CVE-2023-5561
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
Github link:
https://github.com/dthkhang/CVE-2023-5561-PoC
WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack
Github link:
https://github.com/dthkhang/CVE-2023-5561-PoC
GitHub
GitHub - dthkhang/CVE-2023-5561-PoC: CVE-2023-5561-PoC
CVE-2023-5561-PoC. Contribute to dthkhang/CVE-2023-5561-PoC development by creating an account on GitHub.
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/Tea-On/CVE-2023-41425-RCE-WonderCMS-4.3.2
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/Tea-On/CVE-2023-41425-RCE-WonderCMS-4.3.2
GitHub
GitHub - Tea-On/CVE-2023-41425-RCE-WonderCMS-4.3.2: Automates creation and hosting of a JavaScript XSS payload to install a malicious…
Automates creation and hosting of a JavaScript XSS payload to install a malicious theme module, triggering a reverse shell via Remote Code Execution in WonderCMS. This tool uses PentestMonkey&#...
CVE-2022-0847
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
Github link:
https://github.com/morgenm/dirtypipe
A flaw was found in the way the "flags" member of the new pipe buffer structure was lacking proper initialization in copy_page_to_iter_pipe and push_pipe functions in the Linux kernel and could thus contain stale values. An unprivileged local user could use this flaw to write to pages in the page cache backed by read only files and as such escalate their privileges on the system.
Github link:
https://github.com/morgenm/dirtypipe
GitHub
GitHub - morgenm/dirtypipe: DirtyPipe (CVE-2022-0847) exploit written in Rust
DirtyPipe (CVE-2022-0847) exploit written in Rust. Contribute to morgenm/dirtypipe development by creating an account on GitHub.
CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
Github link:
https://github.com/paulogmota/CVE-2018-6574
Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before Go 1.10rc2 allow "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked.
Github link:
https://github.com/paulogmota/CVE-2018-6574
GitHub
GitHub - paulogmota/CVE-2018-6574: Golang cgo exploit for CVE-2018-6574
Golang cgo exploit for CVE-2018-6574. Contribute to paulogmota/CVE-2018-6574 development by creating an account on GitHub.
CVE-2025-47175
None
Github link:
https://github.com/mbanyamer/mbanyamer-Microsoft-PowerPoint-Use-After-Free-Remote-Code-Execution-RCE
None
Github link:
https://github.com/mbanyamer/mbanyamer-Microsoft-PowerPoint-Use-After-Free-Remote-Code-Execution-RCE
GitHub
GitHub - mbanyamer/mbanyamer-Microsoft-PowerPoint-Use-After-Free-Remote-Code-Execution-RCE: This repository contains a Proof of…
This repository contains a Proof of Concept (PoC) exploit for the **CVE-2025-47175** vulnerability found in Microsoft PowerPoint. The vulnerability is a Use-After-Free (UAF) bug that allows an at...
CVE-2022-46169
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determin
Github link:
https://github.com/alv-david/CVE-2022-46169-Cacti-1.2.22
Cacti is an open source platform which provides a robust and extensible operational monitoring and fault management framework for users. In affected versions a command injection vulnerability allows an unauthenticated user to execute arbitrary code on a server running Cacti, if a specific data source was selected for any monitored device. The vulnerability resides in the `remote_agent.php` file. This file can be accessed without authentication. This function retrieves the IP address of the client via `get_client_addr` and resolves this IP address to the corresponding hostname via `gethostbyaddr`. After this, it is verified that an entry within the `poller` table exists, where the hostname corresponds to the resolved hostname. If such an entry was found, the function returns `true` and the client is authorized. This authorization can be bypassed due to the implementation of the `get_client_addr` function. The function is defined in the file `lib/functions.php` and checks serval `$_SERVER` variables to determin
Github link:
https://github.com/alv-david/CVE-2022-46169-Cacti-1.2.22
GitHub
GitHub - alv-david/CVE-2022-46169-Cacti-1.2.22: Find out a modified Cacti public exploit!
Find out a modified Cacti public exploit! Contribute to alv-david/CVE-2022-46169-Cacti-1.2.22 development by creating an account on GitHub.