Directorist < 7.4.2.2 - Subscriber+ Arbitrary User Password Update via IDOR

The plugin suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own. The following Python script automates the exploitation of this vulnerability. The script was tested on an installation of WordPress 6.1 with the vulnerable...

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947 Usage: python3 CVE-2022-22947.py url...

Exploit for Path Traversal in Zimbra Collaboration

CVE-2022-41352 Zimbra Unauthenticated RCE CVE-2022-41352...

Malicious Package

Overview colorsapi is a malicious package. This is a "dependency confusion" package, which means the package name is based on existing repositories, namespaces, or components, it aims to trick users into downloading the package which contains a malicious code. The malicious package injects a...

Exploit for Code Injection in Apache Commons_Text

Text4ShellPayloads - This project includes a python script...

PSF-2022-2 Buffer overflow vulnerability in os.symlink on Windows

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates...

Backdoor.Win32.Augudor.b MVID-2022-0644 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/94ccd337cbdd4efbbcc0a6c888abb87d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Augudor.b Vulnerability: Remote File Write Code Execution Description: The...

Online Diagnostic Lab Management System 1.0 SQL Injection / Shell Upload

Exploit Title: Online Diagnostic Lab Management System - Remote Code Execution RCE Unauthenticated Google Dork: N/A Date: 2022-9-23 Exploit Author: yousef alraddadi - https://twitter.com/y0usef11 Vendor Homepage:...

pfBlockerNG 2.1.4_26 Shell Upload

!/usr/bin/env python3 Original Advisory: https://www.ihteam.net/advisory/pfblockerng-unauth-rce-vulnerability/ import argparse import requests import time import sys import urllib.parse from requests.packages.urllib3.exceptions import InsecureRequestWarning...

Exploit for Argument Injection in Atlassian Bitbucket

Atlassian Bitbucket RCE PoC - CVE-2022-36804 This repo contai...

Exploit for Argument Injection in Atlassian Bitbucket

CVE-2022-36804 You can find a python script to exploit the vul...

Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It

Organizations and security teams work to protect themselves from any vulnerability, and often don't realize that risk is also brought on by configurations in their SaaS apps that have not been hardened. The newly published GIFShell attack method, which occurs through Microsoft Teams, is a perfect...

XWiki Platform 代码注入漏洞

XWiki Platform is a suite of Wiki platforms for creating web collaboration applications from the French company XWiki. A security vulnerability exists in XWiki Platform versions prior to 13.10.6 and 14.4, which stems from the fact that if a user has a view, it is possible to use the...

CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

CVE-2022-36065 GrowthBook account creation and file upload vulnerability in self-hosted configurations

GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations in versions prior to 2022-08-29, attackers can register new accounts and upload files to arbitrary directories within the container. If the attacker uploads a Python script to the righ...

PT-2022-23153 · Unknown · Growthbook

Name of the Vulnerable Software and Affected Versions: GrowthBook versions prior to 2022-08-29 Description: GrowthBook is an open-source platform for feature flagging and A/B testing. With some self-hosted configurations, attackers can register new accounts and upload files to arbitrary directori...

Stripe: Mass Accounts Takeover Without any user Interaction at https://app.taxjar.com/

@mrasg discovered an improper access control issue in TaxJar. This could have allowed for account takeover using the email change functionality. The vulnerability was caused by not correctly validating whether or not the reset password token was connected to the user being reset and was resolved ...

Exploit for Improper Input Validation in Realtek Ecos_Rsdk_Firmware

CVE-2022-27255-checker Simple checker for CVE-2022...

User Enumeration via Response Timing

Description There is a significant timing difference in the login functionality of the Nakama Console for valid and invalid email addresses or usernames. Proof of Concept 1. Login to the Nakama Console as admin and create a User [email protected] 2. Logout 3. Attempt a Login with an incorrect passwor...

Exploit for Improper Encoding or Escaping of Output in Webmin

A Python script to exploit CVE-202...