CVE-2018-7600
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Github link:
https://github.com/mr-won/CVE-2018-7600.
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
Github link:
https://github.com/mr-won/CVE-2018-7600.
GitHub
GitHub - mr-won/CVE-2018-7600: CVE-2018-7600 POC (Drupal RCE)
CVE-2018-7600 POC (Drupal RCE). Contribute to mr-won/CVE-2018-7600 development by creating an account on GitHub.
CVE-2025-24813
None
Github link:
https://github.com/michael-david-fry/Apache-Tomcat-Vulnerability-POC-CVE-2025-24813
None
Github link:
https://github.com/michael-david-fry/Apache-Tomcat-Vulnerability-POC-CVE-2025-24813
GitHub
GitHub - michael-david-fry/Apache-Tomcat-Vulnerability-POC-CVE-2025-24813: Apache Tomcat Vulnerability POC (CVE-2025-24813)
Apache Tomcat Vulnerability POC (CVE-2025-24813). Contribute to michael-david-fry/Apache-Tomcat-Vulnerability-POC-CVE-2025-24813 development by creating an account on GitHub.
CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/javaamo/CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/javaamo/CVE-2021-41773
GitHub
GitHub - javaamo/CVE-2021-41773: CVE-2021-41773
CVE-2021-41773 . Contribute to javaamo/CVE-2021-41773 development by creating an account on GitHub.
CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/ashique-thaha/CVE-2021-41773-POC
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/ashique-thaha/CVE-2021-41773-POC
GitHub
GitHub - ashique-thaha/CVE-2021-41773-POC: The POC and Lab setup documentation of CVE 2021 41773
The POC and Lab setup documentation of CVE 2021 41773 - GitHub - ashique-thaha/CVE-2021-41773-POC: The POC and Lab setup documentation of CVE 2021 41773