CVE-2024-36401.zip
3.8 KB
CVE-2024-36401
Author: URJACK2025
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.
The GeoTools library API that GeoServer calls evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library which can execute arbitrary code when evaluating XPath expressions. This XPath evaluation is intended to be used only by complex feature types (i.e., Application Schema data stores) but is incorrectly being applied to simple feature types as well which makes this vulnerability apply to ALL GeoServer instances. No public PoC is provided but this vul...
Author: URJACK2025
GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution (RCE) by unauthenticated users through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions.
The GeoTools library API that GeoServer calls evaluates property/attribute names for feature types in a way that unsafely passes them to the commons-jxpath library which can execute arbitrary code when evaluating XPath expressions. This XPath evaluation is intended to be used only by complex feature types (i.e., Application Schema data stores) but is incorrectly being applied to simple feature types as well which makes this vulnerability apply to ALL GeoServer instances. No public PoC is provided but this vul...
CVE-2024-7627.zip
2.9 KB
CVE-2024-7627
Author: lkmn1
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions.
GitHub Link:
https://github.com/lkmn1/CVE-2024-7627
Author: lkmn1
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions.
GitHub Link:
https://github.com/lkmn1/CVE-2024-7627
CVE-2020-1472
Author: 100HnoMeuNome
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
GitHub Link:
https://github.com/100HnoMeuNome/ZeroLogon-CVE-2020-1472-lab
Author: 100HnoMeuNome
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
GitHub Link:
https://github.com/100HnoMeuNome/ZeroLogon-CVE-2020-1472-lab
CVE-2018-16763.zip
735 B
CVE-2018-16763
Author: Cyberuser-hash
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.
GitHub Link:
https://github.com/Cyberuser-hash/CVE-2018-16763
Author: Cyberuser-hash
FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. This can lead to Pre-Auth Remote Code Execution.
GitHub Link:
https://github.com/Cyberuser-hash/CVE-2018-16763
CVE-2024-30088.zip
6.6 KB
CVE-2024-30088
Author: ramzihafiz
Windows Kernel Elevation of Privilege Vulnerability
GitHub Link:
https://github.com/ramzihafiz/cve-2024-30088-binary
Author: ramzihafiz
Windows Kernel Elevation of Privilege Vulnerability
GitHub Link:
https://github.com/ramzihafiz/cve-2024-30088-binary
CVE-2025-32463.zip
2.9 KB
CVE-2025-32463
Author: r3dBust3r
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/r3dBust3r/CVE-2025-32463
Author: r3dBust3r
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
GitHub Link:
https://github.com/r3dBust3r/CVE-2025-32463