CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/NingXin2002/Check-Point_poc
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/NingXin2002/Check-Point_poc
GitHub
GitHub - NingXin2002/Check-Point_poc: Check-Point安全网关任意文件读取漏洞(CVE-2024-24919)
Check-Point安全网关任意文件读取漏洞(CVE-2024-24919). Contribute to NingXin2002/Check-Point_poc development by creating an account on GitHub.
CVE-2024-23692
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
Github link:
https://github.com/NingXin2002/HFS2.3_poc
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection vulnerability. This vulnerability allows a remote, unauthenticated attacker to execute arbitrary commands on the affected system by sending a specially crafted HTTP request. As of the CVE assignment date, Rejetto HFS 2.3m is no longer supported.
Github link:
https://github.com/NingXin2002/HFS2.3_poc
GitHub
GitHub - NingXin2002/HFS2.3_poc: HFS2.3未经身份验证的远程代码执行(CVE-2024-23692)
HFS2.3未经身份验证的远程代码执行(CVE-2024-23692). Contribute to NingXin2002/HFS2.3_poc development by creating an account on GitHub.
CVE-2017-0144
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/sethwhy/BlueDoor
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148.
Github link:
https://github.com/sethwhy/BlueDoor
GitHub
GitHub - sethwhy/BlueDoor: Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the…
Can you exploit the EternalBlue vulnerability (CVE-2017-0144) on a Windows 7 system and retrieve the hidden flag? Your goal is to gain administrative privileges and locate the flag stored behind th...
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/xpltive/CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/xpltive/CVE-2023-41425
GitHub
GitHub - xpltive/CVE-2023-41425: WonderCMS v3.2.0 - v3.4.2 XSS to RCE exploit
WonderCMS v3.2.0 - v3.4.2 XSS to RCE exploit. Contribute to xpltive/CVE-2023-41425 development by creating an account on GitHub.
CVE-2023-50564
An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.
Github link:
https://github.com/xpltive/CVE-2023-50564
An arbitrary file upload vulnerability in the component /inc/modules_install.php of Pluck-CMS v4.7.18 allows attackers to execute arbitrary code via uploading a crafted ZIP file.
Github link:
https://github.com/xpltive/CVE-2023-50564
GitHub
GitHub - xpltive/CVE-2023-50564: Pluck-CMS v4.7.18 RCE exploit
Pluck-CMS v4.7.18 RCE exploit. Contribute to xpltive/CVE-2023-50564 development by creating an account on GitHub.
CVE-2022-46463
An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication.
Github link:
https://github.com/CodeSecurityTeam/harbor
An access control issue in Harbor v1.X.X to v2.5.3 allows attackers to access public and private image repositories without authentication.
Github link:
https://github.com/CodeSecurityTeam/harbor
GitHub
GitHub - CodeSecurityTeam/harbor: CVE-2022-46463 harbor公开镜像全自动下载脚本
CVE-2022-46463 harbor公开镜像全自动下载脚本. Contribute to CodeSecurityTeam/harbor development by creating an account on GitHub.