gotr00t0day / CVE-2024-4040Links
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
☆8Updated last year
Alternatives and similar repositories for CVE-2024-4040
Users that are interested in CVE-2024-4040 are comparing it to the libraries listed below
Sorting:
- ☆14Updated 4 months ago
- Automated enumeration for red teamers☆7Updated 2 years ago
- Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution☆12Updated 8 months ago
- Automate Blind SQL Injection with Python.☆23Updated 2 years ago
- A simple utility to perform reverse WHOIS lookups using whoisxml API☆44Updated last year
- Python script that generates Visual Basic Script (VBS) stagers for executing PowerShell scripts directly from specified URLs. It provides…☆13Updated last year
- Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (…☆17Updated last year
- crawl a website for links and expose all the vulnerable parameters.☆13Updated 2 years ago
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Updated last year
- ☆13Updated last year
- PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal☆17Updated last year
- my own 2fa bypass methodolgy☆24Updated last year
- Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs☆12Updated 2 years ago
- Find subdomains by searching public certificate records☆16Updated last year
- xdebug 2.5.5 RCE exploit☆31Updated 6 months ago
- CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)☆29Updated last year
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆18Updated 2 years ago
- ParamFirstCheck identifies in a list of urls those containing a parameter of the top 25 of the most vulnerable parameters for SQLi, LFI, …☆35Updated last year
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆18Updated last year
- NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Fire…☆15Updated 6 months ago
- CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]☆11Updated 2 years ago
- A python script to check if URLs are allowed or disallowed by a robots.txt file.☆22Updated 5 months ago
- This Python script provides functionality to encode PowerShell commands while preserving the environment variables. It's especially usefu…☆16Updated last year
- Burp extension used to snip any header from all the requests.☆23Updated last year
- Automated HTTP Request Repeating With Burp Suite☆38Updated 2 years ago
- Rockyou for web fuzzing☆15Updated 3 years ago
- XML-RPC Vulnerability Checker and Directory Fuzzer☆24Updated last year
- The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.☆16Updated last year
- Cheat seet for penetration testing☆1Updated 6 months ago
- This is a working variant of the Mirai IOT botnet☆13Updated 2 years ago