CVE-2019-12185
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
Github link:
https://github.com/Drew-Alleman/CVE-2019-12185
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
Github link:
https://github.com/Drew-Alleman/CVE-2019-12185
GitHub
GitHub - Drew-Alleman/CVE-2019-12185: CVE-2019-12185 - eLabFTW 1.8.5 Python3 Exploit POC
CVE-2019-12185 - eLabFTW 1.8.5 Python3 Exploit POC - Drew-Alleman/CVE-2019-12185
CVE-2015-10141
An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user.
Github link:
https://github.com/n0m4d22/PoC-CVE-2015-10141-Xdebug
An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user.
Github link:
https://github.com/n0m4d22/PoC-CVE-2015-10141-Xdebug
GitHub
GitHub - n0m4d22/PoC-CVE-2015-10141-Xdebug: Proof-of-Concept exploit script for Xdebug 2.5.5 and earlier versions (CVE-2015-10141).
Proof-of-Concept exploit script for Xdebug 2.5.5 and earlier versions (CVE-2015-10141). - n0m4d22/PoC-CVE-2015-10141-Xdebug
CVE-2024-28397
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
Github link:
https://github.com/0timeday/exploit-js2py
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
Github link:
https://github.com/0timeday/exploit-js2py
GitHub
GitHub - 0timeday/exploit-js2py: The CVE-2024-28397 vulnerability affects versions of js2py up to v0.74, a Python library that…
The CVE-2024-28397 vulnerability affects versions of js2py up to v0.74, a Python library that allows JavaScript code to be executed within the Python interpreter. - GitHub - 0timeday/exploit-js2py...