CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Github link:
https://github.com/gotr00t0day/CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Github link:
https://github.com/gotr00t0day/CVE-2024-28995
GitHub
GitHub - gotr00t0day/CVE-2024-28995: SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow…
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. - GitHub - gotr00t0day/CVE-2024-28995: SolarWinds Se...
CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/thefizzyfish/CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/thefizzyfish/CVE-2023-4220
GitHub
GitHub - thefizzyfish/CVE-2023-4220: Python exploit for Chamilo Unrestricted File Upload Vuln - CVE-2023-4220
Python exploit for Chamilo Unrestricted File Upload Vuln - CVE-2023-4220 - thefizzyfish/CVE-2023-4220
CVE-2024-30088
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/Justintroup85/exploits-forsale-collateral-damage
Windows Kernel Elevation of Privilege Vulnerability
Github link:
https://github.com/Justintroup85/exploits-forsale-collateral-damage
GitHub
GitHub - Justintroup85/exploits-forsale-collateral-damage: Kernel exploit for Xbox SystemOS using CVE-2024-30088
Kernel exploit for Xbox SystemOS using CVE-2024-30088 - Justintroup85/exploits-forsale-collateral-damage
CVE-2022-35914
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
Github link:
https://github.com/noxlumens/CVE-2022-35914_poc
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
Github link:
https://github.com/noxlumens/CVE-2022-35914_poc
GitHub
GitHub - noxlumens/CVE-2022-35914_poc: Modified for GLPI Offsec Lab: call_user_func, array_map, passthru
Modified for GLPI Offsec Lab: call_user_func, array_map, passthru - noxlumens/CVE-2022-35914_poc
CVE-2023-22809
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
Github link:
https://github.com/laxmiyamkolu/SUDO-privilege-escalation
In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected versions are 1.8.0 through 1.9.12.p1. The problem exists because a user-specified editor may contain a "--" argument that defeats a protection mechanism, e.g., an EDITOR='vim -- /path/to/extra/file' value.
Github link:
https://github.com/laxmiyamkolu/SUDO-privilege-escalation
GitHub
GitHub - laxmiyamkolu/SUDO-privilege-escalation: Sudo Privilege Escalation: CVE-2023-22809 Simulation This project simulates the…
Sudo Privilege Escalation: CVE-2023-22809 Simulation This project simulates the Sudo privilege escalation vulnerability (CVE-2023-22809) to demonstrate how unauthorized root access can be gained. ...
CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/0xc4t/CVE-2021-41773
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
Github link:
https://github.com/0xc4t/CVE-2021-41773
GitHub
GitHub - 0xc4t/CVE-2021-41773: POC & Lab For CVE-2021-41773
POC & Lab For CVE-2021-41773. Contribute to 0xc4t/CVE-2021-41773 development by creating an account on GitHub.
CVE-2024-4879
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Github link:
https://github.com/fa-rrel/CVE-2024-4879
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted instances, and ServiceNow released the update to our partners and self-hosted customers. Listed below are the patches and hot fixes that address the vulnerability. If you have not done so already, we recommend applying security patches relevant to your instance as soon as possible.
Github link:
https://github.com/fa-rrel/CVE-2024-4879
GitHub
GitHub - gh-ost00/CVE-2024-4879: Jelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879
Jelly Template Injection Vulnerability in ServiceNow | POC CVE-2024-4879 - gh-ost00/CVE-2024-4879