jakabakos/Apache-OFBiz-Authentication-Bypass external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

jakabakos/Apache-OFBiz-Authentication-Bypass

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/jakabakos/Apache-OFBiz-Authentication-Bypass)

Close

jakabakos / Apache-OFBiz-Authentication-BypassView on GitHubMore

• External links
• Readme badge

This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.

☆72Mar 24, 2024Updated 2 years ago

Alternatives and similar repositories for Apache-OFBiz-Authentication-Bypass

Users that are interested in Apache-OFBiz-Authentication-Bypass are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• bAuh0lz / CVE-2023-0297_Pre-auth_RCE_in_pyLoad

  View on GitHub
  CVE-2023-0297: The Story of Finding Pre-auth RCE in pyLoad
  ☆28Jan 14, 2023Updated 3 years ago
• dix0nym / CVE-2015-6967

  View on GitHub
  Nibbleblog 4.0.3 - Arbitrary File Upload (CVE-2015-6967)
  ☆15Feb 25, 2021Updated 5 years ago
• g1vi / CVE-2023-2640-CVE-2023-32629

  View on GitHub
  GameOver(lay) Ubuntu Privilege Escalation
  ☆133Oct 9, 2023Updated 2 years ago
• jakabakos / CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE

  View on GitHub
  ☆28Sep 11, 2023Updated 2 years ago
• jakabakos / CVE-2023-36884-MS-Office-HTML-RCE

  View on GitHub
  MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
  ☆41Nov 2, 2023Updated 2 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• Acceis / exploit-CVE-2023-23752

  View on GitHub
  Joomla! < 4.2.8 - Unauthenticated information disclosure
  ☆92Dec 27, 2023Updated 2 years ago
• K3ysTr0K3R / CVE-2023-51467-EXPLOIT

  View on GitHub
  A PoC exploit for CVE-2023-51467 - Apache OFBiz Authentication Bypass
  ☆12Dec 31, 2023Updated 2 years ago
• beishanxueyuan / BChecks

  View on GitHub
  burp suite插件
  ☆13Jul 9, 2023Updated 2 years ago
• ByCh4n / Delebetor

  View on GitHub
  Installs and adjusts Pentest tools.
  ☆10Oct 19, 2022Updated 3 years ago
• AbdullahRizwan101 / Vulnerable-Machine

  View on GitHub
  Making your own CTF
  ☆26Jan 5, 2021Updated 5 years ago
• shamo0 / PDFkit-CMD-Injection

  View on GitHub
  CVE-2022-25765 pdfkit <0.8.6 command injection.
  ☆15Dec 21, 2022Updated 3 years ago
• evkl1d / CVE-2023-46604

  View on GitHub
  ☆40Nov 6, 2023Updated 2 years ago
• AiGptCode / Rapid-Url

  View on GitHub
  retrieve comprehensive information about a website, including its title, last modified date, DNS information, subdomains, firewall names,…
  ☆16Mar 24, 2024Updated 2 years ago
• AnataarXVI / Werkzeug-Cracker

  View on GitHub
  Werkzeug password cracker
  ☆19Nov 14, 2024Updated last year
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• padsalatushal / CVE-2011-2523

  View on GitHub
  Python exploit for vsftpd 2.3.4 - Backdoor Command Execution
  ☆16Jan 8, 2023Updated 3 years ago
• R-s0n / OSWE-Methodology

  View on GitHub
  Blank methodology sheet for the OSWE exam
  ☆13Dec 17, 2021Updated 4 years ago
• CyberOne-TeamARES / FallOfSudo

  View on GitHub
  Pwning Sudo Rules
  ☆29Mar 3, 2022Updated 4 years ago
• h0ussni / pwnloris

  View on GitHub
  ☆28Sep 7, 2025Updated 6 months ago
• jakabakos / CVE-2023-50164-Apache-Struts-RCE

  View on GitHub
  A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate f…
  ☆86Nov 3, 2025Updated 4 months ago
• diego-tella / CVE-2023-1326-PoC

