mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2025/01/11 00:32:19

Browse source
This commit is contained in:
motikan2010-bot 2025-01-11 09:32:19 +09:00
parent 3742786a3a
commit 86b66fad5c
28 changed files with 272 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
2018/CVE-2018-17240.json
View file

@ -45,8 +45,8 @@
"description": "A tool for retrieving login credentials from Netwave IP cameras using a memory dump vulnerability (CVE-2018-17240)",
"fork": false,
"created_at": "2024-01-04T21:44:21Z",
"updated_at": "2025-01-07T16:50:32Z",
"pushed_at": "2025-01-10T09:37:39Z",
"updated_at": "2025-01-10T20:53:21Z",
"pushed_at": "2025-01-10T20:53:19Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,

8
2018/CVE-2018-19320.json
View file

@ -76,10 +76,10 @@
"description": "Unsigned driver loader using CVE-2018-19320",
"fork": false,
"created_at": "2022-11-12T05:48:13Z",
"updated_at": "2025-01-08T16:54:22Z",
"updated_at": "2025-01-10T18:46:37Z",
"pushed_at": "2023-04-09T13:50:29Z",
"stargazers_count": 222,
"watchers_count": 222,
"stargazers_count": 223,
"watchers_count": 223,
"has_discussions": false,
"forks_count": 59,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 59,
"watchers": 222,
"watchers": 223,
"score": 0,
"subscribers_count": 10
}

8
2018/CVE-2018-7935.json
View file

@ -2,15 +2,15 @@
{
"id": 149753230,
"name": "CVE-2018-7935",
"full_name": "lawrenceamer\/CVE-2018-7935",
"full_name": "zux0x3a\/CVE-2018-7935",
"owner": {
"login": "lawrenceamer",
"login": "zux0x3a",
"id": 10256911,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10256911?v=4",
"html_url": "https:\/\/github.com\/lawrenceamer",
"html_url": "https:\/\/github.com\/zux0x3a",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/lawrenceamer\/CVE-2018-7935",
"html_url": "https:\/\/github.com\/zux0x3a\/CVE-2018-7935",
"description": null,
"fork": false,
"created_at": "2018-09-21T11:17:59Z",

2
2019/CVE-2019-11248.json
View file

@ -35,6 +35,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2019/CVE-2019-11358.json
View file

File diff suppressed because one or more lines are too long

2
2019/CVE-2019-19781.json
View file

@ -95,7 +95,7 @@
"forks": 27,
"watchers": 107,
"score": 0,
"subscribers_count": 17
"subscribers_count": 16
},
{
"id": 233168483,

4
2019/CVE-2019-5736.json
View file

@ -236,13 +236,13 @@
"stargazers_count": 83,
"watchers_count": 83,
"has_discussions": false,
"forks_count": 34,
"forks_count": 33,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 34,
"forks": 33,
"watchers": 83,
"score": 0,
"subscribers_count": 8

2
2020/CVE-2020-1938.json
View file

@ -1041,6 +1041,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2021/CVE-2021-21972.json
View file

@ -848,10 +848,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2025-01-07T00:45:39Z",
"updated_at": "2025-01-10T22:02:06Z",
"pushed_at": "2024-04-25T06:09:38Z",
"stargazers_count": 1363,
"watchers_count": 1363,
"stargazers_count": 1364,
"watchers_count": 1364,
"has_discussions": false,
"forks_count": 167,
"allow_forking": true,
@ -867,7 +867,7 @@
],
"visibility": "public",
"forks": 167,
"watchers": 1363,
"watchers": 1364,
"score": 0,
"subscribers_count": 15
}

6
2021/CVE-2021-21974.json
View file

@ -138,8 +138,8 @@
"description": null,
"fork": false,
"created_at": "2025-01-10T18:00:20Z",
"updated_at": "2025-01-10T18:00:24Z",
"pushed_at": "2025-01-10T18:00:20Z",
"updated_at": "2025-01-10T18:36:09Z",
"pushed_at": "2025-01-10T18:36:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -152,6 +152,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2021/CVE-2021-31755.json
View file

@ -35,6 +35,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

8
2021/CVE-2021-4034.json
View file

@ -142,10 +142,10 @@
"description": "PoC for PwnKit: Local Privilege Escalation Vulnerability in polkits pkexec (CVE-2021-4034)",
"fork": false,
"created_at": "2022-01-26T00:56:36Z",
"updated_at": "2025-01-08T23:38:45Z",
"updated_at": "2025-01-10T19:20:44Z",
"pushed_at": "2023-05-04T19:24:39Z",
"stargazers_count": 1064,
"watchers_count": 1064,
"stargazers_count": 1065,
"watchers_count": 1065,
"has_discussions": false,
"forks_count": 306,
"allow_forking": true,
@ -158,7 +158,7 @@
],
"visibility": "public",
"forks": 306,
"watchers": 1064,
"watchers": 1065,
"score": 0,
"subscribers_count": 15
},

