Git Product home page Git Product logo

5l1v3r1's Projects

cve-2021-26087 icon cve-2021-26087

Atlassian Confluence Server 7.5.1 Pre-Authorization Arbitrary File Read vulnerability (CVE-2021-26085)

cve-2021-26814 icon cve-2021-26814

A simple python PoC to exploit CVE-2021-26814 and gain RCE on Wazuh Manager (v.4.0.0-4.0.3) through the API service.

cve-2021-26857 icon cve-2021-26857

PoC of proxylogon chain SSRF(CVE-2021-26855) to write file by testanull, censored by github

cve-2021-26858 icon cve-2021-26858

CVE-2021-26855, also known as Proxylogon, is a server-side request forgery (SSRF) vulnerability in Exchange that allows an attacker to send arbitrary HTTP requests and authenticate as the Exchange server. According to Orange Tsai, the researcher who discovered the vulnerabilities, CVE-2021-26855 allows code execution when chained with CVE-2021-27065 (see below). A successful exploit chain would allow an unauthenticated attacker to "execute arbitrary commands on Microsoft Exchange Server through only an open 443 port." More information and a disclosure timeline are available at https://proxylogon.com.

cve-2021-27850_poc icon cve-2021-27850_poc

A Proof of concept for CVE-2021-27850 affecting Apache Tapestry and leading to unauthencticated remote code execution.

cve-2021-27905 icon cve-2021-27905

[CVE-2021-27905] Apache Solr ReplicationHandler Server Side Request Forgery (SSRF)

cve-2021-27928 icon cve-2021-27928

CVE-2021-27928 MariaDB/MySQL-'wsrep provider' 命令注入漏洞

cve-2021-28476 icon cve-2021-28476

PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys.

cve-2021-29440 icon cve-2021-29440

Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.