POC CVE-2020-1938

 Posted on January 11, 2025  |  3 minutes  |  499 words  |  admin

CVE-2020-1938 is a critical vulnerability affecting the Apache Tomcat server that allows remote code execution (RCE). It specifically concerns the AJP (Apache JServ Protocol) connector, which is often enabled by default. [Read More]
cve-poc  download 

POC CVE-2023-3824

 Posted on January 11, 2025  |  3 minutes  |  531 words  |  admin

CVE-2023-3824 is a critical remote code execution (RCE) vulnerability in PHP, affecting versions 8.0.x (before 8.0.30), 8.1.x (before 8.1.22), and 8.2.x (before 8.2.8). The vulnerability arises from insufficient length checking when processing PHAR files (PHP’s archive format), specifically when reading PHAR directory entries in the Phar::loadPhar() function. [Read More]
cve-poc  download 

POC CVE-2001-1473

 Posted on January 10, 2025  |  2 minutes  |  276 words  |  admin

How to exploit CVE-2001-1473 We employed a novel approach to an age-old vulnerability in the SSH-1 protocol, as described by CVE-2001-1473. This vulnerability enables a Man-in-the-Middle (MITM) server to intercept an SSH-1 session between a client and a vulnerable server, potentially exposing the user’s private key. [Read More]
cve-poc  download 

POC CVE-2019-11248

 Posted on January 10, 2025  |  5 minutes  |  860 words  |  admin

Overview This repository contains a proof-of-concept (PoC) exploit for CVE-2019-11248, a medium-severity vulnerability in Kubernetes’ Kubelet, which can lead to Remote Code Execution (RCE) under certain conditions. The vulnerability stems from the exposure of the /debug/pprof endpoint on the Kubelet’s healthz port. [Read More]
cve-poc  download 

POC CVE-2019-21716

 Posted on January 10, 2025  |  3 minutes  |  597 words  |  admin

About CVE-2023-21716 is a critical vulnerability in Microsoft Word, specifically affecting the RTF (Rich Text Format) parsing functionality, which allows for remote code execution (RCE). Here’s a breakdown of what this vulnerability entails and why it’s significant: [Read More]
cve-poc  download 

POC CVE-2021-31755

 Posted on January 10, 2025  |  2 minutes  |  376 words  |  admin

The issue is a stack buffer overflow vulnerability discovered in Tenda AC11 routers, with firmware versions through 02.03.01.104_CN. This type of vulnerability, if exploited, allows attackers to execute arbitrary code on the affected device. [Read More]
cve-poc  download 

POC CVE-2024-5057

 Posted on January 10, 2025  |  1 minutes  |  199 words  |  admin

About CVE-2024-5057 is a critical SQL Injection vulnerability identified in the Easy Digital Downloads plugin for WordPress, affecting versions up to and including 3.2.12. Description: The vulnerability arises from improper neutralization of special elements used in SQL commands, allowing unauthenticated attackers to inject malicious SQL queries. [Read More]
cve-poc  download