8
2022/CVE-2022-0944.json
View file

@ -107,10 +107,10 @@
"description": null,
"fork": false,
"created_at": "2024-09-10T10:26:57Z",
"updated_at": "2025-01-04T18:22:26Z",
"updated_at": "2025-01-10T18:56:37Z",
"pushed_at": "2024-09-10T16:18:40Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 9,
"watchers": 10,
"score": 0,
"subscribers_count": 1
},

8
2022/CVE-2022-22954.json
View file

@ -792,10 +792,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2025-01-07T00:45:39Z",
"updated_at": "2025-01-10T22:02:06Z",
"pushed_at": "2024-04-25T06:09:38Z",
"stargazers_count": 1363,
"watchers_count": 1363,
"stargazers_count": 1364,
"watchers_count": 1364,
"has_discussions": false,
"forks_count": 167,
"allow_forking": true,
@ -811,7 +811,7 @@
],
"visibility": "public",
"forks": 167,
"watchers": 1363,
"watchers": 1364,
"score": 0,
"subscribers_count": 15
}

8
2022/CVE-2022-38694.json
View file

@ -14,10 +14,10 @@
"description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692",
"fork": false,
"created_at": "2023-06-10T08:31:26Z",
"updated_at": "2025-01-10T10:13:05Z",
"updated_at": "2025-01-10T22:55:14Z",
"pushed_at": "2024-08-01T15:09:15Z",
"stargazers_count": 319,
"watchers_count": 319,
"stargazers_count": 320,
"watchers_count": 320,
"has_discussions": true,
"forks_count": 47,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 47,
"watchers": 319,
"watchers": 320,
"score": 0,
"subscribers_count": 8
},

8
2023/CVE-2023-23388.json
View file

@ -14,10 +14,10 @@
"description": "poc for CVE-2023-23388 (LPE in Windows 10\/11 bthserv service)",
"fork": false,
"created_at": "2024-06-23T19:52:09Z",
"updated_at": "2024-11-15T18:06:59Z",
"updated_at": "2025-01-10T21:07:43Z",
"pushed_at": "2024-07-17T12:25:17Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-45866.json
View file

@ -14,10 +14,10 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2025-01-10T18:25:51Z",
"updated_at": "2025-01-10T20:10:35Z",
"pushed_at": "2024-08-18T08:26:46Z",
"stargazers_count": 1379,
"watchers_count": 1379,
"stargazers_count": 1380,
"watchers_count": 1380,
"has_discussions": false,
"forks_count": 236,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 236,
"watchers": 1379,
"watchers": 1380,
"score": 0,
"subscribers_count": 21
},

36
2024/CVE-2024-10924.json
View file

@ -138,6 +138,42 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 891508423,
"name": "CVE-2024-10924",
"full_name": "julesbsz\/CVE-2024-10924",
"owner": {
"login": "julesbsz",
"id": 38622433,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38622433?v=4",
"html_url": "https:\/\/github.com\/julesbsz",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/julesbsz\/CVE-2024-10924",
"description": "POC for CVE-2024-10924 written in Python",
"fork": false,
"created_at": "2024-11-20T13:13:15Z",
"updated_at": "2024-11-20T19:40:44Z",
"pushed_at": "2024-11-20T14:00:11Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2024-10924",
"python",
"really-simple-security",
"wordpress"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 891621160,
"name": "CVE-2024-10924-Wordpress-Docker",

8
2024/CVE-2024-3094.json
View file

@ -952,10 +952,10 @@
"description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)",
"fork": false,
"created_at": "2024-04-01T14:28:09Z",
"updated_at": "2025-01-08T14:03:02Z",
"updated_at": "2025-01-10T22:49:48Z",
"pushed_at": "2024-04-03T04:58:50Z",
"stargazers_count": 3504,
"watchers_count": 3504,
"stargazers_count": 3505,
"watchers_count": 3505,
"has_discussions": false,
"forks_count": 240,
"allow_forking": true,
@ -964,7 +964,7 @@
"topics": [],
"visibility": "public",
"forks": 240,
"watchers": 3504,
"watchers": 3505,
"score": 0,
"subscribers_count": 38
},

8
2024/CVE-2024-35250.json
View file

@ -14,10 +14,10 @@
"description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver",
"fork": false,
"created_at": "2024-10-13T19:30:20Z",
"updated_at": "2025-01-09T13:37:32Z",
"updated_at": "2025-01-10T19:13:01Z",
"pushed_at": "2024-11-29T16:56:23Z",
"stargazers_count": 260,
"watchers_count": 260,
"stargazers_count": 261,
"watchers_count": 261,
"has_discussions": false,
"forks_count": 57,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 57,
"watchers": 260,
"watchers": 261,
"score": 0,
"subscribers_count": 8
},

