CVE-2019-9053
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Github link:
https://github.com/louisthedonothing/CVE-2019-9053
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Github link:
https://github.com/louisthedonothing/CVE-2019-9053
GitHub
GitHub - louisthedonothing/CVE-2019-9053: CVE-2019-9053 rewritten in python3 to fix broken syntax. Affects CMS made simple <2.2.10
CVE-2019-9053 rewritten in python3 to fix broken syntax. Affects CMS made simple <2.2.10 - louisthedonothing/CVE-2019-9053
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/TanveerS1ngh/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/TanveerS1ngh/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425
GitHub
GitHub - TanveerS1ngh/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425: CVE-2023-41425 Refurbish
CVE-2023-41425 Refurbish. Contribute to TanveerS1ngh/WonderCMS-4.3.2-XSS-to-RCE-Exploits-CVE-2023-41425 development by creating an account on GitHub.
CVE-2023-50564
None
Github link:
https://github.com/TanveerS1ngh/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564-
None
Github link:
https://github.com/TanveerS1ngh/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564-
GitHub
GitHub - TanveerS1ngh/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564-: Refurbish exploit in bash
Refurbish exploit in bash. Contribute to TanveerS1ngh/Pluck-CMS-v4.7.18-Remote-Code-Execution-CVE-2023-50564- development by creating an account on GitHub.
CVE-2023-4220
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/TanveerS1ngh/Chamilo-LMS-CVE-2023-4220-Exploit
Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.
Github link:
https://github.com/TanveerS1ngh/Chamilo-LMS-CVE-2023-4220-Exploit
GitHub
GitHub - TanveerS1ngh/Chamilo-LMS-CVE-2023-4220-Exploit: Refurbish Chamilo LMS CVE-2023-4220 exploit written in bash
Refurbish Chamilo LMS CVE-2023-4220 exploit written in bash - TanveerS1ngh/Chamilo-LMS-CVE-2023-4220-Exploit
CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
Github link:
https://github.com/hatvix1/CVE-2024-23113
A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
Github link:
https://github.com/hatvix1/CVE-2024-23113
CVE-2024-24919
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/sar-3mar/CVE-2024-24919_POC
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available.
Github link:
https://github.com/sar-3mar/CVE-2024-24919_POC
GitHub
GitHub - sar-3mar/CVE-2024-24919_POC: It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd
It's Proof of Concept on CVE-2024-24919-POC , i made it after it's discoverd - GitHub - sar-3mar/CVE-2024-24919_POC: It's Proof of Concept on CVE-2024-24919-POC , i made it...
CVE-2022-38029
Windows ALPC Elevation of Privilege Vulnerability.
Github link:
https://github.com/SpiralBL0CK/SIDECHANNEL-CVE-2022-38029
Windows ALPC Elevation of Privilege Vulnerability.
Github link:
https://github.com/SpiralBL0CK/SIDECHANNEL-CVE-2022-38029
GitHub
GitHub - SpiralBL0CK/SIDECHANNEL-CVE-2022-38029: SIDECHANNEL+CVE-2022-38029
SIDECHANNEL+CVE-2022-38029. Contribute to SpiralBL0CK/SIDECHANNEL-CVE-2022-38029 development by creating an account on GitHub.