CVE-2023-23388
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/ynwarcs/CVE-2023-23388
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/ynwarcs/CVE-2023-23388
GitHub
GitHub - ynwarcs/CVE-2023-23388: poc for CVE-2023-23388 (LPE in Windows 10/11 bthserv service)
poc for CVE-2023-23388 (LPE in Windows 10/11 bthserv service) - ynwarcs/CVE-2023-23388
CVE-2024-34313
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint.
Github link:
https://github.com/vincentscode/CVE-2024-34313
An issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint.
Github link:
https://github.com/vincentscode/CVE-2024-34313
GitHub
GitHub - vincentscode/CVE-2024-34313: ☣️ This repository contains the description and a proof of concept for CVE-2024-34313
☣️ This repository contains the description and a proof of concept for CVE-2024-34313 - vincentscode/CVE-2024-34313
CVE-2024-34312
Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component vplide.js.
Github link:
https://github.com/vincentscode/CVE-2024-34312
Virtual Programming Lab for Moodle up to v4.2.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component vplide.js.
Github link:
https://github.com/vincentscode/CVE-2024-34312
GitHub
GitHub - vincentscode/CVE-2024-34312: ☣️ This repository contains the description and a proof of concept for CVE-2024-34312
☣️ This repository contains the description and a proof of concept for CVE-2024-34312 - vincentscode/CVE-2024-34312
CVE-2024-32002
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.
Github link:
https://github.com/Yitian26/git_rce
Git is a revision control system. Prior to versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4, repositories with submodules can be crafted in a way that exploits a bug in Git whereby it can be fooled into writing files not into the submodule's worktree but into a `.git/` directory. This allows writing a hook that will be executed while the clone operation is still running, giving the user no opportunity to inspect the code that is being executed. The problem has been patched in versions 2.45.1, 2.44.1, 2.43.4, 2.42.2, 2.41.1, 2.40.2, and 2.39.4. If symbolic link support is disabled in Git (e.g. via `git config --global core.symlinks false`), the described attack won't work. As always, it is best to avoid cloning repositories from untrusted sources.
Github link:
https://github.com/Yitian26/git_rce
GitHub
GitHub - Yitian26/git_rce
Contribute to Yitian26/git_rce development by creating an account on GitHub.
CVE-2024-34470
An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.
Github link:
https://github.com/th3gokul/CVE-2024-34470
An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.
Github link:
https://github.com/th3gokul/CVE-2024-34470
GitHub
GitHub - th3gokul/CVE-2024-34470: CVE-2024-34470 : An Unauthenticated Path Traversal Vulnerability in HSC Mailinspector
CVE-2024-34470 : An Unauthenticated Path Traversal Vulnerability in HSC Mailinspector - th3gokul/CVE-2024-34470
CVE-2024-21514
This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version 3.0.3.9. As an anonymous unauthenticated user, if the Divido payment module is installed (it does not have to be enabled), it is possible to exploit SQL injection to gain unauthorised access to the backend database. For any site which is vulnerable, any unauthenticated user could exploit this to dump the entire OpenCart database, including customer PII data.
Github link:
https://github.com/bigb0x/CVE-2024-21514
This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version 3.0.3.9. As an anonymous unauthenticated user, if the Divido payment module is installed (it does not have to be enabled), it is possible to exploit SQL injection to gain unauthorised access to the backend database. For any site which is vulnerable, any unauthenticated user could exploit this to dump the entire OpenCart database, including customer PII data.
Github link:
https://github.com/bigb0x/CVE-2024-21514
GitHub
GitHub - bigb0x/CVE-2024-21514: SQL Injection POC for CVE-2024-21514: Divido payment extension for OpenCart
SQL Injection POC for CVE-2024-21514: Divido payment extension for OpenCart - bigb0x/CVE-2024-21514
CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/bigb0x/CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/bigb0x/CVE-2024-31982
GitHub
GitHub - bigb0x/CVE-2024-31982: POC for CVE-2024-31982: XWiki Platform Remote Code Execution > 14.10.20
POC for CVE-2024-31982: XWiki Platform Remote Code Execution > 14.10.20 - bigb0x/CVE-2024-31982
CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/th3gokul/CVE-2024-31982
XWiki Platform is a generic wiki platform. Starting in version 2.4-milestone-1 and prior to versions 4.10.20, 15.5.4, and 15.10-rc-1, XWiki's database search allows remote code execution through the search text. This allows remote code execution for any visitor of a public wiki or user of a closed wiki as the database search is by default accessible for all users. This impacts the confidentiality, integrity and availability of the whole XWiki installation. This vulnerability has been patched in XWiki 14.10.20, 15.5.4 and 15.10RC1. As a workaround, one may manually apply the patch to the page `Main.DatabaseSearch`. Alternatively, unless database search is explicitly used by users, this page can be deleted as this is not the default search interface of XWiki.