36
2024/CVE-2024-39123.json Normal file
View file

@ -0,0 +1,36 @@
[
{
"id": 915026880,
"name": "CVE-2024-39123-Exploit",
"full_name": "theexploiters\/CVE-2024-39123-Exploit",
"owner": {
"login": "theexploiters",
"id": 185040501,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185040501?v=4",
"html_url": "https:\/\/github.com\/theexploiters",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/theexploiters\/CVE-2024-39123-Exploit",
"description": "Exploit For: CVE-2024-39123: Stored XSS in Calibre-web 0.6.21",
"fork": false,
"created_at": "2025-01-10T20:05:24Z",
"updated_at": "2025-01-10T20:15:35Z",
"pushed_at": "2025-01-10T20:06:55Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2024-39123",
"cve-2024-39123-exploit"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

33
2024/CVE-2024-40111.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 915029581,
"name": "CVE-2024-40111-Exploit",
"full_name": "theexploiters\/CVE-2024-40111-Exploit",
"owner": {
"login": "theexploiters",
"id": 185040501,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185040501?v=4",
"html_url": "https:\/\/github.com\/theexploiters",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/theexploiters\/CVE-2024-40111-Exploit",
"description": "Exploit For: CVE-2024-40111: Stored Cross-Site Scripting (XSS) in Automad 2.0.0-alpha.4",
"fork": false,
"created_at": "2025-01-10T20:14:07Z",
"updated_at": "2025-01-10T20:15:05Z",
"pushed_at": "2025-01-10T20:14:28Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

31
2024/CVE-2024-42845.json
View file

@ -33,5 +33,36 @@
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 915025370,
"name": "CVE-2024-42845-Exploit",
"full_name": "theexploiters\/CVE-2024-42845-Exploit",
"owner": {
"login": "theexploiters",
"id": 185040501,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/185040501?v=4",
"html_url": "https:\/\/github.com\/theexploiters",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/theexploiters\/CVE-2024-42845-Exploit",
"description": "Exploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1",
"fork": false,
"created_at": "2025-01-10T20:00:26Z",
"updated_at": "2025-01-10T20:02:09Z",
"pushed_at": "2025-01-10T20:01:54Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-50603.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-50603-nuclei-poc",
"fork": false,
"created_at": "2025-01-08T12:00:38Z",
"updated_at": "2025-01-10T12:45:07Z",
"updated_at": "2025-01-10T20:45:22Z",
"pushed_at": "2025-01-08T12:08:46Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
}

4
2024/CVE-2024-54910.json
View file

@ -14,8 +14,8 @@
"description": null,
"fork": false,
"created_at": "2025-01-07T18:24:46Z",
"updated_at": "2025-01-07T18:33:21Z",
"pushed_at": "2025-01-07T18:33:18Z",
"updated_at": "2025-01-10T23:07:09Z",
"pushed_at": "2025-01-10T23:07:06Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

4
2024/CVE-2024-6387.json
View file

@ -2936,13 +2936,13 @@
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 7,
"forks_count": 8,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 7,
"forks": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1

31
2025/CVE-2025-0282.json
View file

@ -30,6 +30,37 @@
"score": 0,
"subscribers_count": 0
},
{
"id": 914515018,
"name": "CVE-2025-0282-check",
"full_name": "BishopFox\/CVE-2025-0282-check",
"owner": {
"login": "BishopFox",
"id": 4523757,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4523757?v=4",
"html_url": "https:\/\/github.com\/BishopFox",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/BishopFox\/CVE-2025-0282-check",
"description": "Safely detect if an Ivanti server is vulnerable to CVE-2025-0282",
"fork": false,
"created_at": "2025-01-09T18:43:08Z",
"updated_at": "2025-01-10T21:42:28Z",
"pushed_at": "2025-01-10T21:27:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 914659896,
"name": "CVE-2025-0282-PoC",

