link:
https://github.com/m-lito13/SealSecurity_Exam
GitHub
GitHub - m-lito13/SealSecurity_Exam: Fix prototype pollution vulnerability (CVE-2023-26136) for tough-cookie package
Fix prototype pollution vulnerability (CVE-2023-26136) for tough-cookie package - m-lito13/SealSecurity_Exam