gotr00t0day / CVE-2024-4040Links
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
☆8Updated last year
Alternatives and similar repositories for CVE-2024-4040
Users that are interested in CVE-2024-4040 are comparing it to the libraries listed below
Sorting:
- An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability☆8Updated last year
- Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs☆12Updated 2 years ago
- Automate Blind SQL Injection with Python.☆23Updated 2 years ago
- xdebug 2.5.5 RCE exploit☆31Updated 5 months ago
- Automated enumeration for red teamers☆7Updated 2 years ago
- my own 2fa bypass methodolgy☆24Updated last year
- ☆14Updated 3 months ago
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Updated last year
- PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal☆17Updated last year
- NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Fire…☆15Updated 5 months ago
- Single-Clich-Proxy-Chains☆10Updated 4 years ago
- hacking tools☆14Updated 2 years ago
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆18Updated last year
- Dorkey is Dork generator For Sql Injection It includes Php Aspx And other extension Its Simple Fast And Lightweight Sqli Dork Generator☆15Updated 3 years ago
- Find subdomains by searching public certificate records☆16Updated last year
- CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]☆11Updated 2 years ago
- Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution☆12Updated 7 months ago
- CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)☆29Updated last year
- VLAN attacks toolkit☆14Updated 2 years ago
- ☆13Updated last year
- Python script that generates Visual Basic Script (VBS) stagers for executing PowerShell scripts directly from specified URLs. It provides…☆13Updated last year
- A simple utility to perform reverse WHOIS lookups using whoisxml API☆44Updated last year
- Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (…☆17Updated last year
- Automated HTTP Request Repeating With Burp Suite☆38Updated 2 years ago
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆18Updated 2 years ago
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆35Updated last year
- Argument injection vulnerability in PHP☆12Updated last year
- "🔍 Subtron: Bash-driven subdomain seeker. Utilizes Subfinder, Amass, Assetfinder, and HTTPX to swiftly uncover live domains. Results sto…☆23Updated 2 weeks ago
- crawl a website for links and expose all the vulnerable parameters.☆13Updated 2 years ago
- A small and efficient tool to find open redirect vulnerabilities.☆16Updated 3 years ago