CVE-2021-43798.zip
5.3 KB
CVE-2021-43798
Author: strikoder
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is:
GitHub Link:
https://github.com/strikoder/Grafana-Password-Decryptor
Author: strikoder
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is:
<grafana_host_url>/public/plugins//, where is the plugin ID for any installed plugin. At no time has Grafana Cloud been vulnerable. Users are advised to upgrade to patched versions 8.0.7, 8.1.8, 8.2.7, or 8.3.1. The GitHub Security Advisory contains more information about vulnerable URL paths, mitigation, and the disclosure timeline.GitHub Link:
https://github.com/strikoder/Grafana-Password-Decryptor
CVE-2004-2687.zip
1.2 KB
CVE-2004-2687
Author: nulltrace1336
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
GitHub Link:
https://github.com/nulltrace1336/Metasploitable-2-Distcc-Exploit-via-Kali-Linux-CVE-2004-2687
Author: nulltrace1336
distcc 2.x, as used in XCode 1.5 and others, when not configured to restrict access to the server port, allows remote attackers to execute arbitrary commands via compilation jobs, which are executed by the server without authorization checks.
GitHub Link:
https://github.com/nulltrace1336/Metasploitable-2-Distcc-Exploit-via-Kali-Linux-CVE-2004-2687
CVE-2012-1823.zip
1.1 KB
CVE-2012-1823
Author: nulltrace1336
sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain phpgetopt for the 'd' case.
GitHub Link:
https://github.com/nulltrace1336/PHP-CGI-Argument-Injection-Exploit
Author: nulltrace1336
sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script (aka php-cgi), does not properly handle query strings that lack an = (equals sign) character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string, related to lack of skipping a certain phpgetopt for the 'd' case.
GitHub Link:
https://github.com/nulltrace1336/PHP-CGI-Argument-Injection-Exploit
CVE-2023-30253.zip
3.1 KB
CVE-2023-30253
Author: 1lkla
Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
GitHub Link:
https://github.com/1lkla/POC-exploit-for-Dolibarr
Author: 1lkla
Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
GitHub Link:
https://github.com/1lkla/POC-exploit-for-Dolibarr