truonghuuphuc / CVE-2024-39943-PocLinks
CVE-2024-39943 rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).
☆20Updated last year
Alternatives and similar repositories for CVE-2024-39943-Poc
Users that are interested in CVE-2024-39943-Poc are comparing it to the libraries listed below
Sorting:
- PAN-OS auth bypass + RCE☆46Updated 10 months ago
- gRPC client for the Merlin Server☆23Updated 5 months ago
- Cleo Unrestricted file upload and download PoC (CVE-2024-50623)☆23Updated 9 months ago
- ☆89Updated last year
- This tool, programmed in C#, allows for the fast discovery and exploitation of vulnerabilities in MSSQL servers☆54Updated last year
- PoC - Authenticated Remote Code Execution in VMware vCenter Server (Exploit)☆44Updated last year
- 针对多个框架的高度自定义的内存马一键打入工具 | A highly customized memory shell one-click injection tool for multiple frameworks☆49Updated last year
- ☆57Updated last year
- CVE-2025-0282 is a critical vulnerability found in Ivanti Connect Secure, allowing Remote Command Execution (RCE) through a buffer overfl…☆48Updated 8 months ago
- Abusing SSRF to deliver an authenticated command injection payload☆30Updated 3 weeks ago
- CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability☆42Updated 3 years ago
- CVE-2023-22527 - RCE (Remote Code Execution) Vulnerability In Confluence Data Center and Confluence Server PoC☆24Updated last year
- Exploit for CVE-2024-29847☆18Updated last year
- Exploit for the CVE-2024-5806☆45Updated last year
- CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server☆39Updated last year
- Exploit for CVE-2024-27198 - TeamCity Server☆34Updated 9 months ago
- Ivanti EPM AgentPortal RCE Vulnerability☆20Updated last year
- CVE-2023-20198-RCE, support adding/deleting users and executing cli commands/system commands.☆41Updated last year
- VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)☆96Updated 2 years ago
- ownCloud exploits for CVE-2023-49105☆36Updated last year
- CVE-2023-34992: Fortinet FortiSIEM Command Injection Proof of Concept Exploit☆27Updated last year
- Privilege Escalation using Passwd - April Fools prank☆35Updated 5 months ago
- A tool for analyzing vulnerabilities in JWT tokens. Advanced JWT Vulnerability Scanner & Exploitation Toolkit☆46Updated 5 months ago
- Winsocket for Cobalt Strike.☆99Updated 2 years ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆115Updated last year
- Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108)☆30Updated 5 months ago
- CVE-2024-8190: Ivanti Cloud Service Appliance Command Injection☆17Updated last year
- Exploit for CVE-2024-20767 - Adobe ColdFusion☆34Updated 9 months ago
- CVE-2025-31324, SAP Exploit☆21Updated 4 months ago
- PoC for CVE-2023-28771 based on Rapid7's excellent writeup☆29Updated 2 years ago