RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)
☆133Jan 19, 2023Updated 3 years ago
Alternatives and similar repositories for Rails-doubletap-RCE
Users that are interested in Rails-doubletap-RCE are comparing it to the libraries listed below
Sorting:
- CVE-2019-5418 - File Content Disclosure on Ruby on Rails☆201Apr 5, 2021Updated 4 years ago
- CVE-2018-19276 - OpenMRS Insecure Object Deserialization RCE☆16Mar 11, 2019Updated 7 years ago
- ☆34Jul 17, 2019Updated 6 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418☆35Mar 21, 2019Updated 7 years ago
- CVE-2018-16341 - Nuxeo Remote Code Execution without authentication using Server Side Template Injection☆24Jun 5, 2019Updated 6 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 7 years ago
- Fetch known urls from AlienVault's Open Threat Exchange for given hosts☆63Jul 22, 2019Updated 6 years ago
- Broken Link Hijacking Burp Extension☆57Sep 13, 2019Updated 6 years ago
- Apache Solr Injection Research☆580Jan 28, 2020Updated 6 years ago
- A tool to bruteforce nameservers when working with subdomain delegations to AWS.☆58Aug 22, 2019Updated 6 years ago
- PoC for CVE-2018-1002105.☆222Dec 21, 2018Updated 7 years ago
- CVE-2019-6340-Drupal SA-CORE-2019-003☆32Feb 24, 2019Updated 7 years ago
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆298Jun 10, 2019Updated 6 years ago
- Viewgen is a ViewState tool capable of generating both signed and encrypted payloads with leaked validation keys☆659Feb 1, 2025Updated last year
- Exploit for Arbitrary File Read on Pulse Secure SSL VPN (CVE-2019-11510)☆364Jan 11, 2020Updated 6 years ago
- Spring Boot Actuator (jolokia) XXE/RCE☆324Jun 16, 2020Updated 5 years ago
- Some of my exploits.☆601Feb 25, 2021Updated 5 years ago
- JWT fuzzer☆107Jul 24, 2018Updated 7 years ago
- CVE-2018-13379☆254Aug 14, 2019Updated 6 years ago
- ☆39Sep 23, 2019Updated 6 years ago
- flash 劫持轮子,CSRF,劫持,跳转,swf 有需求可以提issues ,src挖掘,劫持response☆86Nov 9, 2019Updated 6 years ago
- Spring messaging STOMP protocol RCE☆113Apr 12, 2018Updated 7 years ago
- Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (…☆316Apr 1, 2019Updated 6 years ago
- CVE-2020-8163 - Remote code execution of user-provided local names in Rails☆61Dec 14, 2022Updated 3 years ago
- An example project that exploits the default typing issue in Jackson-databind via Spring application contexts and expressions☆124Jan 9, 2018Updated 8 years ago
- Tool for CVE-2018-16323☆82Jan 17, 2019Updated 7 years ago
- CVE-2018-6574 POC : golang 'go get' remote command execution during source code build☆24Jan 14, 2022Updated 4 years ago
- Apache Solr DataImport Handler RCE☆91Aug 12, 2019Updated 6 years ago
- Burpsuite Plugin For AES Crack☆37Jun 17, 2020Updated 5 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆153Feb 25, 2019Updated 7 years ago
- sploit☆67Dec 21, 2019Updated 6 years ago
- CVE-2018-3252-PoC☆74Dec 7, 2018Updated 7 years ago
- Shiro RCE (Padding Oracle Attack)☆148Nov 15, 2019Updated 6 years ago
- WebLogic wls9-async反序列化远程命令执行漏洞☆240May 26, 2019Updated 6 years ago
- Hunting Bugs for Fun and Profit☆276Jul 29, 2020Updated 5 years ago
- Some debug notes and exploit(not blind)☆39Jul 28, 2019Updated 6 years ago