43
README.md
View file

@ -7,6 +7,7 @@
</code>
- [securexploit1/CVE-2025-0282](https://github.com/securexploit1/CVE-2025-0282)
- [BishopFox/CVE-2025-0282-check](https://github.com/BishopFox/CVE-2025-0282-check)
- [NyxanGoat/CVE-2025-0282-PoC](https://github.com/NyxanGoat/CVE-2025-0282-PoC)
### CVE-2025-22352 (2025-01-07)
@ -2301,6 +2302,7 @@
- [m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application](https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-vulnerable-application)
- [MattJButler/CVE-2024-10924](https://github.com/MattJButler/CVE-2024-10924)
- [m3ssap0/wordpress-really-simple-security-authn-bypass-exploit](https://github.com/m3ssap0/wordpress-really-simple-security-authn-bypass-exploit)
- [julesbsz/CVE-2024-10924](https://github.com/julesbsz/CVE-2024-10924)
- [Trackflaw/CVE-2024-10924-Wordpress-Docker](https://github.com/Trackflaw/CVE-2024-10924-Wordpress-Docker)
- [Maalfer/CVE-2024-10924-PoC](https://github.com/Maalfer/CVE-2024-10924-PoC)
- [D1se0/CVE-2024-10924-Bypass-MFA-Wordpress-LAB](https://github.com/D1se0/CVE-2024-10924-Bypass-MFA-Wordpress-LAB)
@ -5141,13 +5143,25 @@
- [fdzdev/CVE-2024-33231](https://github.com/fdzdev/CVE-2024-33231)
### CVE-2024-33297
### CVE-2024-33297 (2025-01-10)
<code>Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the campaign Name (Internal Name) field in the Add new campaign function
</code>
- [MathSabo/CVE-2024-33297](https://github.com/MathSabo/CVE-2024-33297)
### CVE-2024-33298
### CVE-2024-33298 (2025-01-10)
<code>Microweber Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the create new backup function in the endpoint /admin/module/view?type=admin__backup
</code>
- [MathSabo/CVE-2024-33298](https://github.com/MathSabo/CVE-2024-33298)
### CVE-2024-33299
### CVE-2024-33299 (2025-01-10)
<code>Cross Site Scripting vulnerability in Microweber v.2.0.9 allows a remote attacker to execute arbitrary code via the First Name and Last Name parameters in the endpoint /admin/module/view?type=users
</code>
- [MathSabo/CVE-2024-33299](https://github.com/MathSabo/CVE-2024-33299)
### CVE-2024-33352
@ -6079,6 +6093,13 @@
- [ghostwirez/CVE-2024-39090-PoC](https://github.com/ghostwirez/CVE-2024-39090-PoC)
### CVE-2024-39123 (2024-07-19)
<code>In janeczku Calibre-Web 0.6.0 to 0.6.21, the edit_book_comments function is vulnerable to Cross Site Scripting (XSS) due to improper sanitization performed by the clean_string function. The vulnerability arises from the way the clean_string function handles HTML sanitization.
</code>
- [theexploiters/CVE-2024-39123-Exploit](https://github.com/theexploiters/CVE-2024-39123-Exploit)
### CVE-2024-39203 (2024-07-08)
<code>A cross-site scripting (XSS) vulnerability in the Backend Theme Management module of Z-BlogPHP v1.7.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
@ -6198,6 +6219,13 @@
- [Abdurahmon3236/CVE-2024-40110](https://github.com/Abdurahmon3236/CVE-2024-40110)
### CVE-2024-40111 (2024-08-23)
<code>A persistent (stored) cross-site scripting (XSS) vulnerability has been identified in Automad 2.0.0-alpha.4. This vulnerability enables an attacker to inject malicious JavaScript code into the template body. The injected code is stored within the flat file CMS and is executed in the browser of any user visiting the forum.
</code>
- [theexploiters/CVE-2024-40111-Exploit](https://github.com/theexploiters/CVE-2024-40111-Exploit)
### CVE-2024-40119 (2024-07-17)
<code>Nepstech Wifi Router xpon (terminal) model NTPL-Xpon1GFEVN v.1.0 Firmware V2.0.1 contains a Cross-Site Request Forgery (CSRF) vulnerability in the password change function, which allows remote attackers to change the admin password without the user's consent, leading to a potential account takeover.
@ -6568,6 +6596,7 @@
</code>
- [partywavesec/invesalius3_vulnerabilities](https://github.com/partywavesec/invesalius3_vulnerabilities)
- [theexploiters/CVE-2024-42845-Exploit](https://github.com/theexploiters/CVE-2024-42845-Exploit)
### CVE-2024-42849 (2024-08-16)
@ -8053,7 +8082,11 @@
- [partywavesec/CVE-2024-54819](https://github.com/partywavesec/CVE-2024-54819)
### CVE-2024-54910
### CVE-2024-54910 (2025-01-10)
<code>Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function.
</code>
- [KrakenEU/CVE-2024-54910](https://github.com/KrakenEU/CVE-2024-54910)
### CVE-2024-55099 (2024-12-12)
@ -41041,7 +41074,7 @@
<code>\nThere is a vulnerability in 21.328.01.00.00 version of the E5573Cs-322. Remote attackers could exploit this vulnerability to make the network where the E5573Cs-322 is running temporarily unavailable.\n\n
</code>
- [lawrenceamer/CVE-2018-7935](https://github.com/lawrenceamer/CVE-2018-7935)
- [zux0x3a/CVE-2018-7935](https://github.com/zux0x3a/CVE-2018-7935)
### CVE-2018-8004 (2018-08-29)