CVE-2023-27163
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/G4sp4rCS/htb-sau-automated
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/G4sp4rCS/htb-sau-automated
GitHub
GitHub - G4sp4rCS/htb-sau-automated: SSRF CVE-2023-27163 + maltrail vuln RCE
SSRF CVE-2023-27163 + maltrail vuln RCE. Contribute to G4sp4rCS/htb-sau-automated development by creating an account on GitHub.
CVE-2024-25600
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/cboss43/CVE-2024-25600
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/cboss43/CVE-2024-25600
GitHub
GitHub - cboss43/CVE-2024-25600: Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes…
Unauthenticated RCE exploit for CVE-2024-25600 in WordPress Bricks Builder <= 1.9.6. Executes arbitrary code remotely. - cboss43/CVE-2024-25600
CVE-2021-38163
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.
Github link:
https://github.com/purpleteam-ru/CVE-2021-38163
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of the Java Server process. These commands can be used to read or modify any information on the server or shut the server down making it unavailable.
Github link:
https://github.com/purpleteam-ru/CVE-2021-38163
GitHub
GitHub - purpleteam-ru/CVE-2021-38163: CVE-2021-38163 - SAP NetWeaver AS Java Desynchronization Vulnerability
CVE-2021-38163 - SAP NetWeaver AS Java Desynchronization Vulnerability - purpleteam-ru/CVE-2021-38163
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
Github link:
https://github.com/Drew-Alleman/CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
Github link:
https://github.com/Drew-Alleman/CVE-2018-19422
GitHub
GitHub - Drew-Alleman/CVE-2018-19422: Subrion File Upload Bypass to RCE and Custom File Upload (Authenticated)
Subrion File Upload Bypass to RCE and Custom File Upload (Authenticated) - Drew-Alleman/CVE-2018-19422
CVE-2024-23897
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
Github link:
https://github.com/tvasari/CVE-2024-23897
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
Github link:
https://github.com/tvasari/CVE-2024-23897
GitHub
GitHub - tvasari/CVE-2024-23897: Jenkins CLI arbitrary read (CVE-2024-23897 applies to versions below 2.442 and LTS 2.426.3)
Jenkins CLI arbitrary read (CVE-2024-23897 applies to versions below 2.442 and LTS 2.426.3) - tvasari/CVE-2024-23897