CVE-2024-2961
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Github link:
https://github.com/4wayhandshake/CVE-2024-2961
The iconv() function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable.
Github link:
https://github.com/4wayhandshake/CVE-2024-2961
GitHub
GitHub - 4wayhandshake/CVE-2024-2961: Uses CVE-2024-2961 to perform an arbitrary file read
Uses CVE-2024-2961 to perform an arbitrary file read - 4wayhandshake/CVE-2024-2961
CVE-2021-3129
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
Github link:
https://github.com/lukwagoasuman/CVE-2021-3129---Laravel-RCE
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
Github link:
https://github.com/lukwagoasuman/CVE-2021-3129---Laravel-RCE
GitHub
GitHub - lukwagoasuman/CVE-2021-3129---Laravel-RCE: ## About The script has been made for exploiting the Laravel RCE (CVE-2021…
## About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability.
This script allows you to write/execute commands on a website running <b&...
This script allows you to write/execute commands on a website running <b&...
CVE-2024-0235
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog
Github link:
https://github.com/Nxploited/CVE-2024-0235-PoC
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog
Github link:
https://github.com/Nxploited/CVE-2024-0235-PoC
GitHub
GitHub - Nxploited/CVE-2024-0235-PoC: The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have…
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users...