CVE-2023-36845
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
and SRX Series
allows an unauthenticated, network-based attacker to control certain, important environments variables.
Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on SRX Series:
* All versions prior to 21.4R3-S5;
* 22.1 versions
prior to
22.1R3-S4;
* 22.2 versions
prior to
22.2R3-S2;
* 22.3 versions
prior to
22.3R2-S2, 22.3R3-S1;
* 22.4 versions
prior to
22.4R2-S1, 22.4R3;
* 23.2 versions prior to 23.2R1-S1, 23.2R2.
Github link:
https://github.com/functionofpwnosec/CVE-2023-36845
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
and SRX Series
allows an unauthenticated, network-based attacker to control certain, important environments variables.
Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on SRX Series:
* All versions prior to 21.4R3-S5;
* 22.1 versions
prior to
22.1R3-S4;
* 22.2 versions
prior to
22.2R3-S2;
* 22.3 versions
prior to
22.3R2-S2, 22.3R3-S1;
* 22.4 versions
prior to
22.4R2-S1, 22.4R3;
* 23.2 versions prior to 23.2R1-S1, 23.2R2.
Github link:
https://github.com/functionofpwnosec/CVE-2023-36845
GitHub
GitHub - functionofpwnosec/CVE-2023-36845: Juniper Networks POC Understanding CVE-2023–36845 Remote Code Execution Exploit and…
Juniper Networks POC Understanding CVE-2023–36845 Remote Code Execution Exploit and Protection - functionofpwnosec/CVE-2023-36845
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
Github link:
https://github.com/CheckCve2/CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
Github link:
https://github.com/CheckCve2/CVE-2024-23113
GitHub
GitHub - CheckCve2/CVE-2024-23113: test_private_CVE
test_private_CVE. Contribute to CheckCve2/CVE-2024-23113 development by creating an account on GitHub.
CVE-2023-3824
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Github link:
https://github.com/baesh3r/poc-CVE-2023-3824
In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE.
Github link:
https://github.com/baesh3r/poc-CVE-2023-3824
GitHub
GitHub - baesh3r/poc-CVE-2023-3824: CVE-2023-3824 PoC
CVE-2023-3824 PoC. Contribute to baesh3r/poc-CVE-2023-3824 development by creating an account on GitHub.
CVE-2024-4439
WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar.
Github link:
https://github.com/soltanali0/CVE-2024-4439
WordPress Core is vulnerable to Stored Cross-Site Scripting via user display names in the Avatar block in various versions up to 6.5.2 due to insufficient output escaping on the display name. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. In addition, it also makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that have the comment block present and display the comment author's avatar.
Github link:
https://github.com/soltanali0/CVE-2024-4439
GitHub
GitHub - soltanali0/CVE-2024-4439: aa
aa. Contribute to soltanali0/CVE-2024-4439 development by creating an account on GitHub.
CVE-2024-27198
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Github link:
https://github.com/geniuszlyy/CVE-2024-27198
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Github link:
https://github.com/geniuszlyy/CVE-2024-27198
GitHub
GitHub - geniuszlyy/CVE-2024-27198: is a PoC tool that targets a vulnerability in the TeamCity server (CVE-2024-27198)
is a PoC tool that targets a vulnerability in the TeamCity server (CVE-2024-27198) - geniuszlyy/CVE-2024-27198