CVE-2018-15961

cve-2018-15961

CVE-2018-15961 This is part of Cved: a tool to manage vulnerable docker containers Cved: gitlabcom/git-rep/cved Image source: githubcom/cved-sources/cve-2018-15961 Image author: bintraycom/eaps/coldfusion/cf%3Acoldfusion/201800

CVE-2018-15961py An exploit for CVE-2018-15961

CVE-2018-15961 - Adobe ColdFusion RCE This repository contains my exploit code for the RCE vulnerability in Adobe ColdFusion 2021 Exploit Description The exploit sends a POST request containing a JSP reverse shell to /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadcfm If successfull, this uploads the shell to /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/

CVE-2018-15961 - Adobe ColdFusion 2018 RCE This repository contains my exploit code for the RCE vulnerability in Adobe ColdFusion 2018 Usage

Unrestricted file upload in Adobe ColdFusion

CVE-2018-15961 Unrestricted file upload in Adobe ColdFusion POST /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadcfm HTTP/11 Host: coldfusion:port User-Agent: Mozilla/50 (Windows NT 100; WOW64) AppleWebKit/53736 (KHTML, like Gecko) Chrome/62032029 Safari/53736 Content-Type: multipart/form-data; boundary=---------------------------24464570528145 Content-Leng

Web-Coldfusion-Vulnerability-POC PT-BR PAPER **neste paper irei falar sobre vulnerabilidades em Servidor Web ColdFusion endpoints web server coldfusion: cfc, cfm, cfml e outros primeiro CVE: CVE-2018-15961** ############## entrypoint: /cf_scripts/scripts/ajax/ckeditor/plugins/filemanager/uploadcfm dorks: você pode procurar pelos endpoints, exemplo ext:cfc ou ext:cfm ou e

OpenVAS XML Report Converter: A Flask light webpage to help convert OpenVAS XML into reports Uses latest OpenVAS Reporting Convert any OpenVAS XML Report into an Excel worksheet or a Word Document You can specify filters like which networks are included (or excluded) in the report or which vulnerabilities or which CVES Requirements (maybe others complete list on requireme

OpenVAS XML Report Converter: A Flask light webpage to help convert OpenVAS XML into reports Uses latest OpenVAS Reporting Convert any OpenVAS XML Report into an Excel worksheet or a Word Document You can specify filters like which networks are included (or excluded) in the report or which vulnerabilities or which CVES Requirements (maybe others complete list on requir

CVEs enumerated by FireEye and that should be addressed to limit the effectiveness of leaked the Red Team tools CVE-2019-11510 – pre-auth arbitrary file reading from Pulse Secure SSL VPNs - CVSS 100 CVE-2020-1472 – Microsoft Active Directory escalation of privileges - CVSS 100 CVE-2018-13379 – pre-auth arbitrary file reading from Fortinet Fortigate SSL VPN

vFeed CVEs Vulnerability Indicators that should be addressed to limit the effectiveness of the Leaked FireEye Red Team tools CVE-2019-11510 – pre-auth arbitrary file reading from Pulse Secure SSL VPNs - CVSS 100 CVE-2020-1472 – Microsoft Active Directory escalation of privileges - CVSS 100 CVE-2018-13379 – pre-auth arbitrary file reading from Fortinet Forti

Awesome-POC 【免责声明】本仓库所涉及的技术、思路和工具仅供学习，任何人不得将其用于非法用途和盈利，否则后果自行承担。 目录 [AspCMS commentListasp SQL注入漏洞](CMS漏洞/AspCMS%20commentListasp SQL注入漏洞md) [BSPHP indexphp 未授权访问 信息泄露漏洞](CMS漏洞/BSPHP%20indexphp 未授权访问 信息�

Normal-POC 【免责声明】本仓库所涉及的技术、思路和工具仅供安全技术研究，任何人不得将其用于非授权渗透测试，不得将其用于非法用途和盈利，否则后果自行承担。 0x01 项目导航 CMS漏洞 AspCMS commentListasp SQL注入漏洞 BSPHP indexphp 未授权访问 信息泄露漏洞 CmsEasy crossall_actphp SQL注入漏

Normal-POC 【免责声明】本仓库所涉及的技术、思路和工具仅供安全技术研究，任何人不得将其用于非授权渗透测试，不得将其用于非法用途和盈利，否则后果自行承担。 0x01 项目导航 CMS漏洞 AspCMS commentListasp SQL注入漏洞 BSPHP indexphp 未授权访问 信息泄露漏洞 CmsEasy crossall_actphp SQL注入漏

goby poc (共926个) 最近一次检查时间 2022-12-03 10:14:29 收集记录 文件名称 收录时间 H3C-IMC-dynamiccontentpropertiesxhtm-RCEjson 2022-12-03 10:13:52 Oracle-Weblogic-Server-Deserialization-RCE(CVE-2018-2628)json 2022-12-03 10:13:52 tongda-OA-file-include-getshelljson 2022-12-03 10:13:52 H3C-Next-generation-firewall-File-readjson 2022-12-03

PoC in GitHub 2020 CVE-2020-0014 It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable This could lead to a local escalation of privilege with no additional execution privileges needed User action is needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Android-10Android ID: A-1286745

PoC auto collect from GitHub.

PoC in GitHub 2020 CVE-2020-0022 In reassemble_and_dispatch of packet_fragmentercc, there is possible out of bounds write due to an incorrect bounds calculation This could lead to remote code execution over Bluetooth with no additional execution privileges needed User interaction is not needed for exploitationProduct: AndroidVersions: Android-80 Android-81 Android-9 Andr

Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out current Contents CVE-2011-2856 CVE-2011-3243 CVE-2013-2618 CVE-2013-6632 CVE-2014-1701 CVE-2014-1705 CVE-2014-1747 CVE-2014-3176 CVE-2014-6332 CVE-2014-7927 CVE-2014-7928 CVE-2015-0072 CVE-2015-0235 CVE-2015-0240 CVE-2015-1233 CVE-2015-1242 CVE-2015-1268 CV

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common

Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :