Rocky Linux 8 : python38:3.8 (RLSA-2021:1879)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1879 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker control...

NetworkAssessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

The Network Compromise Assessment Tool is designed to analyze pcap files to detect potential suspicious network traffic. This tool focuses on spotting abnormal activities in the network traffic and searching for suspicious keywords. DNS Tunneling Detection : Identifies potential covert...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

This is a PoC exploit for CVE-2023-27163, a remote code executio...

Exploit for Server-Side Request Forgery in Rbaskets Request_Baskets

This is a PoC exploit for CVE-2023-27163, a remote code executio...

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

CVE-2023-22515 Exploit Script 🔐 This script is designed to ex...

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 PoC Automation Script This script provides an...

Moniorg - Tool That Leverages Crt.Sh Website To Monitor Domains Of A Target

By looking through CT logs an attacker can gather a lot of information about organization's infrastructure i.e. internal domains,email addresses in a completly passive manner. moniorg leverage certificate transparency logs to monitor for newly issued domains based on organization field in their S...

Thruk Monitoring Web Interface 3.06 - Path Traversal Exploit

Exploit Title: Thruk Monitoring Web Interface 3.06 - Path Traversal Exploit Author: Galoget Latorre @galoget CVE: CVE-2023-34096 Galoget Latorre Vendor Homepage: https://thruk.org/ Software Link: https://github.com/sni/Thruk/archive/refs/tags/v3.06.zip Software Link + Exploit + PoC Backup:...

Thruk Monitoring Web Interface 3.06 - Path Traversal

Exploit Title: Thruk Monitoring Web Interface 3.06 - Path Traversal Date: 08-Jun-2023 Exploit Author: Galoget Latorre @galoget CVE: CVE-2023-34096 Galoget Latorre Vendor Homepage: https://thruk.org/ Software Link: https://github.com/sni/Thruk/archive/refs/tags/v3.06.zip Software Link + Exploit +...

Online Security Guards Hiring System 1.0 - Reflected XSS Exploit

Exploit Title: Online Security Guards Hiring System 1.0 – REFLECTED XSS Exploit Author : AFFAN AHMED Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/projects/Online-Security-Guard-Hiring-SystemPHP.zip Version: 1.0 Tested on: Windows 11 + XAMPP + PYTHON-3.X CVE :...

Exploit for OS Command Injection in Eparks Fiberlink_210_Firmware

CVE-2023-33617 Authenticated OS command injection vulnerabili...

K000133759: Python vulnerability CVE-2020-26116

Security Advisory Description http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of...

Responsive FileManager 9.9.5 - Remote Code Execution Exploit

Exploit Title: Responsive FileManager 9.9.5 - Remote Code Execution RCE Exploit Author: Galoget Latorre @galoget Vendor Homepage: https://responsivefilemanager.com Software Link: https://github.com/trippo/ResponsiveFilemanager/releases/download/v9.9.5/responsivefilemanager.zip Dockerfile:...

Exploit for OS Command Injection in Netgate Pfblockerng

pfBlockerNG T...

Exploit for External Control of File Name or Path in Fortinet Fortinac

FortiNAC CVE-2022-39952 PoC for CVE-2022-39952 affecting F...

AlmaLinux 8 : python3 (ALSA-2023:0833)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0833 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse a...

Rocky Linux 8 : python3 (RLSA-2023:0833)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0833 advisory. - DISPUTED Python 3.x through 3.10 has an open redirection vulnerability in lib/http/server.py due to no protection against multiple / at the beginning ...

Fedora 35 : pypy3.7 (2022-01d5789c08)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-01d5789c08 advisory. Backport fix for CVE-2021-28861 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 35 : pypy3.8 (2022-fde69532df)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-fde69532df advisory. Backport fix for CVE-2021-28861 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 36 : pypy3.7 (2022-2173709172)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-2173709172 advisory. Backport fix for CVE-2021-28861 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...