CVE-2021-41773.zip
3.4 KB
CVE-2021-41773
Author: ChanaPCN
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
GitHub Link:
https://github.com/ChanaPCN/CVE-2021-41773-Analysis
Author: ChanaPCN
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013.
GitHub Link:
https://github.com/ChanaPCN/CVE-2021-41773-Analysis
CVE-2025-31324.zip
9.2 KB
CVE-2025-31324
Author: aristois913
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
GitHub Link:
https://github.com/aristois913/CVE-2025-31324
Author: aristois913
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
GitHub Link:
https://github.com/aristois913/CVE-2025-31324
CVE-2009-2265.zip
741 B
CVE-2009-2265
Author: matesz44
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
GitHub Link:
https://github.com/matesz44/CVE-2009-2265
Author: matesz44
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
GitHub Link:
https://github.com/matesz44/CVE-2009-2265
CVE-2025-32462
Author: lakshan-sameera
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
GitHub Link:
https://github.com/lakshan-sameera/CVE-2025-32462-and-CVE-2025-32463---Critical-Sudo-Vulnerabilities
Author: lakshan-sameera
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines.
GitHub Link:
https://github.com/lakshan-sameera/CVE-2025-32462-and-CVE-2025-32463---Critical-Sudo-Vulnerabilities
CVE-2025-29927.zip
656 B
CVE-2025-29927
Author: N3k0t-dev
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
GitHub Link:
https://github.com/N3k0t-dev/bughunter-cyber-intel-dashboard
Author: N3k0t-dev
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
GitHub Link:
https://github.com/N3k0t-dev/bughunter-cyber-intel-dashboard
CVE-2020-5752.zip
2 KB
CVE-2020-5752
Author: x0rbeexd
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
GitHub Link:
https://github.com/x0rbeexd/CVE-2020-5752
Author: x0rbeexd
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
GitHub Link:
https://github.com/x0rbeexd/CVE-2020-5752
CVE-2023-4220.zip
13.6 KB
CVE-2023-4220
Author: Least-Significant-Bit
Unrestricted file upload in big file upload functionality in
GitHub Link:
https://github.com/Least-Significant-Bit/CVE-2023-4220
Author: Least-Significant-Bit
Unrestricted file upload in big file upload functionality in
/main/inc/lib/javascript/bigupload/inc/bigUpload.php in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.GitHub Link:
https://github.com/Least-Significant-Bit/CVE-2023-4220
CVE-2020-7693.zip
1.8 KB
CVE-2020-7693
Author: thewindghost
Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20.
GitHub Link:
https://github.com/thewindghost/CVE-2020-7693
Author: thewindghost
Incorrect handling of Upgrade header with the value websocket leads in crashing of containers hosting sockjs apps. This affects the package sockjs before 0.3.20.
GitHub Link:
https://github.com/thewindghost/CVE-2020-7693