CVE-2021-44228
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
Github link:
https://github.com/khaidtraivch/CVE-2021-44228-Log4Shell-
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled. From log4j 2.15.0, this behavior has been disabled by default. From version 2.16.0 (along with 2.12.2, 2.12.3, and 2.3.1), this functionality has been completely removed. Note that this vulnerability is specific to log4j-core and does not affect log4net, log4cxx, or other Apache Logging Services projects.
Github link:
https://github.com/khaidtraivch/CVE-2021-44228-Log4Shell-
GitHub
GitHub - khaidtraivch/CVE-2021-44228-Log4Shell-: Kiểm thử xâm nhập
Kiểm thử xâm nhập . Contribute to khaidtraivch/CVE-2021-44228-Log4Shell- development by creating an account on GitHub.
CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/khaidtraivch/CVE-2021-41773-Apache-2.4.49-
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/khaidtraivch/CVE-2021-41773-Apache-2.4.49-
GitHub
GitHub - khaidtraivch/CVE-2021-41773-Apache-2.4.49-: Kiểm thử xâm nhập
Kiểm thử xâm nhập . Contribute to khaidtraivch/CVE-2021-41773-Apache-2.4.49- development by creating an account on GitHub.
CVE-2011-2523
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Github link:
https://github.com/JohanMV/explotacion-vsftpd-nmap_Laboratorio_1
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
Github link:
https://github.com/JohanMV/explotacion-vsftpd-nmap_Laboratorio_1
GitHub
GitHub - JohanMV/explotacion-vsftpd-nmap_Laboratorio_1: Laboratorio técnico de ciberseguridad donde se realiza reconocimiento de…
Laboratorio técnico de ciberseguridad donde se realiza reconocimiento de red con Nmap y explotación de la vulnerabilidad CVE-2011-2523 (vsftpd 2.3.4) mediante Metasploit Framework. Proyecto académi...
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Github link:
https://github.com/moften/CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Github link:
https://github.com/moften/CVE-2023-44487
GitHub
GitHub - moften/CVE-2023-44487-HTTP-2-Rapid-Reset-Attack: HTTP/2 Rapid Reset Exploit PoC
HTTP/2 Rapid Reset Exploit PoC. Contribute to moften/CVE-2023-44487-HTTP-2-Rapid-Reset-Attack development by creating an account on GitHub.
CVE-2021-21424
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4.
Github link:
https://github.com/moften/CVE-2021-21424
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. The ability to enumerate users was possible without relevant permissions due to different handling depending on whether the user existed or not when attempting to use the switch users functionality. We now ensure that 403s are returned whether the user exists or not if a user cannot switch to a user or if the user does not exist. The patch for this issue is available for branch 3.4.
Github link:
https://github.com/moften/CVE-2021-21424
GitHub
GitHub - moften/CVE-2021-21424: El WebProfiler de Symfony expone rutas internas del servidor si no está deshabilitado en producción
El WebProfiler de Symfony expone rutas internas del servidor si no está deshabilitado en producción - moften/CVE-2021-21424
CVE-2021-42362
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.
Github link:
https://github.com/samiba6/CVE-2021-42362
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for attackers with contributor level access and above to upload malicious files that can be used to obtain remote code execution, in versions up to and including 5.3.2.
Github link:
https://github.com/samiba6/CVE-2021-42362
GitHub
GitHub - samiba6/CVE-2021-42362: The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient…
The WordPress Popular Posts WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/src/Image.php file which makes it possible for att...
CVE-2019-9053
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Github link:
https://github.com/del0x3/CVE-2019-9053-port-py3
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Github link:
https://github.com/del0x3/CVE-2019-9053-port-py3
GitHub
GitHub - del0x3/CVE-2019-9053-port-py3: CVE-2019-9053.
CVE-2019-9053. Contribute to del0x3/CVE-2019-9053-port-py3 development by creating an account on GitHub.
CVE-2019-9053
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Github link:
https://github.com/kaizoku73/CVE-2019-9053
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Github link:
https://github.com/kaizoku73/CVE-2019-9053
GitHub
GitHub - kaizoku73/CVE-2019-9053: CMS Made Simple ≤ 2.2.9 SQL Injection Vulnerability CVE-2019-9053 is a vulnerability found in…
CMS Made Simple ≤ 2.2.9 SQL Injection Vulnerability CVE-2019-9053 is a vulnerability found in CMS Made Simple (CMSMS) versions up to 2.2.9, where the application is vulnerable to a blind time-based...