CVE-2024-10924
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default).
Github link:
https://github.com/sharafu-sblsec/CVE-2024-10924
The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default).
Github link:
https://github.com/sharafu-sblsec/CVE-2024-10924
GitHub
GitHub - sharafu-sblsec/CVE-2024-10924: CVE-2024-10924 - Authentication Bypass in ReallySimpleSSL Wordpress Plugin
CVE-2024-10924 - Authentication Bypass in ReallySimpleSSL Wordpress Plugin - sharafu-sblsec/CVE-2024-10924
CVE-2012-2982
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
Github link:
https://github.com/lpuv/CVE-2012-2982
file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.
Github link:
https://github.com/lpuv/CVE-2012-2982
GitHub
GitHub - lpuv/CVE-2012-2982: Webmin 1.580 /file/show.cgi Remote Code Execution
Webmin 1.580 /file/show.cgi Remote Code Execution - GitHub - lpuv/CVE-2012-2982: Webmin 1.580 /file/show.cgi Remote Code Execution
CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
Github link:
https://github.com/coolbabayaga/CVE-2016-6210
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
Github link:
https://github.com/coolbabayaga/CVE-2016-6210
GitHub
GitHub - coolbabayaga/CVE-2016-6210: User name enumeration against SSH daemons affected by CVE-2016-6210.
User name enumeration against SSH daemons affected by CVE-2016-6210. - coolbabayaga/CVE-2016-6210
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/Night-have-dreams/php-cgi-Injector
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/Night-have-dreams/php-cgi-Injector
GitHub
GitHub - Night-have-dreams/php-cgi-Injector: 一個測試CVE-2024-4577和CVE-2024-8926的安全滲透工具
一個測試CVE-2024-4577和CVE-2024-8926的安全滲透工具. Contribute to Night-have-dreams/php-cgi-Injector development by creating an account on GitHub.
CVE-2023-21839
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Github link:
https://github.com/lovingpot/CVE-2023-21839
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Github link:
https://github.com/lovingpot/CVE-2023-21839
CVE-2019-19781
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Github link:
https://github.com/chihyeonwon/CVE-2019-19781
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
Github link:
https://github.com/chihyeonwon/CVE-2019-19781
GitHub
GitHub - chihyeonwon/CVE-2019-19781: RCE, Citirx ADC and Gateway Directory Traversal
RCE, Citirx ADC and Gateway Directory Traversal. Contribute to chihyeonwon/CVE-2019-19781 development by creating an account on GitHub.