CVE-2024-25641.zip
3.9 KB
CVE-2024-25641
Author: GabrielCF10
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the
GitHub Link:
https://github.com/GabrielCF10/CVE-2024-25641---Ca...
Author: GabrielCF10
Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web server. The vulnerability is located within the
import_package() function defined into the /lib/import.php script. The function blindly trusts the filename and file content provided within the XML data, and writes such files into the Cacti base path (or even outside, since path traversal sequences are not filtered). This can be exploited to write or overwrite arbitrary files on the web server, leading to execution of arbitrary PHP code or other security impacts. Version 1.2.27 contains a patch for this issue.GitHub Link:
https://github.com/GabrielCF10/CVE-2024-25641---Ca...
CVE-2017-14980.zip
2.9 KB
CVE-2017-14980
Author: DaviGSantana
Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login.
GitHub Link:
https://github.com/DaviGSantana/Exploit-CVE-2017-14980
Author: DaviGSantana
Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login.
GitHub Link:
https://github.com/DaviGSantana/Exploit-CVE-2017-14980
CVE-2024-38063
Author: thealice01
Windows TCP/IP Remote Code Execution Vulnerability
GitHub Link:
https://github.com/thealice01/CVE-2024-38063
Author: thealice01
Windows TCP/IP Remote Code Execution Vulnerability
GitHub Link:
https://github.com/thealice01/CVE-2024-38063
CVE-2023-34362.zip
1.1 KB
CVE-2023-34362
Author: khengar9274-web
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
GitHub Link:
https://github.com/khengar9274-web/movei...
Author: khengar9274-web
In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 2022.1.5 (14.1.5), and 2023.0.1 (15.0.1), a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, and execute SQL statements that alter or delete database elements. NOTE: this is exploited in the wild in May and June 2023; exploitation of unpatched systems can occur via HTTP or HTTPS. All versions (e.g., 2020.0 and 2019x) before the five explicitly mentioned versions are affected, including older unsupported versions.
GitHub Link:
https://github.com/khengar9274-web/movei...
CVE-2019-16098.zip
4.8 MB
CVE-2019-16098
Author: VortexCry-Organization
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.
GitHub Link:
https://github.com/VortexCry-Organization/VortexCry-Ransomware
Author: VortexCry-Organization
The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys and RTCore32.sys) allows any authenticated user to read and write to arbitrary memory, I/O ports, and MSRs. This can be exploited for privilege escalation, code execution under high privileges, and information disclosure. These signed drivers can also be used to bypass the Microsoft driver-signing policy to deploy malicious code.
GitHub Link:
https://github.com/VortexCry-Organization/VortexCry-Ransomware