gotr00t0day / CVE-2024-4040
A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from the filesystem outside of the VFS Sandbox, bypass authentication to gain administrative access, and perform remote code execution on the server.
☆8Updated 10 months ago
Alternatives and similar repositories for CVE-2024-4040:
Users that are interested in CVE-2024-4040 are comparing it to the libraries listed below
- Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs☆12Updated 2 years ago
- NetFuzzer is a comprehensive network security assessment tool for internal and external network components, including Host Machines, Fire…☆14Updated last month
- Automatic Mass Tool for check and exploiting vulnerability in CVE-2023-3076 - MStore API < 3.9.9 - Unauthenticated Privilege Escalation (…☆17Updated last year
- xdebug 2.5.5 RCE exploit☆30Updated 2 months ago
- Python script that generates Visual Basic Script (VBS) stagers for executing PowerShell scripts directly from specified URLs. It provides…☆12Updated 10 months ago
- Strumenti per Domini - Whois - IP - Data Breach - Email☆15Updated 4 months ago
- ☆13Updated last year
- ☆13Updated last year
- CVE-2023-28121 - WooCommerce Payments < 5.6.2 - Unauthenticated Privilege Escalation [ Mass Add Admin User ]☆11Updated last year
- Continuous Reconnaissance and Vulnerability Scanning for Bug Bounties☆17Updated 9 months ago
- Bxss Sniper: A web application penetration testing tool for Blind XSS detection☆19Updated last year
- Automate Blind SQL Injection with Python.☆21Updated 2 years ago
- F5 BIG-IP Scanner scans for servers on shodan and checks to see if they are vulnerable.☆17Updated 2 years ago
- A small and efficient tool to find open redirect vulnerabilities.☆16Updated 3 years ago
- This tool is designed to detect and identify Server-Side Template Injection (SSTI) vulnerabilities in web applications☆8Updated last year
- Rockyou for web fuzzing☆14Updated 3 years ago
- Hack Windows with FUD backdoor/payload, Escalates LINUX privileges, Devastate Linux, Tunnel forwarding☆15Updated 4 years ago
- ☆14Updated last year
- PoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal☆14Updated 10 months ago
- XSS payloads for exploiting Markdown syntax☆7Updated 4 years ago
- Small python or powershell script to look for potential subdomain takeover vulnerabilities via vulnerable Alias.☆8Updated 3 years ago
- Nuclei template for CVE-2024-23897 (Jenkins LFI Vulnerability)☆18Updated last year
- Automated Recon Tool Installer☆16Updated 2 years ago
- Advanced test for proxy & waf☆13Updated 6 months ago
- Widget Options – The #1 WordPress Widget & Block Control Plugin <= 4.0.7 - Authenticated (Contributor+) Remote Code Execution☆11Updated 3 months ago
- crawl a website for links and expose all the vulnerable parameters.☆12Updated 2 years ago
- Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: …☆9Updated last year
- A ZAPROXY Add-on that allows testing of web application vulnerabilities by recording complex multi-step sequences. You can test applica…☆22Updated last week