CVE-2023-39141
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
Github link:
https://github.com/MartiSabate/CVE-2023-39141-LFI-enumerator
webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.
Github link:
https://github.com/MartiSabate/CVE-2023-39141-LFI-enumerator
GitHub
GitHub - MartiSabate/CVE-2023-39141-LFI-enumerator: enumerate files and directories from a remote server
enumerate files and directories from a remote server - MartiSabate/CVE-2023-39141-LFI-enumerator
CVE-2024-48887
None
Github link:
https://github.com/cybersecplayground/CVE-2024-48887-FortiSwitch-Exploit
None
Github link:
https://github.com/cybersecplayground/CVE-2024-48887-FortiSwitch-Exploit
GitHub
GitHub - cybersecplayground/CVE-2024-48887-FortiSwitch-Exploit: a lightweight JavaScript snippet showcasing how unauthorized password…
a lightweight JavaScript snippet showcasing how unauthorized password changes can be triggered on vulnerable Fortinet FortiSwitch GUI endpoints. - cybersecplayground/CVE-2024-48887-FortiSwitch-Exploit
CVE-2024-25600
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/ivanbg2004/ODH-BricksBuilder-CVE-2024-25600-THM
Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.
Github link:
https://github.com/ivanbg2004/ODH-BricksBuilder-CVE-2024-25600-THM
GitHub
GitHub - ivanbg2004/ODH-BricksBuilder-CVE-2024-25600-THM: OD&H's scanner for CVE-2024-25600 vulnerability in the Bricks Builder…
OD&H's scanner for CVE-2024-25600 vulnerability in the Bricks Builder WordPress plugin. For use in Try Hack Me (THM) environments. - ivanbg2004/ODH-BricksBuilder-CVE-2024-25600-THM
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/deadlybangle/CVE-2024-4577-PHP-RCE
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/deadlybangle/CVE-2024-4577-PHP-RCE
CVE-2019-15107
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/Mattb709/CVE-2019-15107-Webmin-RCE-PoC
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/Mattb709/CVE-2019-15107-Webmin-RCE-PoC
GitHub
GitHub - Mattb709/CVE-2019-15107-Webmin-RCE-PoC: A Python proof-of-concept exploit for CVE-2019-15107 - an unauthenticated remote…
A Python proof-of-concept exploit for CVE-2019-15107 - an unauthenticated remote code execution vulnerability in Webmin versions 1.890 through 1.920. - Mattb709/CVE-2019-15107-Webmin-RCE-PoC