7 matches found
Exploit for Path Traversal in Gitlab
CVE-2020-10977 read and execute About CVE-2020-10977 - Ha...
CVE-2020-10977
creationtimestamp| type| source ---|---|--- 2020-12-09 17:40:24+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/gitlabfilereadrce.rb 2021-09-21 06:42:47+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/177 2024-10-09...
Exploit for Path Traversal in Gitlab
CVE-2020-10977.py authenticated arbitrary file read for Gitla...
Exploit for Path Traversal in Gitlab
CVE-2020-10977 GitLab 12.9.0 Arbitrary File Read Target...
CVE-2020-10977
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects...
CVE-2020-10977
GitLab CVE-2020-10977 is an authenticated arbitrary file read (path traversal) vulnerability in GitLab CE/EE 8.5–12.9 used to exfiltrate Rails secret_key_base and chain a remote code execution via a crafted signed cookie. Public PoCs/exploits demonstrate reading secrets.yml and achieving RCE thro...
CVE-2020-10977
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects. Recent assessments: wvu-r7 at June 09, 2020 10:49pm UTC reported: @zeroSteiner pointed us to this exploit chain today: . It uses CVE-2020-10535 to satisfy the authentication requirement. Note that...