24 Дек 2024
Подкаст эксплойтов
24.12.2024
- CVE-2024-54679:
Cyber Panel DoS
https://github.com/hotplugin0x01/CVE-2024-54679 - CVE-2024-39090:
CSRF to Stored XSS in PHP Gurukul Online Shopping Portal v2.0
https://github.com/ghostwirez/CVE-2024-39090-PoC - CVE-2023-23586:
Linux vDSO and VVAR
https://u1f383.github.io/linux/2024/12/11/linux-vdso-and-vvar.html - Hacking Kerio Control via CVE-2024-52875: from CRLF Injection to 1-click RCE
https://karmainsecurity.com/hacking-kerio-control-via-cve-2024-52875 - CVE-2024-38819:
https://github.com/masa42/CVE-2024-38819-POC - CVE-2024-24942:
Path traversal in SwaggerUI-java within JetBrains TeamCity
https://blog.0daylabs.com/2024/12/11/jetbrains-teamcity-authbypass-path-traversal - CVE-2024-50379:
Apache Tomcat RCE
https://github.com/ph0ebus/Tomcat-CVE-2024-50379-Poc - CVE-2024-48990:
Qualys needrestart <3.8 — Uncontrolled Search Path Element
https://github.com/makuga01/CVE-2024-48990-PoC - CVE-2024-53677:
Critical Apache Struts RCE
https://github.com/TAM-K592/CVE-2024-53677-S2-067 - CVE-2024-10793:
WP Activity Log plugin XSS
https://github.com/windz3r0day/CVE-2024-10793 - CVE-2024-55875:
Kotlin HTTP XXE/SSRF
https://github.com/JAckLosingHeart/CVE-2024-55875