Github link:
https://github.com/th3gokul/CVE-2024-31982
GitHub
GitHub - th3gokul/CVE-2024-31982: A tool for vulnerability detection and exploitation tool for CVE-2024-31982
A tool for vulnerability detection and exploitation tool for CVE-2024-31982 - GitHub - th3gokul/CVE-2024-31982: A tool for vulnerability detection and exploitation tool for CVE-2024-31982
CVE-2023-23397
Microsoft Outlook Elevation of Privilege Vulnerability
Github link:
https://github.com/Symbolexe/CVE-2023-23397
Microsoft Outlook Elevation of Privilege Vulnerability
Github link:
https://github.com/Symbolexe/CVE-2023-23397
GitHub
GitHub - Symbolexe/CVE-2023-23397: CVE-2023-23397: Remote Code Execution Vulnerability in Microsoft Outlook
CVE-2023-23397: Remote Code Execution Vulnerability in Microsoft Outlook - Symbolexe/CVE-2023-23397
CVE-2024-28999
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
Github link:
https://github.com/HussainFathy/CVE-2024-28999
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
Github link:
https://github.com/HussainFathy/CVE-2024-28999
GitHub
GitHub - HussainFathy/CVE-2024-28999: Exploit for CVE-2024-28999 SolarWinds Platform Race Condition Vulnerability - login page
Exploit for CVE-2024-28999 SolarWinds Platform Race Condition Vulnerability - login page - HussainFathy/CVE-2024-28999
CVE-2023-27163
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning
request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.
Github link:
https://github.com/Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning
GitHub
GitHub - Rishabh-Kumar-Cyber-Sec/CVE-2023-27163-ssrf-to-port-scanning: It is a simple script to automate internal port scanning…
It is a simple script to automate internal port scanning dueto SSRF in requests-baskets v 1.2.1. this script can also assisst in solving 'SAU' machine from hackthebox - Rishabh-Kuma...
CVE-2023-49103
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
Github link:
https://github.com/d0rb/CVE-2023-49103
An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment (phpinfo). This information includes all the environment variables of the webserver. In containerized deployments, these environment variables may include sensitive data such as the ownCloud admin password, mail server credentials, and license key. Simply disabling the graphapi app does not eliminate the vulnerability. Additionally, phpinfo exposes various other potentially sensitive configuration details that could be exploited by an attacker to gather information about the system. Therefore, even if ownCloud is not running in a containerized environment, this vulnerability should still be a cause for concern. Note that Docker containers from before February 2023 are not vulnerable to the credential disclosure.
Github link:
https://github.com/d0rb/CVE-2023-49103
GitHub
GitHub - d0rb/CVE-2023-49103: This is a simple proof of concept for CVE-2023-49103.
This is a simple proof of concept for CVE-2023-49103. - d0rb/CVE-2023-49103
CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/dr3u1d/CVE-2024-34102-RCE
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/dr3u1d/CVE-2024-34102-RCE
CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/bigb0x/CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/bigb0x/CVE-2024-34102
GitHub
GitHub - bigb0x/CVE-2024-34102: POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento / Adobe Commerce.
POC for CVE-2024-34102. A pre-authentication XML entity injection issue in Magento / Adobe Commerce. - GitHub - bigb0x/CVE-2024-34102: POC for CVE-2024-34102. A pre-authentication XML entity injec...
CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/th3gokul/CVE-2024-34102
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
Github link:
https://github.com/th3gokul/CVE-2024-34102
GitHub
GitHub - th3gokul/CVE-2024-34102: CVE-2024-34102: Unauthenticated Magento XXE
CVE-2024-34102: Unauthenticated Magento XXE. Contribute to th3gokul/CVE-2024-34102 development by creating an account on GitHub.
CVE-2024-4040
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/olebris/CVE-2024-4040
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/olebris/CVE-2024-4040
GitHub
GitHub - olebris/CVE-2024-4040: CVE-2024-4040 PoC
CVE-2024-4040 PoC. Contribute to olebris/CVE-2024-4040 development by creating an account on GitHub.