CVE-2023-1389
TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.
Github link:
https://github.com/ibrahimsql/CVE2023-1389
TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was not sanitized before being used in a call to popen(), allowing an unauthenticated attacker to inject commands, which would be run as root, with a simple POST request.
Github link:
https://github.com/ibrahimsql/CVE2023-1389
GitHub
GitHub - ibrahimsql/CVE2023-1389: TP-Link Archer AX21 Command Injection Exploit (CVE-2023-1389) This script exploits a command…
TP-Link Archer AX21 Command Injection Exploit (CVE-2023-1389) This script exploits a command injection vulnerability in TP-Link Archer AX21 routers through the unvalidated 'country'...
CVE-2021-42287
Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
Github link:
https://github.com/DanielFEXKEX/CVE-Scanner
Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
Github link:
https://github.com/DanielFEXKEX/CVE-Scanner
GitHub
GitHub - DanielFEXKEX/CVE-Scanner: CVE-2021-42287/CVE-2021-42278/OTHER Scanner & Exploiter.
CVE-2021-42287/CVE-2021-42278/OTHER Scanner & Exploiter. - DanielFEXKEX/CVE-Scanner
CVE-2019-19781
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Github link:
https://github.com/hyunjin0334/CVE-2019-19781
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Github link:
https://github.com/hyunjin0334/CVE-2019-19781
GitHub
GitHub - hyunjin0334/CVE-2019-19781: Whitehat school_Docker assignement_CVE-2019-19781_PoC
Whitehat school_Docker assignement_CVE-2019-19781_PoC - hyunjin0334/CVE-2019-19781
CVE-2022-42092
Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution.
Github link:
https://github.com/ajdumanhug/CVE-2022-42092
Backdrop CMS 1.22.0 has Unrestricted File Upload vulnerability via 'themes' that allows attackers to Remote Code Execution.
Github link:
https://github.com/ajdumanhug/CVE-2022-42092
GitHub
GitHub - ajdumanhug/CVE-2022-42092: CVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution…
CVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution (RCE) - ajdumanhug/CVE-2022-42092
CVE-2017-7529
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
Github link:
https://github.com/portfolio10/nginx
Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request.
Github link:
https://github.com/portfolio10/nginx
GitHub
GitHub - portfolio10/nginx: cve-2017-7529
cve-2017-7529. Contribute to portfolio10/nginx development by creating an account on GitHub.
CVE-2024-27956
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
Github link:
https://github.com/m4nInTh3mIdDle/wordpress-CVE-2024-27956
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0.
Github link:
https://github.com/m4nInTh3mIdDle/wordpress-CVE-2024-27956
GitHub
GitHub - m4nInTh3mIdDle/wordpress-CVE-2024-27956: Attacks a vulnerable WordPress site with the wp-automatic plugin. Inserts a…
Attacks a vulnerable WordPress site with the wp-automatic plugin. Inserts a new user called eviladmin directly into the database (INSERT INTO wp_users). Searches for the ID of the newly created...
CVE-2021-43798
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
Github link:
https://github.com/suljov/Grafana-LFI-exploit
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
Github link:
https://github.com/suljov/Grafana-LFI-exploit
GitHub
GitHub - suljov/Grafana-LFI-exploit: Updated exploit script for the CVE-2021-43798
Updated exploit script for the CVE-2021-43798 . Contribute to suljov/Grafana-LFI-exploit development by creating an account on GitHub.
CVE-2022-3552
Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1.
Github link:
https://github.com/BakalMode/CVE-2022-3552
Unrestricted Upload of File with Dangerous Type in GitHub repository boxbilling/boxbilling prior to 0.0.1.
Github link:
https://github.com/BakalMode/CVE-2022-3552
GitHub
GitHub - BakalMode/CVE-2022-3552: CVE-2022-3552 RCE with explanation
CVE-2022-3552 RCE with explanation. Contribute to BakalMode/CVE-2022-3552 development by creating an account on GitHub.
CVE-2023-27372
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
Github link:
https://github.com/1Ronkkeli/spip-cve-2023-27372-rce
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
Github link:
https://github.com/1Ronkkeli/spip-cve-2023-27372-rce
GitHub
GitHub - 1Ronkkeli/spip-cve-2023-27372-rce: SPIP CVE-2023-27372 Unauthenticated RCE Exploit (Web Shell Upload)
SPIP CVE-2023-27372 Unauthenticated RCE Exploit (Web Shell Upload) - 1Ronkkeli/spip-cve-2023-27372-rce
CVE-2022-25012
Argus Surveillance DVR v4.0 employs weak password encryption.
Github link:
https://github.com/G4sp4rCS/CVE-2022-25012-POC
Argus Surveillance DVR v4.0 employs weak password encryption.
Github link:
https://github.com/G4sp4rCS/CVE-2022-25012-POC
GitHub
GitHub - G4sp4rCS/CVE-2022-25012-POC: Improved PoC of CVE-2022-25012
Improved PoC of CVE-2022-25012. Contribute to G4sp4rCS/CVE-2022-25012-POC development by creating an account on GitHub.
CVE-2021-42287
Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
Github link:
https://github.com/Chrisync/CVE-Scanner
Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.
Github link:
https://github.com/Chrisync/CVE-Scanner
GitHub
GitHub - Chrisync/CVE-Scanner: CVE-2021-42287/CVE-2021-42278/OTHER Scanner & Exploiter.
CVE-2021-42287/CVE-2021-42278/OTHER Scanner & Exploiter. - Chrisync/CVE-Scanner
CVE-2024-3400
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted.
Github link:
https://github.com/CyprianAtsyor/letsdefend-cve2024-3400-case-study
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
Fixes for PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 are in development and are expected to be released by April 14, 2024. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability. All other versions of PAN-OS are also not impacted.
Github link:
https://github.com/CyprianAtsyor/letsdefend-cve2024-3400-case-study
GitHub
GitHub - CyprianAtsyor/letsdefend-cve2024-3400-case-study: Detection, analysis, and response strategies for CVE-2024-3400 exploitation…
Detection, analysis, and response strategies for CVE-2024-3400 exploitation attempts targeting Palo Alto PAN-OS GlobalProtect portals. Includes IOCs, exploit patterns, and mitigation guidance. - Cy...
CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Github link:
https://github.com/ducknuts/network-forensics-cve-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Github link:
https://github.com/ducknuts/network-forensics-cve-2017-12617
GitHub
GitHub - ducknuts/network-forensics-cve-2017-12617: Network forensics example
Network forensics example. Contribute to ducknuts/network-forensics-cve-2017-12617 development by creating an account on GitHub.