CVE-2024-40348
An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal.
Github link:
https://github.com/NingXin2002/Bazaar_poc
An issue in the component /api/swaggerui/static of Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal.
Github link:
https://github.com/NingXin2002/Bazaar_poc
GitHub
GitHub - NingXin2002/Bazaar_poc: Bazaar v1.4.3 任意文件读取漏洞(CVE-2024-40348)
Bazaar v1.4.3 任意文件读取漏洞(CVE-2024-40348). Contribute to NingXin2002/Bazaar_poc development by creating an account on GitHub.
CVE-2024-27956
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
Github link:
https://github.com/7aRanchi/CVE-2024-27956-for-fscan
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
Github link:
https://github.com/7aRanchi/CVE-2024-27956-for-fscan
GitHub
GitHub - 7aRanchi/CVE-2024-27956-for-fscan: Yaml PoC rule for fscan.
Yaml PoC rule for fscan. Contribute to 7aRanchi/CVE-2024-27956-for-fscan development by creating an account on GitHub.
CVE-2023-45866
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/xG3nesis/RustyInjector
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Github link:
https://github.com/xG3nesis/RustyInjector
GitHub
GitHub - xG3nesis/RustyInjector: Rust implementation of Marc Newlin's keystroke injection proof of concept (CVE-2023-45866).
Rust implementation of Marc Newlin's keystroke injection proof of concept (CVE-2023-45866). - xG3nesis/RustyInjector
CVE-2024-7954
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.
Github link:
https://github.com/zxj-hub/CVE-2024-7954POC
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.
Github link:
https://github.com/zxj-hub/CVE-2024-7954POC
GitHub
GitHub - zxj-hub/CVE-2024-7954POC: SPIP 4.30-alpha2、4.2.13、4.1.16之前的版本使用的porte_plume插件存在任意代码执行漏洞,远程未经身份验证的攻击者可以通过发送精心设计的HTTP 请…
SPIP 4.30-alpha2、4.2.13、4.1.16之前的版本使用的porte_plume插件存在任意代码执行漏洞,远程未经身份验证的攻击者可以通过发送精心设计的HTTP 请求以SPIP用户身份执行任意PHP代码。 - zxj-hub/CVE-2024-7954POC
CVE-2024-27292
Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the master branch.
Github link:
https://github.com/NingXin2002/Docassemble_poc
Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the master branch.
Github link:
https://github.com/NingXin2002/Docassemble_poc
GitHub
GitHub - NingXin2002/Docassemble_poc: Docassemble任意文件读取漏洞(CVE-2024-27292)
Docassemble任意文件读取漏洞(CVE-2024-27292). Contribute to NingXin2002/Docassemble_poc development by creating an account on GitHub.
CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/NingXin2002/Check-Point_poc
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/NingXin2002/Check-Point_poc
GitHub
GitHub - NingXin2002/Check-Point_poc: Check-Point安全网关任意文件读取漏洞(CVE-2024-24919)
Check-Point安全网关任意文件读取漏洞(CVE-2024-24919). Contribute to NingXin2002/Check-Point_poc development by creating an account on GitHub.
CVE-2024-23692
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
Github link:
https://github.com/NingXin2002/HFS2.3_poc
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
Github link:
https://github.com/NingXin2002/HFS2.3_poc
GitHub
GitHub - NingXin2002/HFS2.3_poc: HFS2.3未经身份验证的远程代码执行(CVE-2024-23692)
HFS2.3未经身份验证的远程代码执行(CVE-2024-23692). Contribute to NingXin2002/HFS2.3_poc development by creating an account on GitHub.
CVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/sethwhy/BlueDoor
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/sethwhy/BlueDoor
GitHub
GitHub - sethwhy/BlueDoor: Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the…
Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the hidden flag? Your goal is to gain administrative privileges and locate the flag stored behind th...