Proof of concept overview on how the DBMS_REDACT Dynamic Data Masking security feature in Oracle can be bypassed. Affected versions include 19c and 21c.
faa91bafa9b2e6c720d769cabe566e32648af86218a89d1e65f2e8680b811db4
Proof of concept remote command execution and file retrieval backdoor script for ModSecurity.
48d8b60d0bc4cdb2a44679ca2e1994ad76834d87845227891745d812a2dd8f7b
IBM Websphere Application Server version 7.0 persistent cross site scripting vulnerability proof of concept details.
dc1233536d7555212b10f45b23030e26739234a2f687d52112ff10261d1e40e6
Roxy Fileman versions 1.4.6 and below remote shell upload proof of concept exploit.
16a9c59173c82b869a340397a5e68377531e0e0f9be9781793142e4f47786e1b
This is a whitepaper along with a proof of concept eml file discussing CVE-2020-16947 where a remote code execution vulnerability exists in Microsoft Outlook 2019 version 16.0.13231.20262 when it fails to properly handle objects in memory.
e10886839475e813dff9362bc048392f047b424255b849ca304a468b0daa17a3
This is a whitepaper along with a proof of concept eml file that demonstrates an out-of-bounds read on Outlook 2019 version 16.0.12624.20424. NIST references this issue as simply an information disclosure.
d7cbdf78b8d88b5ef4f17ae322717c6adec1d335f3eddae9fc75f883c66bbc76
In 2015, HD Moore, the creator of Metasploit, published an article disclosing over 5,800 gas station Automated Tank Gauges (ATGs) which were publicly accessible. Besides monitoring for leakage, these systems are also instrumental in gauging fluid levels, tank temperature, and can alert operators when tank volumes are too high or have reached a critical low. ATGs are utilized by nearly every fueling station in the United States and tens of thousands of systems internationally. They are most commonly manufactured by Veeder-Root, a supplier of fuel dispensers, payment systems, and forecourt merchandising. For remote monitoring of these fuel systems, operators will commonly configure the ATG serial interface to an internet-facing TCP port (generally set to TCP 10001). This script reads the Get In-Tank Inventory Report from TCP/10001 as a proof of concept to demonstrate the arbitrary access.
1222ef3166eddf3e2b1283c72bc5f78616ec813de663f9a776c261eacba66ccf
MiniDVBLinux versions 5.4 and below root password changing proof of concept exploit.
0517758916f5224ee0d63a86e0026b8a9d83c177f294a5ec74c5a0938e44fc11
This is a write up demonstrating how to get root on macOS 12.3.1 using CoreTrust and DriverKit bugs. Included is the spawn_root proof of concept.
42264f6011010d1ea9305f22c2f23628b9337624b236c163e1a40b0e1273560f
This is a proof of concept exploit for the Apple macOS remote events remote memory corruption vulnerability. It serves as a toolkit to help debug and trigger crashes.
b71c042ede4f92abca7d1cc98ba26d58de335a31e253ab82c25fea5b3120ba80
There is a vulnerability in Kik Messenger for Android that allows an attacker to send arbitrary XMPP stanzas (XMPP control messages) to another Kik client, including XMPP stanzas that are normally sent only by the Kik server. Included is a proof of concept that demonstrates sending of the stc stanza which triggers a captcha dialog and opens an arbitrary attacker-control webpage on the victim client. However, the full impact is likely larger than this, and includes any application features accessible over XMPP.
3f66b31a34e395df392668d6453b6eee4bbfd623765c95d99108116f95c8a143
Proof of concept script that exploits the remote code execution vulnerability affecting Atlassian Confluence versions 7.18 and below. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance. All supported versions of Confluence Server and Data Center are affected. Confluence Server and Data Center versions after 1.3.0 and below 7.18.1 are affected. The vulnerability has a CVSS score of 10 out of 10 for criticality.
af35a5a0af240395f62e977601885f29387ee4fc958081d1910e6f6f0d3d428a
Through the Wire is a proof of concept exploit for CVE-2022-26134, an OGNL injection vulnerability affecting Atlassian Confluence Server and Data Center versions 7.13.6 LTS and below and versions 7.18.0 "Latest" and below. This was originally a zero-day exploited in-the-wild.
942e5b3f32027294cb480a1f6e34ca8ed1933380c4aa4a79161e45a5c6ec7cbc
Proof of concept for the remote code execution vulnerability in MSDT known as Follina.
53ac1f74816b206d64cdb03e581a54d26e7aad446de7be2e6ecd1af77d47ebc2
Proof of concept exploit for the Microsoft Windows Support Diagnostic Tool (MSDT) remote code execution vulnerability dubbed Follina.
21dda01f8e88aa4687f62848057799f68aeaf508af81b73f3368b5656c8f92fe
Victorian Machinery is a proof of concept exploit for CVE-2022-30525. The vulnerability is an unauthenticated and remote command injection vulnerability affecting Zyxel firewall's that support zero touch provisioning. Zyxel pushed a fix for this issue on April 28, 2022. Multiple models are affected.
d85780bb5daa2abd4c685fc1f2bd14ad0bfe7fbd9a5a6a99b45f1efcddb6a0bf
F5 BIG-IP remote code execution proof of concept exploit that leverages the vulnerability identified in CVE-2022-1388.
2c3224e25af9797e9d7139c7d759da88b2eae07b09d164c4bf3a7423cfb95c06
Roxy File Manager version 1.4.5 proof of concept exploit for a PHP file upload restriction bypass vulnerability.
56429affeb38a91070ee24b0aaf512970594ce033504501832983da83e9dea5a
Variant proof of concept exploit for the Dirty Pipe file overwrite vulnerability. This version hijacks a SUID binary to spawn a root shell.
896e5b87da1c2dcdc6b5bf2a4c03daf9da0145521f3b205c1bcf72db8ff2340f
Proof of concept for a vulnerability in the Linux kernel existing since version 5.8 that allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes.
44e38035938b0841fe6c4b79375b95d9bdcc4665c0a63ed1dcb0ca5df0c03212
OpenBMCS version 2.4 create administrator proof of concept exploit that leverages a remote privilege escalation vulnerability.
dfa165d919105379e965f9f7c64bc72209b082357f408421bbd7348be571f7ea
Proof of concept for a Microsoft HTTP protocol stack vulnerability that causes a denial of service.
c2c18115a401a528cf1b5dc31c17571b0980e3c441f00ab74bcca4c29d729334
Apache Log4j2 versions 2.14.1 and below proof of concept remote code execution exploit. JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.
c8d0355e439c74ae436d3c409fe4b1f7b1c6c2d6fb97d2375bbaa49de94f642b
Docker proof of concept command execution exploit that leverages runc.
d839ae3cbe28eac31921153401a56b44bcb7aa9e71186e649af207b24a2573d0
Wipro Holmes Orchestrator version 20.4.1 unauthenticated arbitrary file reading proof of concept exploit.
aa43fdedfc7f5227a2a020d9bd25796fe6699fb9bbb47484e3814e5633c6039b