jas502n / CVE-2020-26259View external linksLinks
CVE-2020-26259: XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights.
☆25Dec 13, 2020Updated 5 years ago
Alternatives and similar repositories for CVE-2020-26259
Users that are interested in CVE-2020-26259 are comparing it to the libraries listed below
Sorting:
- some struts tag , attributes which out of the range will call SetDynamicAttribute() function, it will cause ONGL expression execute☆70Dec 14, 2020Updated 5 years ago
- Exploit for CVE-2022-21999 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE)☆10Feb 9, 2022Updated 4 years ago
- WebLogic T3/IIOP RCE ExternalizableHelper.class of coherence.jar☆80Jan 27, 2021Updated 5 years ago
- Run Swing based GUI application within the Docker container through the Jetbrains Projector, and access it from browsers.☆18Apr 10, 2021Updated 4 years ago
- ☆16Jul 20, 2020Updated 5 years ago
- OpenFire 管理后台账号密码解密☆30Dec 15, 2020Updated 5 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- F5 BIG-IP RCE CVE-2020-5902 automatic check tool☆62Jul 12, 2020Updated 5 years ago
- Inspur vul repo☆34Feb 23, 2021Updated 4 years ago
- PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)☆81Jan 15, 2021Updated 5 years ago
- Weblogic com.tangosol.util.extractor.ReflectionExtractor RCE☆176Dec 15, 2022Updated 3 years ago
- Weblogic coherence.jar RCE☆176May 10, 2020Updated 5 years ago
- ☆36Dec 1, 2020Updated 5 years ago
- Tomcat基于动态注册Filter的无文件Webshell☆26Jun 20, 2020Updated 5 years ago
- This tool generates gopher link for exploiting SSRF and gaining RCE in redis with password.用于生成附带密码认证的gopher内容,用于SSRF等利用。☆120Jul 11, 2019Updated 6 years ago
- Godzilla v1.0 source code☆38Aug 26, 2020Updated 5 years ago
- Apache Solr Exploits 🌟☆348Oct 13, 2020Updated 5 years ago
- java.lang.Runtime.exec command encoder☆42Jun 8, 2021Updated 4 years ago
- Red TL;DR Database is a set of text data that provides search for red-tldr. If you don’t know red-tldr yet, please read the documentation…☆41Sep 2, 2022Updated 3 years ago
- PoC exploit of CVE-2020-11651 and CVE-2020-11652☆121Jul 10, 2020Updated 5 years ago
- SAMR修改域内主机密码☆10Feb 27, 2022Updated 3 years ago
- ☆50Mar 30, 2021Updated 4 years ago
- Nexus Repository Manager3 - 远程执行代码漏洞回显payload☆13Sep 29, 2020Updated 5 years ago
- CVE-2020-9547:FasterXML/jackson-databind 远程代码执行漏洞☆23Mar 2, 2020Updated 5 years ago
- CVE-2020-17008 splWOW64 Elevation of Privilege☆46Dec 24, 2020Updated 5 years ago
- 帮助java环境下任意文件下载情况自动化读取源码的小工具☆167Apr 5, 2019Updated 6 years ago
- 致远OA利用工具☆26Jul 15, 2023Updated 2 years ago
- Spring-Cloud-Spel-RCE☆12Sep 16, 2022Updated 3 years ago
- 几条关于CVE-2020-15148(yii2反序列化)的绕过☆75Sep 21, 2020Updated 5 years ago
- fastjson bypass autotype 1.2.68 with Throwable and AutoCloseable.☆229Oct 12, 2022Updated 3 years ago
- Rusty Joomla RCE Exploit☆69Dec 3, 2022Updated 3 years ago
- RCE Exploit for Gitlab < 13.9.4☆51Jun 4, 2021Updated 4 years ago
- Chaining CVE-2021-25281 and CVE-2021-25282 to exploit a SaltStack☆27Mar 6, 2021Updated 4 years ago
- TongdaOA 11.7 ~11.8 通达OA,任意用户登录+后台getshell☆86Jul 16, 2021Updated 4 years ago
- javaGGC for generate commons.collections gadget chain☆12Nov 10, 2021Updated 4 years ago
- uuid-shellcode-execution☆13May 9, 2021Updated 4 years ago
- WARNING: This is a vulnerable application to test the exploit for the Spring Break vulnerability (CVE-2017-8046). Run it at your own risk…☆14Oct 8, 2018Updated 7 years ago
- Huorong Internet Security vulnerabilities 火绒安全软件漏洞☆112Apr 2, 2020Updated 5 years ago
- WebLogic利用CVE-2020-2883打Shiro rememberMe反序列化漏洞,一键注册蚁剑filter内存shell☆535Aug 25, 2020Updated 5 years ago