Exploit for Unrestricted Upload of File with Dangerous Type in Gvectors Wpdiscuz

CVE-2020-24186 reverse shell upload Exploit for WpDiscuz 7.0.4...

CVE-2023-43870

When installing the Net2 software a root certificate is installed into the trusted store. A potential hacker could access the installer batch file or reverse engineer the source code to gain access to the root certificate password. Using the root certificate and password they could then create...

Bruteforce protection can be bypassed with misconfigured proxy

None...

Nim-Shell - Reverse Shell That Can Bypass Windows Defender Detection

Reverse shell that can bypass windows defender detection $ apt install nim Compilation nim c -d:mingw --app:gui nimshell.nim Change the IP address and port number you want to listen to in the nimshell.nim file according to your device. and listen $ nc -nvlp 4444 Download Nim-Shell...

Liberapay: Avatar URL is exposed in patron export for secret donations

The avatar URL was exposed in the patron export for secret donations, which could potentially identify donors who wished to remain anonymous...

CVE-2023-6563

An unconstrained memory consumption vulnerability was discovered in Keycloak. It can be triggered in environments which have millions of offline tokens 500,000 users with each having at least 2 saved sessions. If an attacker creates two or more user sessions and then open the "consents" tab of th...

Request Smuggling org.apache.tomcat:tomcat-catalina Dependency in Bamboo Data Center and Server

This High severity org.apache.tomcat:tomcat-catalina Dependency vulnerability was introduced in versions 9.2.1, 9.3.0, and 9.4.0 of Bamboo Data Center and Server. This org.apache.tomcat:tomcat-catalina Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

Exploit for Missing Authorization in Zoneminder

POC for CVE-2023-26035 Works for ZoneMinder Versions prior...

Splunk XSLT Upload Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk Authenticated XSLT Upload RCE', 'Description' = %q This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk...

Internet Bug Bounty: Possibility of Request smuggling attack

A vulnerability in Apache Tomcat allowed request smuggling due to incorrect parsing of HTTP trailer headers. A specially crafted trailer header exceeding the size limit could cause Tomcat to treat a single request as multiple requests, enabling request smuggling attacks when behind a reverse prox...

PT-2023-31567 · Caddy · Caddy-Geo-Ip

Name of the Vulnerable Software and Affected Versions: caddy-geo-ip versions 0.6.0 and earlier for Caddy 2 Description: The issue allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism, such as the trusted proxy directive in revers...

Exploit for OS Command Injection in Cisco Ios_Xe

CVE-2023-20273 CVE-2023-20273 Exploit PoC Usage usage:...

Apache Tomcat 9.0.0-M1 < 9.0.83 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.95, 9.0.0-M1 to 9.0.82 or 10.1.0-M1 to 10.1.15. It is, therefore, affected by a request smuggling vulnerability. Tomcat did not correctly parse HTTP trailer headers. A specially crafted trailer header that exceeded the head...

Apache Tomcat 8.5.x < 8.5.96 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.95, 9.0.0-M1 to 9.0.82 or 10.1.0-M1 to 10.1.15. It is, therefore, affected by a request smuggling vulnerability. Tomcat did not correctly parse HTTP trailer headers. A specially crafted trailer header that exceeded the head...

USN-6530-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...

New Threat Actor 'AeroBlade' Emerges in Espionage Attack on U.S. Aerospace

A previously undocumented threat actor has been linked to a cyber attack targeting an aerospace organization in the U.S. as part of what's suspected to be a cyber espionage mission. The BlackBerry Threat Research and Intelligence team is tracking the activity cluster as AeroBlade. Its origin is...

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47106

Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...

CVE-2023-47106

Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...