## https://sploitus.com/exploit?id=A106F5B3-5A20-5F6A-B919-FFF516EAC705 # CVE-2024-4577 Argument injection vulnerability in PHP ## INSTALL git clone https://github.com/didarul342/CVE-2024-4577.git cd CVE-2024-4577 pip3 install -r requirements.txt ## USAGE ```py # Scan A Target...
## https://sploitus.com/exploit?id=431CD33F-D51B-5AEB-B4BE-79341D514F85 # CVE-2024-4577 Argument injection vulnerability in PHP ## INSTALL git clone https://github.com/didarul342/CVE-2024-4577.git cd CVE-2024-4577 pip3 install -r requirements.txt ## USAGE ```py # Scan A ...
论文题目:FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities 论文出处:USENIX 2022 论文作者:Sunnyeo Park(KAIST),Daejun Kim(KAIST) ,, 论文下载地址 会议视频地址 代码地址 FUGIO: 0x01 Intraduction 0x02 Background 0x03 Motivation and Challenges 现存的工具只关注检测潜在的反序列化...
CVE-2024-4577 - PHP CGI Argument Injection Remote Code Execution (RCE) In certain versions of PHP (8.1.* before 8.1.29, 8.2.* before 8.2.20, and 8.3.* before 8.3.8), a critical vulnerability exists when using PHP with Apache and PHP-CGI on Windows. If the system is configured to ...
Usage: php '.$argv[0].' host path host: target server (ip/hostname),without"http://" path: path to ff84cms Example: php '.$argv[0].' localhost / --- '); die; } $host=$argv[1]; $path=$argv[2]; $html=''; $cookie=""...
Platform: PHP Date: 2023-05-23 Vulnerable App: [#] Exploit Title: WBiz Desk 1.2 - SQL Injection [#] Exploit Date: May 12, 2023. [#] CVSS 3.1: 6.4 (Medium) [#] CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N [#] Tactic: Initial Access (TA0001) [#...
CVE: N/A # Exploit Title: Smart School v1.0 - SQL Injection # Date: 2023-05-17 # Exploit Author: Ahmet Ümit BAYRAM # Vendor: https://codecanyon.net/item/smart-school-school-management-system/19426018 # Demo Site: https://demo.smart-school.in # Tested on: Kali Linux # CVE: N/...
#!/usr/bin/perl -w # # Free Links Directory Script V1.2a Remote SQL Injection Exploit # written by ka0x <ka0x01[alt+64]gmail.com> # D.O.M Labs Security Researchers # - www.domlabs.org - # # Vuln code (report.php): # # if($_COOKIE['logged']=="") { # [...] // ...
EDB-ID: 51691 CVE: N/A # Exploit Title: OVOO Movie Portal CMS v3.3.3 - SQL Injection # Date: 2023-08-12 # Exploit Author: Ahmet Ümit BAYRAM # Vendor: https://codecanyon.net/item/ovoomovie-video-streaming-cms-with-unlimited-tvseries/20180569 # Tested on: Kali Linux & MacOS # CV...
# Exploit Title: The Shop v2.5 - SQL Injection # Date: 2023-06-17 # Exploit Author: Ahmet Ümit BAYRAM # Vendor: https://codecanyon.net/item/the-shop/34858541 # Demo Site: https://shop.activeitzone.com # Tested on: Kali Linux # CVE: N/A ### Request ### POST /api/v1/cart...