hev0x / CVE-2022-26134
Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)
☆38Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for CVE-2022-26134
- Spring4Shell Burp Scanner☆65Updated 2 years ago
- phpMyAdmin XSS☆114Updated 3 weeks ago
- CVE Collection of jQuery UI XSS Payloads☆115Updated last year
- ☆39Updated 11 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆48Updated 2 years ago
- ☆32Updated 2 years ago
- This tool is designed to test for file upload and XXE vulnerabilities by poisoning XLSX files.☆68Updated 10 months ago
- PoC for XSS in org.webjars:swagger-ui [3.14.2, 3.36.2]☆52Updated last year
- A more useful CSRF PoC generator on Burp Suite☆87Updated 2 years ago
- Simple script realizado en bash, para revisión de múltiples hosts para CVE-2022-1388 (F5)☆25Updated 2 years ago
- A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997.☆110Updated 2 years ago
- Progress Telerik Report Server pre-authenticated RCE chain (CVE-2024-4358/CVE-2024-1800)☆74Updated 5 months ago
- A webshell application and interactive shell for pentesting Apache Tomcat servers.☆95Updated 10 months ago
- Every Nuclei template that has ever appeared on Github☆25Updated 2 years ago
- Wordlist to bruteforce for LFI☆118Updated 5 years ago
- Burp Suite's extension to scan and crawl Single Page Applications☆99Updated last year
- Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519☆60Updated 3 months ago
- Automatic Tools For Metabase Exploit Known As CVE-2023-38646☆28Updated last year
- Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.☆117Updated last year
- Burp extension to check and exploit the IIS Tilde Enumeration/IIS 8.3 Short Filename Disclosure vulnerability☆55Updated last year
- Little thing put together quickly to demonstrate this CVE☆28Updated 2 years ago
- ☆31Updated 2 years ago
- A tool that automates the search for IDOR vulnerabilities in web apps and APIs☆50Updated 3 years ago
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆115Updated last year
- Exploit tool for CVE-2021-43008 Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability☆78Updated 8 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆20Updated 2 months ago
- Zimbra Unauthenticated Remote Code Execution Exploit (CVE-2022-27925)☆56Updated 2 years ago
- Send controlled amount of bytes, send msf-pattern, calculate offset, custom buffer, badcharacters all in one.☆15Updated 7 months ago
- The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489☆31Updated 7 months ago