bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad)

Close

bAuh0lz / CVE-2023-0297_Pre-auth_RCE_in_pyLoadView on GitHubMore

• External links
• Readme badge

CVE-2023-0297: The Story of Finding Pre-auth RCE in pyLoad

☆28Jan 14, 2023Updated 3 years ago

Alternatives and similar repositories for CVE-2023-0297_Pre-auth_RCE_in_pyLoad

Users that are interested in CVE-2023-0297_Pre-auth_RCE_in_pyLoad are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• UncleJ4ck / CVE-2021-41091

  View on GitHub
  POC for CVE-2021-41091
  ☆65May 20, 2023Updated 2 years ago
• mastercodeon314 / NugetBackdoor

  View on GitHub
  A framework for backdooring Microsoft Nuget packages.
  ☆10Jan 9, 2024Updated 2 years ago
• shamo0 / PDFkit-CMD-Injection

  View on GitHub
  CVE-2022-25765 pdfkit <0.8.6 command injection.
  ☆15Dec 21, 2022Updated 3 years ago
• FredBrave / CVE-2022-46169-CACTI-1.2.22

  View on GitHub
  This is a exploit of CVE-2022-46169 to cacti 1.2.22. This exploit allows through an RCE to obtain a reverse shell on your computer.
  ☆41Sep 11, 2023Updated 2 years ago
• jakabakos / Apache-OFBiz-Authentication-Bypass

  View on GitHub
  This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.
  ☆72Mar 24, 2024Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• PurpleWaveIO / CVE-2022-25765-pdfkit-Exploit-Reverse-Shell

  View on GitHub
  pdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sa…
  ☆20Dec 6, 2022Updated 3 years ago
• nikn0laty / Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection

  View on GitHub
  Reverse Shell Exploit for Searchor <= 2.4.2 (2.4.0)
  ☆17May 27, 2023Updated 2 years ago
• Lserein / CVE-2023-35844

  View on GitHub
  Lightdash文件读取漏洞（CVE-2023-35844）
  ☆20Jun 26, 2023Updated 2 years ago
• yqcs / CSPOC

  View on GitHub
  Cobalt Strike RCE CVE-2022-39197
  ☆17Sep 25, 2022Updated 3 years ago
• es0j / CVE-2023-0045

  View on GitHub
  ☆14Feb 7, 2023Updated 3 years ago
• Pwnd4 / DefenseEvasion

  View on GitHub
  Bypassing AV, EDR, Application Whitelisting and ASR Rules
  ☆13Apr 18, 2023Updated 2 years ago
• alfarom256 / CVE-2022-45451

  View on GitHub
  PoC for Acronis Arbitrary File Read - CVE-2022-45451
  ☆18Dec 20, 2022Updated 3 years ago
• fin3ss3g0d / HookFinder

  View on GitHub
  Simple PoC to locate hooked functions by EDR in ntdll.dll
  ☆46Jul 16, 2023Updated 2 years ago
• RCStep / RedTeam_Tools_n_Stuff

  View on GitHub
  Collection of self-made Red Team tools that have come in handy
  ☆12Aug 25, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• matro7sh / keepass-dump-masterkey

  View on GitHub
  Script to retrieve the master password of a keepass database <= 2.53.1
  ☆114Apr 8, 2024Updated 2 years ago
• diego-tella / CVE-2023-1326-PoC

  View on GitHub
  A proof of concept for CVE-2023–1326 in apport-cli 2.26.0
  ☆21Dec 6, 2023Updated 2 years ago
• SakuraSamuraii / ez-iRZ

  View on GitHub
  Exploit for CVE-2022-27226
  ☆15Mar 19, 2022Updated 4 years ago
• c0rdis / openfire_decrypt

  View on GitHub
  Little java tool to decrypt passwords from Openfire embedded-db
  ☆16Nov 14, 2015Updated 10 years ago
• Hagrid29 / BOF-RemoteRegSave

  View on GitHub
  Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer
  ☆17Mar 4, 2023Updated 3 years ago
• rkbennett / pyThreadlessInject

  View on GitHub
  A python port of CCob's ThreadlessInject
  ☆25Mar 18, 2023Updated 3 years ago
• chebuya / minegrief

  View on GitHub
  Self-spreading Java malware targeting Minecraft servers. Infected servers are capable of scanning for other vulnerable servers, encryptin…
  ☆16Dec 23, 2024Updated last year
• Altelus1 / CVE-2022-24707

  View on GitHub
  PoC of CVE-2022-24707
  ☆13May 3, 2022Updated 3 years ago
• rvizx / CVE-2023-26035

  View on GitHub
  Unauthenticated RCE in ZoneMinder Snapshots - Poc Exploit
  ☆23May 7, 2024Updated last year
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• rbmm / DirectSysCall

  View on GitHub
  ☆12Jul 2, 2023Updated 2 years ago
• RedSiege / SharpCollectionTemplate

  View on GitHub
  ☆14Sep 26, 2023Updated 2 years ago
• MythicMeta / ExampleContainers

  View on GitHub
  Examples of various container types for Python and Golang
  ☆15Aug 29, 2025Updated 7 months ago
• vanboomqi / CVE-2024-23692

  View on GitHub
  ☆10Jun 15, 2024Updated last year
• keven1z / CVE-2021-22205

  View on GitHub
  CVE-2021-22205 检测脚本,支持getshell和命令执行
  ☆12Jul 25, 2022Updated 3 years ago
• JC175 / CVE-2022-32119

  View on GitHub
  CVE-2022-32119 - Arox-Unrestricted-File-Upload
  ☆17Dec 20, 2023Updated 2 years ago
• Wjinlei / hwsaudit

  View on GitHub
  使用Go语言开发的Linux权限审计工具
  ☆13Jun 15, 2022Updated 3 years ago
• boku7 / LibreHealth-authRCE

  View on GitHub
  LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …
  ☆12Jul 19, 2020Updated 5 years ago
• vysecurity / Nemesis-Download-Watcher

  View on GitHub
  Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.
  ☆15Feb 29, 2024Updated 2 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• mfdooom / threadless_loader_rs

  View on GitHub
  Threadless Injection Payload Toolkit
  ☆12Oct 12, 2023Updated 2 years ago
• Acceis / exploit-CVE-2023-23752

  View on GitHub
  Joomla! < 4.2.8 - Unauthenticated information disclosure
  ☆92Dec 27, 2023Updated 2 years ago
• seriotonctf / kerberos_aes_key

  View on GitHub
  Generate AES128 and AES256 Kerberos keys from a given username, password, and realm
  ☆18Sep 18, 2024Updated last year
• gobysec / CVE-2023-28432

  View on GitHub
  MiniO verify interface sensitive information disclosure vulnerability (CVE-2023-28432)
  ☆10Mar 24, 2023Updated 3 years ago
• voidz0r / CVE-2022-44268

  View on GitHub
  A PoC for the CVE-2022-44268 - ImageMagick arbitrary file read
  ☆217Mar 24, 2025Updated last year
• fin3ss3g0d / NativeThreadpool

  View on GitHub
  Work, timer, and wait callback example using solely Native Windows APIs.
  ☆88Feb 11, 2024Updated 2 years ago
• mbadanoiu / CVE-2025-20029

  View on GitHub
  CVE-2025-20029: Command Injection in TMSH CLI in F5 BIG-IP
  ☆22Feb 23, 2025Updated last year