gotr00t0day / CVE-2024-4040Links
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
☆8Updated last year
Alternatives and similar repositories for CVE-2024-4040
Users that are interested in CVE-2024-4040 are comparing it to the libraries listed below
Sorting:
- An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability☆8Updated last year
- ☆14Updated 3 months ago
- Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs☆12Updated 2 years ago
- PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal☆17Updated last year
- crawl a website for links and expose all the vulnerable parameters.☆13Updated 2 years ago
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆18Updated 2 years ago
- CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]☆11Updated last year
- Strumenti per Domini - Whois - IP - Data Breach - Email☆16Updated 7 months ago
- Automated enumeration for red teamers☆7Updated 2 years ago
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆18Updated last year
- xdebug 2.5.5 RCE exploit☆31Updated 5 months ago
- Find subdomains by searching public certificate records☆16Updated last year
- This tool will resolve a list of Domains, IPs, Hosts, URLs and save the results for valid/invalid fast!☆17Updated 2 years ago
- Hack Windows with FUD backdoor/payload, Escalates LINUX privileges, Devastate Linux, Tunnel forwarding☆15Updated 4 years ago
- NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Fire…☆15Updated 4 months ago
- VLAN attacks toolkit☆14Updated 2 years ago
- Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution☆12Updated 6 months ago
- Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: …☆9Updated last year
- Automate Blind SQL Injection with Python.☆23Updated 2 years ago
- Small python or powershell script to look for potential subdomain takeover vulnerabilities via vulnerable Alias.☆8Updated 3 years ago
- Argument injection vulnerability in PHP☆11Updated last year
- XSS payloads for exploiting Markdown syntax☆8Updated 4 years ago
- CVE-2024-29895 PoC - Exploiting remote command execution in Cacti servers using the 1.3.X DEV branch builds☆21Updated last year
- Python script that generates Visual Basic Script (VBS) stagers for executing PowerShell scripts directly from specified URLs. It provides…☆13Updated last year
- Advanced test for proxy & waf☆13Updated 9 months ago
- Rockyou for web fuzzing☆14Updated 3 years ago
- FireHawk: The Elite Firebase Security Testing Utility☆21Updated last year
- Atlassian Confluence - Remote Code Execution☆9Updated last year
- Priv8 Tools Software Mass Dork Auto Exploit.☆13Updated 2 years ago
- ☆12Updated 11 months ago