CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/h3athen/CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/h3athen/CVE-2023-41425
GitHub
GitHub - h3athen/CVE-2023-41425: Writing one because the one I found isn't working
Writing one because the one I found isn't working. Contribute to h3athen/CVE-2023-41425 development by creating an account on GitHub.
CVE-2021-22911
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
Github link:
https://github.com/Weisant/CVE-2021-22911-EXP
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
Github link:
https://github.com/Weisant/CVE-2021-22911-EXP
GitHub
GitHub - Weisant/CVE-2021-22911-EXP: some small changes to the code by CsEnox
some small changes to the code by CsEnox. Contribute to Weisant/CVE-2021-22911-EXP development by creating an account on GitHub.
CVE-2017-12635
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behaviour that if two 'roles' keys are available in the JSON, the second one will be used for authorising the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges.
Github link:
https://github.com/Weisant/CVE-2017-12635-EXP
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behaviour that if two 'roles' keys are available in the JSON, the second one will be used for authorising the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges.
Github link:
https://github.com/Weisant/CVE-2017-12635-EXP
GitHub
GitHub - Weisant/CVE-2017-12635-EXP: CouchDB CVE-2017-12635 Exploit Script
CouchDB CVE-2017-12635 Exploit Script. Contribute to Weisant/CVE-2017-12635-EXP development by creating an account on GitHub.
CVE-2024-23897
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
Github link:
https://github.com/zgimszhd61/CVE-2024-23897-poc
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
Github link:
https://github.com/zgimszhd61/CVE-2024-23897-poc
CVE-2023-48123
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.
Github link:
https://github.com/Farzan-Kh/CVE-2023-48123
An issue in Netgate pfSense Plus v.23.05.1 and before and pfSense CE v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted request to the packet_capture.php file.
Github link:
https://github.com/Farzan-Kh/CVE-2023-48123
GitHub
GitHub - Farzan-Kh/CVE-2023-48123: CVE-2023-48123 exploit
CVE-2023-48123 exploit. Contribute to Farzan-Kh/CVE-2023-48123 development by creating an account on GitHub.