CVE-2021-40438
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
Github link:
https://github.com/yakir2b/check-point-gateways-rce
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.
Github link:
https://github.com/yakir2b/check-point-gateways-rce
GitHub
GitHub - yakir2b/check-point-gateways-rce: Check Point Security Gateways RCE via CVE-2021-40438
Check Point Security Gateways RCE via CVE-2021-40438 - yakir2b/check-point-gateways-rce
CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/zora-beep/CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/zora-beep/CVE-2023-4220
GitHub
GitHub - zora-beep/CVE-2023-4220: Exploit for CVE-2023-4220
Exploit for CVE-2023-4220. Contribute to zora-beep/CVE-2023-4220 development by creating an account on GitHub.
CVE-2024-41570
An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.
Github link:
https://github.com/0xLynk/CVE-2024-41570-POC
An Unauthenticated Server-Side Request Forgery (SSRF) in demon callback handling in Havoc 2 0.7 allows attackers to send arbitrary network traffic originating from the team server.
Github link:
https://github.com/0xLynk/CVE-2024-41570-POC
GitHub
GitHub - 0xLynk/CVE-2024-41570-POC: CVE-2024-41570 is a critical SSRF vulnerability in Havoc C2 v0.7 that allows an unauthenticated…
CVE-2024-41570 is a critical SSRF vulnerability in Havoc C2 v0.7 that allows an unauthenticated attacker to send arbitrary network requests from the team server. This flaw can be exploited for inte...
CVE-2022-40684
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Github link:
https://github.com/niklasmato/fortileak-01-2025-Be
An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Github link:
https://github.com/niklasmato/fortileak-01-2025-Be
GitHub
GitHub - niklasmato/fortileak-01-2025-Be: This repository contains informaion about the Fortigate firewall vulnerability (CVE-2022…
This repository contains informaion about the Fortigate firewall vulnerability (CVE-2022-40684) and affected data that were publicly disclosed by the Belsen Group. This information is being shared ...
👍1
CVE-2016-2555
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
Github link:
https://github.com/HussainFathy/CVE-2016-2555
SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.
Github link:
https://github.com/HussainFathy/CVE-2016-2555
GitHub
GitHub - HussainFathy/CVE-2016-2555: CVE-2016-2555 Exploit
CVE-2016-2555 Exploit . Contribute to HussainFathy/CVE-2016-2555 development by creating an account on GitHub.
CVE-2024-25600
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/Sibul-Dan-Glokta/test-task-CVE-2024-25600
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/Sibul-Dan-Glokta/test-task-CVE-2024-25600
GitHub
GitHub - Sibul-Dan-Glokta/test-task-CVE-2024-25600: Repository for internship test task.
Repository for internship test task. . Contribute to Sibul-Dan-Glokta/test-task-CVE-2024-25600 development by creating an account on GitHub.
CVE-2021-43798
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
Github link:
https://github.com/davidr-io/Grafana-8.3-Directory-Traversal
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.
Github link:
https://github.com/davidr-io/Grafana-8.3-Directory-Traversal
GitHub
GitHub - davidr-io/Grafana-8.3-Directory-Traversal: CVE-2021-43798 working exploit
CVE-2021-43798 working exploit. Contribute to davidr-io/Grafana-8.3-Directory-Traversal development by creating an account on GitHub.
CVE-2024-2961
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Github link:
https://github.com/kyotozx/CVE-2024-2961-Remote-File-Read
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Github link:
https://github.com/kyotozx/CVE-2024-2961-Remote-File-Read
GitHub
GitHub - kyotozx/CVE-2024-2961-Remote-File-Read: This script demonstrates a proof-of-concept (PoC) for exploiting a file read vulnerability…
This script demonstrates a proof-of-concept (PoC) for exploiting a file read vulnerability in the iconv library, as detailed in Ambionics Security's blog https://www.ambionics.io/blog/iconv...
CVE-2015-9235
In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).
Github link:
https://github.com/z-bool/Venom-JWT
In jsonwebtoken node module before 4.2.2 it is possible for an attacker to bypass verification when a token digitally signed with an asymmetric key (RS/ES family) of algorithms but instead the attacker send a token digitally signed with a symmetric algorithm (HS* family).
Github link:
https://github.com/z-bool/Venom-JWT
GitHub
GitHub - z-bool/Venom-JWT: 针对JWT渗透开发的漏洞验证/密钥爆破工具,针对CVE-2015-9235/空白密钥/未验证签名攻击/CVE-2016-10555/CVE-2018-0114/CVE-2020-28042的结果生成…
针对JWT渗透开发的漏洞验证/密钥爆破工具,针对CVE-2015-9235/空白密钥/未验证签名攻击/CVE-2016-10555/CVE-2018-0114/CVE-2020-28042的结果生成用于FUZZ,也可使用字典/字符枚举(包括JJWT)的方式进行爆破(JWT Crack) - z-bool/Venom-JWT