CVE-2024-21514
This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version 3.0.3.9. As an anonymous unauthenticated user, if the Divido payment module is installed (it does not have to be enabled), it is possible to exploit SQL injection to gain unauthorised access to the backend database. For any site which is vulnerable, any unauthenticated user could exploit this to dump the entire OpenCart database, including customer PII data.
Github link:
https://github.com/bigb0x/CVE-2024-21514
This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version 3.0.3.9. As an anonymous unauthenticated user, if the Divido payment module is installed (it does not have to be enabled), it is possible to exploit SQL injection to gain unauthorised access to the backend database. For any site which is vulnerable, any unauthenticated user could exploit this to dump the entire OpenCart database, including customer PII data.
Github link:
https://github.com/bigb0x/CVE-2024-21514
GitHub
GitHub - bigb0x/CVE-2024-21514: SQL Injection POC for CVE-2024-21514: Divido payment extension for OpenCart
SQL Injection POC for CVE-2024-21514: Divido payment extension for OpenCart - bigb0x/CVE-2024-21514
CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/bigb0x/CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/bigb0x/CVE-2024-31982
GitHub
GitHub - bigb0x/CVE-2024-31982: POC for CVE-2024-31982: XWiki Platform Remote Code Execution > 14.10.20
POC for CVE-2024-31982: XWiki Platform Remote Code Execution > 14.10.20 - bigb0x/CVE-2024-31982
CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/th3gokul/CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/th3gokul/CVE-2024-31982
GitHub
GitHub - th3gokul/CVE-2024-31982: A tool for vulnerability detection and exploitation tool for CVE-2024-31982
A tool for vulnerability detection and exploitation tool for CVE-2024-31982 - GitHub - th3gokul/CVE-2024-31982: A tool for vulnerability detection and exploitation tool for CVE-2024-31982
CVE-2023-23397
Microsoft Outlook Elevation of Privilege Vulnerability
Github link:
https://github.com/Symbolexe/CVE-2023-23397
Microsoft Outlook Elevation of Privilege Vulnerability
Github link:
https://github.com/Symbolexe/CVE-2023-23397
GitHub
GitHub - Symbolexe/CVE-2023-23397: CVE-2023-23397: Remote Code Execution Vulnerability in Microsoft Outlook
CVE-2023-23397: Remote Code Execution Vulnerability in Microsoft Outlook - Symbolexe/CVE-2023-23397
CVE-2024-28999
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
Github link:
https://github.com/HussainFathy/CVE-2024-28999
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
Github link:
https://github.com/HussainFathy/CVE-2024-28999
GitHub
GitHub - HussainFathy/CVE-2024-28999: Exploit for CVE-2024-28999 SolarWinds Platform Race Condition Vulnerability - login page
Exploit for CVE-2024-28999 SolarWinds Platform Race Condition Vulnerability - login page - HussainFathy/CVE-2024-28999
CVE-2023-27163
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning
GitHub
GitHub - Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning: It is a simple script to automate internal port scanning…
It is a simple script to automate internal port scanning dueto SSRF in requests-baskets v 1.2.1. this script can also assisst in solving 'SAU' machine from hackthebox - Rishabh-Kuma...
CVE-2023-49103
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
Github link:
https://github.com/d0rb/CVE-2023-49103
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
Github link:
https://github.com/d0rb/CVE-2023-49103
GitHub
GitHub - d0rb/CVE-2023-49103: This is a simple proof of concept for CVE-2023-49103.
This is a simple proof of concept for CVE-2023-49103. - d0rb/CVE-2023-49103
CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/dr3u1d/CVE-2024-34102-RCE
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/dr3u1d/CVE-2024-34102-RCE
CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/bigb0x/CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/bigb0x/CVE-2024-34102
GitHub
GitHub - bigb0x/CVE-2024-34102: POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento / Adobe Commerce.
POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento / Adobe Commerce. - GitHub - bigb0x/CVE-2024-34102: POC for CVE-2024-34102. A pre-authentication XML entity injec...
CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/th3gokul/CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/th3gokul/CVE-2024-34102
GitHub
GitHub - th3gokul/CVE-2024-34102: CVE-2024-34102: Unauthenticated Magento XXE
CVE-2024-34102: Unauthenticated Magento XXE. Contribute to th3gokul/CVE-2024-34102 development by creating an account on GitHub.
CVE-2024-4040
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/olebris/CVE-2024-4040
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/olebris/CVE-2024-4040
GitHub
GitHub - olebris/CVE-2024-4040: CVE-2024-4040 PoC
CVE-2024-4040 PoC. Contribute to olebris/CVE-2024-4040 development by creating an account on GitHub.
CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/olebris/CVE-2024-21413
Microsoft Outlook Remote Code Execution Vulnerability
Github link:
https://github.com/olebris/CVE-2024-21413
GitHub
GitHub - olebris/CVE-2024-21413: CVE-2024-21413 PoC
CVE-2024-21413 PoC. Contribute to olebris/CVE-2024-21413 development by creating an account on GitHub.
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/olebris/CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/olebris/CVE-2024-4577
GitHub
GitHub - olebris/CVE-2024-4577: CVE-2024-4577
CVE-2024-4577. Contribute to olebris/CVE-2024-4577 development by creating an account on GitHub.
CVE-2023-34362
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
Github link:
https://github.com/glen-pearson/CVE-2023-34362-RCE
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
Github link:
https://github.com/glen-pearson/CVE-2023-34362-RCE
GitHub
GitHub - glen-pearson/MoveIT-CVE-2023-34362-RCE: Modified RCE with a remote shell and logging
Modified RCE with a remote shell and logging. Contribute to glen-pearson/MoveIT-CVE-2023-34362-RCE development by creating an account on GitHub.
CVE-2024-5806
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass in limited scenarios.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.
Github link:
https://github.com/glen-pearson/MoveIT_CVE-2024-5806
Improper Authentication vulnerability in Progress MOVEit Transfer (SFTP module) can lead to Authentication Bypass in limited scenarios.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2.
Github link:
https://github.com/glen-pearson/MoveIT_CVE-2024-5806
GitHub
glen-pearson/MoveIT_CVE-2024-5806
Exploit created by wacthtower, modified with a reverse shell and logging. - glen-pearson/MoveIT_CVE-2024-5806