Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/rhinosecuritylabs/cves
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
https://github.com/rhinosecuritylabs/cves
Last synced: about 17 hours ago
JSON representation
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
- Host: GitHub
- URL: https://github.com/rhinosecuritylabs/cves
- Owner: RhinoSecurityLabs
- License: bsd-3-clause
- Created: 2018-12-18T21:25:50.000Z (almost 6 years ago)
- Default Branch: master
- Last Pushed: 2024-07-04T14:42:36.000Z (4 months ago)
- Last Synced: 2024-08-01T09:24:35.582Z (3 months ago)
- Language: Python
- Homepage:
- Size: 19.3 MB
- Stars: 788
- Watchers: 40
- Forks: 236
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-security-collection - **306**星 - of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs. (<a id="8c5a692b5d26527ef346687e047c5c21"></a>收集)
README
# Rhino CVE Proof-of-Concept Exploits
A collection of proof-of-concept exploit scripts written by the team at Rhino Security Labs for various CVEs.
* [CVE-2024-2449: Cross-Site Requets Forgery in Progress Kemp LoadMaster](CVE-2024-2449/)
* [CVE-2024-2448: Authenticated Command Injection in Progress Kemp LoadMaster](CVE-2024-2448/)
* [CVE-2024-2389: Progress Software Flowmon Unauthenticated Command Injection](CVE-2024-2389/)
* [CVE-2024-23724: Ghost CMS Stored XSS Leading to Owner Takeover](CVE-2024-23724/)
* [CVE-2024-1212: Unauthenticated Command Injection in Progress Kemp LoadMaster](CVE-2024-1212/)
* [CVE-2023-47327: Silverpeas Core Space Create Function is vulnerable to Broken Access Control](CVE-2023-47327/)
* [CVE-2023-47326: Silverpeas Core Domain Creation is vulnerable to CSRF](CVE-2023-47326/)
* [CVE-2023-47325: Silverpeas Core Broken Access Control on the "Bin" Allows Modification of Deleted Spaces](CVE-2023-47325/)
* [CVE-2023-47324: Silverpeas Core Stored XSS in Messages](CVE-2023-47324/)
* [CVE-2023-47323: Silverpeas Core Broken Access Control Allows Reading All Messages](CVE-2023-47323/)
* [CVE-2023-47322: Silverpeas Core CSRF Leading to Privilege Escalation](CVE-2023-47322/)
* [CVE-2023-47321: Silverpeas Core Portlet Deployer Access via Broken Access Control](CVE-2023-47321/)
* [CVE-2023-47320: Silverpeas Core Denial of Service via Broken Access Control](CVE-2023-47320/)
* [CVE-2023-43121: Extreme Networks EXOS Unauthenticated File Read](CVE-2023-43121/)
* [CVE-2023-43120: Extreme Networks EXOS Privilege Escalation from read-only User to Admin](CVE-2023-43120/)
* [CVE-2023-43119: Extreme Networks EXOS Arbitrary File Write as Root](CVE-2023-43119/)
* [CVE-2023-43118: Extreme Networks EXOS CSRF to RCE](CVE-2023-43118/)
* [CVE-2022-25372: Local Privilege Escalation In Pritunl VPN Client](CVE-2022-25372/)
* [CVE-2022-25237: Authorization Bypass Leading to RCE in Bonitasoft Web](CVE-2022-25237/)
* [CVE-2022-25166: AWS VPN Client Arbitrary File Write as SYSTEM](CVE-2022-25166/)
* [CVE-2022-25165: AWS VPN Client Information Disclosure Via UNC Path](CVE-2022-25165/)
* [CVE-2021-38112: AWS WorkSpaces Remote Code Execution](CVE-2021-38112/)
* [CVE-2020-5377 and CVE-2021-21514: Dell OpenManage Server Administrator Arbitrary File Read](CVE-2020-5377_CVE-2021-21514/)
* [CVE-2020-13405: MicroWeber Unauthenticated User Database Disclosure](CVE-2020-13405/)
* [CVE-2019-9926: LabKey Server CSRF](CVE-2019-9926/)
* [CVE-2019-9758: LabKey Server Stored XSS](CVE-2019-9758/)
* [CVE-2019-9757: LabKey Server XXE](CVE-2019-9757/)
* [CVE‑2019‑5678: Command Injection in Nvidia GeForce Experience Web Helper](CVE-2019-5678/)
* [CVE‑2019‑5674: NVIDIA GeForce Experience Arbitrary File Overwrites](CVE-2019-5674/)
* [CVE-2019-3722: Dell EMC OpenManage Server Administrator (OMSA) XXE](CVE-2019-3722/)
* [CVE‑2019‑16864: CompleteFTP Server Authenticated Remote Command Execution](CVE-2019-16864/)
* [CVE‑2019‑16116: CompleteFTP Server Local Privilege Escalation ](CVE-2019-16116/)
* [CVE-2019-0227: Apache Axis 1.4 Remote Code Execution](CVE-2019-0227/)
* [CVE-2018-8024: Apache Spark XSS vulnerability in UI](CVE-2018-8024/)
* [CVE-2018-5758: XXE in Jive-n](CVE-2018-5758/)
* [CVE-2018-5757: RCE In AudioCodes 450HD Phone](CVE-2018-5757/)
* [CVE-2018-20621: MEmu Android Emulator Local Privilege Escalation](CVE-2018-20621/)
* [CVE-2018-1335: Command Injection in Apache Tika-server](CVE-2018-1335/)
* [CVE-2018-1000110: User and Node Enumeration Through Jenkins Git Plugin