Exploit for CVE-2021-3129

CVE-2021-3129exploit Exploit for CVE-2021-3129 Lab setup:...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2020-9484 Click the image to watch the vide...

Prototype Pollution in immer

Overview Affected versions of immer are vulnerable to Prototype Pollution. Proof of exploit js const applyPatches, enablePatches = require"immer"; enablePatches; let obj = ; console.log"Before : " + obj.polluted; applyPatches, op: 'add', path: "proto", "polluted" , value: "yes" ; // applyPatches,...

airflow-util-dv (>=1.2.1 <=1.6.2), apache-liminal (>=0.0.1.post1 <=0.0.3rc4) +8 more potentially affected by CVE-2020-17513 via apache-airflow (>=1.10.1 <=1.10.12)

apache-airflow PYPI version =1.10.1, =1.2.1, =0.0.1.post1, =0.0.1, =0.50.1, =0.0.1, =6.0.0, =0.1.0, =10.3.0rc1, =0.5.0a9, =0.6.0a15 Source cves: CVE-2020-17513 Source advisory: OSV:PYSEC-2020-20...

airflow-util-dv (>=1.2.1 <=1.6.2), apache-liminal (>=0.0.1.post1 <=0.0.3rc4) +8 more potentially affected by CVE-2020-17511 via apache-airflow (>=1.10.1 <=1.10.12)

apache-airflow PYPI version =1.10.1, =1.2.1, =0.0.1.post1, =0.0.1, =0.50.1, =0.0.1, =6.0.0, =0.1.0, =10.3.0rc1, =0.5.0a9, =0.6.0a15 Source cves: CVE-2020-17511 Source advisory: OSV:PYSEC-2020-262...

Car Rental Management System 1.0 - SQL Injection / Local File include

Exploit Title: Car Rental Management System 1.0 - SQL Injection / Local File include Date: 22-10-2020 Exploit Author: Mosaaed Vendor Homepage: https://www.sourcecodester.com/php/14544/car-rental-management-system-using-phpmysqli-source-code.html Software Link:...

Anti-Spam by CleanTalk < 5.149 - Multiple Authenticated SQL Injections

Multiple authenticated SQL injections in the Anti-Spam by CleanTalk plugin 5.148 exist, however, it requires high privilege user admin+. Vulnerable functions: removeLogs and removeSpam at: lib/Cleantalk/ApbctWP/FindSpam/ListTable/Users.php Sleep query: POST...

DRUPAL-CONTRIB-2020-035

The File Example submodule within the Examples project does not properly sanitize certain filenames as described in SA-CORE-2020-012, along with other related vulnerabilities. Therefore, File Example so is being removed from Examples until a version demonstrating file security best practices can...

Examples for Developers - Critical - Remote Code Execution - SA-CONTRIB-2020-035

The File Example submodule within the Examples project does not properly sanitize certain filenames as described in SA-CORE-2020-012, along with other related vulnerabilities. Therefore, File Example so is being removed from Examples until a version demonstrating file security best practices can...

Mailman 2.1.23 Cross Site Scripting

Title: Mailman 1.x 2.1.23 - Cross Site Scripting XSS Type: Reflected XSS Software: Mailman Version: =1.x = 2.1.23 Vendor Homepage: https://www.list.org Original link: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5950 POC Author: Valerio Alessandroni Date: 28/10/2020 Description:...

CSRFER - Tool To Generate CSRF Payloads Based On Vulnerable Requests

CSRFER is a tool to generate csrf payloads, based on vulnerable requests. It parses supplied requests to generate either a form or a fetch request. The payload can then be embedded in an html template. Installation / / | \ | | \ | / /\ --.| |/ / | | | | |/ / | | --. \ /| | | || / | /// / |\ |...

CMS Made Simple 2.2.14 Shell Upload

Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: - Date: 2020-07-29 Exploit Author: Roel van Beurden Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/14793/cmsms-2.2.14-install.zip Version: 2.2.14 Tested...

Command injection

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...

PYSEC-2020-14

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...

PYSEC-2020-14

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...

CVE-2020-11978

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler depending o...

PT-2020-6601 · Apache · Apache Airflow

Name of the Vulnerable Software and Affected Versions: Apache Airflow versions 1.10.10 and below Description: The issue is related to a command injection vulnerability in Apache Airflow, which can be exploited by a remote attacker to execute arbitrary commands with superuser privileges. This...

ParamSpider - Mining Parameters From Dark Corners Of Web Archives

ParamSpider : Parameter miner for humans. Key Features : Finds parameters from web archives of the entered domain. Finds parameters from subdomains as well. Gives support to exclude urls with specific extensions. Saves the output result in a nice and clean manner. It mines the parameters from web...

Monalisa < 2.1.3 - Unauthenticated Reflected Cross-Site Scripting (XSS)

An Unauthenticated Reflected XSS vulnerability was discovered in the Monalisa theme through 2.1.2 for WordPress. https://example.com/reservation/?state=1%22--%3E%3Cimg%20src=x%20onerror=alertXSS;%3E...

ShellGen - Reverse shell generator

This is a simple script that will generate a specific or all shellcodes for CTFs using the VPN IP address on tun0 the IPv4. INFORMATION Update has been made from sys library to argparse library done in version 0.8 Usage For help: shellgen -h shellgen --help If you want to skip update and just get...