CVE-2022-22536
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
Github link:
https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit
SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenation. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary Web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system.
Github link:
https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit
GitHub
GitHub - BecodoExploit-mrCAT/SAPGateBreaker-Exploit: SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request…
SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between I...
CVE-2025-29927
None
Github link:
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
None
Github link:
https://github.com/Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
GitHub
GitHub - Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927: A basic proof of concept of the CVE-2025-29927 vulnerability…
A basic proof of concept of the CVE-2025-29927 vulnerability that allows to bypass the middleware scripts. - Naveen-005/Next.Js-middleware-bypass-vulnerability-CVE-2025-29927
CVE-2023-27163
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/G4sp4rCS/htb-sau-automated
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/G4sp4rCS/htb-sau-automated
GitHub
GitHub - G4sp4rCS/htb-sau-automated: SSRF CVE-2023-27163 + maltrail vuln RCE
SSRF CVE-2023-27163 + maltrail vuln RCE. Contribute to G4sp4rCS/htb-sau-automated development by creating an account on GitHub.
CVE-2024-25600
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/cboss43/CVE-2024-25600
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/cboss43/CVE-2024-25600
GitHub
GitHub - cboss43/CVE-2024-25600: Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes…
Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely. - cboss43/CVE-2024-25600