  View on GitHub
  A proof of concept for CVE-2023–1326 in apport-cli 2.26.0
  ☆21Dec 6, 2023Updated 2 years ago
• IamLucif3r / Go-Hash-Matcher

  View on GitHub
  A simple password cracker written in Go, designed to search for a specific hashed password in a wordlist.
  ☆13Feb 23, 2024Updated 2 years ago
• 0x20c / CVE-2024-23692-EXP

  View on GitHub
  CVE-2024-23692 Exploit
  ☆13Jun 18, 2024Updated last year
• vin01 / poc-proxycommand-vulnerable-v2

  View on GitHub
  Proof of conept to exploit vulnerable proxycommand configurations on ssh clients
  ☆19Dec 21, 2023Updated 2 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• 0x584A / oscp-notes

  View on GitHub
  目前通过自学已经取得 OSCP（Offensive Security Certified Professional）证书，本项目用于记录、分享、交流。
  ☆11Aug 16, 2022Updated 3 years ago
• 0xTriboulet / Cycotic

  View on GitHub
  A python polymorphic engine for C programs
  ☆11Dec 8, 2023Updated 2 years ago
• ImuSpirit / CVE-2023-51467-Exploit

  View on GitHub
  Apache Ofbiz CVE-2023-51467 图形化漏洞利用工具
  ☆39Jan 6, 2024Updated 2 years ago
• gh-ost00 / JS-Scanner

  View on GitHub
  The powerfull Extract and Scanner Javascript urls (Upgrade Deeper search)
  ☆21Nov 7, 2024Updated last year
• FredBrave / CVE-2022-46169-CACTI-1.2.22

  View on GitHub
  This is a exploit of CVE-2022-46169 to cacti 1.2.22. This exploit allows through an RCE to obtain a reverse shell on your computer.
  ☆41Sep 11, 2023Updated 2 years ago
• jephk9 / oscp-jewels

  View on GitHub
  Gitbook: OSCP-Jewels
  ☆12Oct 19, 2021Updated 4 years ago
• UncleJ4ck / CVE-2021-41091

  View on GitHub
  POC for CVE-2021-41091
  ☆65May 20, 2023Updated 2 years ago
• RedSiege / ProxmarkWrapper

  View on GitHub
  A wrapper around the Proxmark3 client that will alert the user of specific events
  ☆30Dec 13, 2020Updated 5 years ago
• pwnspirit / earlymoon

  View on GitHub
  🌙 DNS query tool written in go
  ☆15Dec 27, 2025Updated 3 months ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• J0ey17 / CVE-2022-22963_Reverse-Shell-Exploit

  View on GitHub
  CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script w…
  ☆24Mar 18, 2023Updated 3 years ago
• z3rObyte / CVE-2024-23334-PoC

  View on GitHub
  A proof of concept of the path traversal vulnerability in the python AioHTTP library =< 3.9.1
  ☆20Mar 19, 2024Updated 2 years ago
• gh-ost00 / CVE-2024-1071-SQL-Injection

  View on GitHub
  Proof of concept : CVE-2024-1071: WordPress Vulnerability Exploited
  ☆22Aug 30, 2024Updated last year
• plackyhacker / ps-encoder

  View on GitHub
  A very simple python script to encode and decode PowerShell one-liners.
  ☆25Feb 13, 2022Updated 4 years ago
• thalysonz / pentest-flutter-guide

  View on GitHub
  Repository aimed at helping to perform pentests on flutter applications
  ☆18Jul 10, 2024Updated last year
• vdohney / keepass-password-dumper

  View on GitHub
  Original PoC for CVE-2023-32784
  ☆646Aug 17, 2023Updated 2 years ago
• H454NSec / CVE-2023-42793

  View on GitHub
  JetBrains TeamCity Authentication Bypass CVE-2023-42793 Exploit
  ☆45May 22, 2024Updated last year