This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.
☆74Mar 24, 2024Updated 2 years ago
Alternatives and similar repositories for Apache-OFBiz-Authentication-Bypass
Users that are interested in Apache-OFBiz-Authentication-Bypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆13May 18, 2022Updated 4 years ago
- CVE-2023-0297: The Story of Finding Pre-auth RCE in pyLoad☆28Jan 14, 2023Updated 3 years ago
- Nibbleblog 4.0.3 - Arbitrary File Upload (CVE-2015-6967)☆15Feb 25, 2021Updated 5 years ago
- GameOver(lay) Ubuntu Privilege Escalation☆132Oct 9, 2023Updated 2 years ago
- ☆28Sep 11, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Jellyfin prometheus exporter☆14Feb 9, 2026Updated 4 months ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆42Nov 2, 2023Updated 2 years ago
- Joomla! < 4.2.8 - Unauthenticated information disclosure☆94Dec 27, 2023Updated 2 years ago
- A PoC exploit for CVE-2023-51467 - Apache OFBiz Authentication Bypass☆12Dec 31, 2023Updated 2 years ago
- CORS Exploit POC for WordPress REST API☆10Oct 27, 2024Updated last year
- burp suite插件☆14Jul 9, 2023Updated 3 years ago
- Installs and adjusts Pentest tools.☆10Oct 19, 2022Updated 3 years ago
- Making your own CTF☆26Jan 5, 2021Updated 5 years ago
- CVE-2022-25765 pdfkit <0.8.6 command injection.☆16Dec 21, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ☆40Nov 6, 2023Updated 2 years ago
- Spring Cloud Function Vulnerable Application / CVE-2022-22963☆19Apr 1, 2022Updated 4 years ago
- retrieve comprehensive information about a website, including its title, last modified date, DNS information, subdomains, firewall names,…☆18Mar 24, 2024Updated 2 years ago
- Metabase Pre-auth RCE☆12Aug 3, 2023Updated 2 years ago
- Python exploit for vsftpd 2.3.4 - Backdoor Command Execution☆16Jan 8, 2023Updated 3 years ago
- Blank methodology sheet for the OSWE exam☆13Dec 17, 2021Updated 4 years ago
- A Python script for generating exploits targeting CVE-2022-4510 RCE Binwalk. It supports SSH, command execution, and reverse shell option…☆14Jun 27, 2023Updated 3 years ago
- CVE-2023-2255 Libre Office☆65Jul 10, 2023Updated 2 years ago
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Pwning Sudo Rules☆30Mar 3, 2022Updated 4 years ago
- ☆29Sep 7, 2025Updated 10 months ago
- A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate f…☆86Nov 3, 2025Updated 8 months ago
- A proof of concept for CVE-2023–1326 in apport-cli 2.26.0☆21Dec 6, 2023Updated 2 years ago
- CVE-2024-23692 Exploit☆13Jun 18, 2024Updated 2 years ago
- Proof of conept to exploit vulnerable proxycommand configurations on ssh clients☆19Dec 21, 2023Updated 2 years ago
- 目前通过自学已经取得 OSCP(Offensive Security Certified Professional)证书,本项目用于记录、分享、交流。☆12Aug 16, 2022Updated 3 years ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- Repositório com materiais para competições de programação☆10Oct 3, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- The powerfull Extract and Scanner Javascript urls (Upgrade Deeper search)☆23Nov 7, 2024Updated last year
- Gitbook: OSCP-Jewels☆13Oct 19, 2021Updated 4 years ago
- POC for CVE-2021-41091☆66May 20, 2023Updated 3 years ago
- This is a exploit of CVE-2022-46169 to cacti 1.2.22. This exploit allows through an RCE to obtain a reverse shell on your computer.☆42Sep 11, 2023Updated 2 years ago
- SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions…☆68Oct 13, 2024Updated last year
- CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script w…☆24Mar 18, 2023Updated 3 years ago
- A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1☆20Mar 19, 2024Updated 2 years ago