0xAgun/grafana_lfi

Stars
1
Language
Python
Created almost 3 years ago
Updated almost 3 years ago

0xAgun/grafana_lfi

0xAgun

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Grafana has a public API endpoint, /public/plugins/:pluginId, which allows you to view a plugin's assets. This works by providing a valid :pluginId and then specifying the file path, such as img/logo.png. However, Grafana fails to sanitize the user provided file path, leading to path traversal.

universal-bypass

This Tool bypass 403/401. This script contain all the possible techniques to do the bypass

All1

Automated Recon Tool Installer

idb-shodan

Fast IP Lookups for Open Ports and Vulnerabilities from API internetdb shodan

CVE-2021-40870

Aviatrix Controller 6.x before 6.5-1804.1922. Unrestricted upload of a file which allows an unauthenticated user to execute arbitrary code via directory traversal

google-junk

A script to search for URLs according the dork and collect form cetain page testing for vulnerabilities

exploit-shodan

Exploit Shodan is the CVE info finder . Simple CVE find in shodan exploit domain.

subscribe-for-more

CVE-mon

CVEmon can show you the daily/weekly popular cves in terminal with desription and severity

spring4shell

CVE-2022-29464

CVE-2019-18935-checker

Reflex-Arbitrary-File-Upload

HTB-Scripts

CVE-2022-26134

CVE-2022-1388

github-dorker

mass-telrik

gdork-online

acqufin

Reconau

Arbitrary-File-Upload-ZoomSounds

ZoomSounds < 6.05 allowing unauthenticated users to upload an arbitrary file anywhere on the web server.