CVE-2022-46080
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET.
Github link:
https://github.com/geniuszlyy/CVE-2022-46080
Nexxt Nebula 1200-AC 15.03.06.60 allows authentication bypass and command execution by using the HTTPD service to enable TELNET.
Github link:
https://github.com/geniuszlyy/CVE-2022-46080
GitHub
GitHub - geniuszlyy/CVE-2022-46080: it is script that enables Telnet on routers by sending a specially crafted request. The script…
it is script that enables Telnet on routers by sending a specially crafted request. The script allows users to specify the router's URL, Telnet port, and password. It validates the inputs a...
CVE-2022-45701
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
Github link:
https://github.com/geniuszlyy/CVE-2022-45701
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
Github link:
https://github.com/geniuszlyy/CVE-2022-45701
GitHub
GitHub - geniuszlyy/CVE-2022-45701: it is script designed to exploit certain vulnerabilities in routers by sending payloads through…
it is script designed to exploit certain vulnerabilities in routers by sending payloads through SNMP (Simple Network Management Protocol). The script automates the process of authorization, payload...
CVE-2022-44149
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required.
Github link:
https://github.com/geniuszlyy/CVE-2022-44149
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required.
Github link:
https://github.com/geniuszlyy/CVE-2022-44149
GitHub
GitHub - geniuszlyy/CVE-2022-44149: it is script designed to interact with a router by sending a payload to its system tools. The…
it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It i...
CVE-2020-15368
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
Github link:
https://github.com/R7flex/asrockploit
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
Github link:
https://github.com/R7flex/asrockploit
GitHub
GitHub - R7flex/asrockploit: CVE-2020-15368 updated
CVE-2020-15368 updated. Contribute to R7flex/asrockploit development by creating an account on GitHub.
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/charlesgargasson/CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/charlesgargasson/CVE-2023-41425
GitHub
GitHub - charlesgargasson/CVE-2023-41425: Wonder CMS RCE (XSS)
Wonder CMS RCE (XSS). Contribute to charlesgargasson/CVE-2023-41425 development by creating an account on GitHub.
CVE-2023-23752
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Github link:
https://github.com/Aureum01/CVE-2023-23752
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
Github link:
https://github.com/Aureum01/CVE-2023-23752
GitHub
GitHub - Aureum01/CVE-2023-23752: A bash automation that exploits the vulnerable endpoints for the Joomla! API 4.0 - 4.2.7
A bash automation that exploits the vulnerable endpoints for the Joomla! API 4.0 - 4.2.7 - Aureum01/CVE-2023-23752
CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/insomnia-jacob/CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Github link:
https://github.com/insomnia-jacob/CVE-2023-41425
GitHub
GitHub - insomnia-jacob/CVE-2023-41425
Contribute to insomnia-jacob/CVE-2023-41425 development by creating an account on GitHub.
CVE-2024-6387
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().
Github link:
https://github.com/niktoproject/CVE-202406387_Check.py
A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().
Github link:
https://github.com/niktoproject/CVE-202406387_Check.py
CVE-2024-27198
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Github link:
https://github.com/Pypi-Project/RCity-CVE-2024-27198
In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
Github link:
https://github.com/Pypi-Project/RCity-CVE-2024-27198
CVE-2020-0796
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
Github link:
https://github.com/z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'.
Github link:
https://github.com/z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities
GitHub
GitHub - z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities: This repository contains detailed…
This repository contains detailed documentation and code related to the exploitation, detection, and mitigation of two significant vulnerabilities: CVE-2020-0796 (SMBGhost) and Print Spooler. - z3e...
CVE-2020-6308
SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.
Github link:
https://github.com/MachadoOtto/sap_bo_launchpad-ssrf-timing_attack
SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally. On successful exploitation, attacker can scan internal network to determine internal infrastructure and gather information for further attacks like remote file inclusion, retrieve server files, bypass firewall and force the vulnerable server to perform malicious requests, resulting in a Server-Side Request Forgery vulnerability.
Github link:
https://github.com/MachadoOtto/sap_bo_launchpad-ssrf-timing_attack
GitHub
GitHub - MachadoOtto/sap_bo_launchpad-ssrf-timing_attack: This script exploits and performs an SSRF (Server-Side Request Forgery)…
This script exploits and performs an SSRF (Server-Side Request Forgery) and Timing Attack against the SAP BusinessObjects Launchpad (CVE-2020-6308). It attempts to determine the status of various p...
CVE-2022-31814
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
Github link:
https://github.com/ArunHAtter/CVE-2022-31814
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
Github link:
https://github.com/ArunHAtter/CVE-2022-31814
GitHub
GitHub - ArunHAtter/CVE-2022-31814: This script is a proof-of-concept exploit for pfBlockerNG <= 2.1.4_26 that allows for remote…
This script is a proof-of-concept exploit for pfBlockerNG <= 2.1.4_26 that allows for remote code execution. It takes a single target URL or a list of URLs, tries to upload a shell using mul...