Chocapikk/CVE-2024-21887 Chocapikk/CVE-2024-21887

  • Stars
    star
    50
  • Rank 577,233 (Top 12 %)
  • Language
    Python
  • Created 10 months ago
  • Updated 10 months ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
Chocapikk/CVE-2024-21887
github

Chocapikk

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send specially crafted requests and execute arbitrary commands on the appliance.

More Repositories

1

CVE-2023-29357

Microsoft SharePoint Server Elevation of Privilege Vulnerability
Python
224
star
2

CVE-2024-25600

Unauthenticated Remote Code Execution – Bricks <= 1.9.6
Python
146
star
3

CVE-2023-22515

CVE-2023-22515: Confluence Broken Access Control Exploit
Python
127
star
4

CVE-2024-3273

D-Link NAS CVE-2024-3273 Exploit Tool
Python
90
star
5

CVE-2023-6553

Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
Python
71
star
6

CVE-2024-36401

GeoServer Remote Code Execution
Python
71
star
7

CVE-2023-4966

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server.
Python
70
star
8

CVE-2024-34102

CosmicSting (CVE-2024-34102)
Python
37
star
9

CVE-2024-8504

VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)
Python
37
star
10

CVE-2024-27198

Proof of Concept for Authentication Bypass in JetBrains TeamCity Pre-2023.11.4
Python
32
star
11

LFIHunt

Advanced Tool To Scan And Exploit Local File Inclusion (LFI) Vulnerabilities
Python
31
star
12

CVE-2024-4577

PHP CGI Argument Injection vulnerability
Python
29
star
13

CVE-2024-21893-to-CVE-2024-21887

CVE-2024-21893 to CVE-2024-21887 Exploit Toolkit
Python
25
star
14

CVE-2024-1212

Unauthenticated Command Injection In Progress Kemp LoadMaster
Python
14
star
15

CVE-2023-50917

MajorDoMo Unauthenticated RCE: Deep Dive & Exploitation Techniques
Python
14
star
16

CVE-2024-29269

An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary system commands via the Cmd parameter.
Python
13
star
17

CVE-2023-30943

A Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.
Python
12
star
18

CVE-2024-3400

Python
11
star
19

CVE-2023-46805

Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research
Python
11
star
20

CVE-2023-51467

Apache OfBiz Auth Bypass Scanner for CVE-2023-51467
Python
10
star
21

CVE-2023-22527

Atlassian Confluence - Remote Code Execution
Python
9
star
22

CVE-2023-5360

Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.
Python
9
star
23

CVE-2024-7954

Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12
Python
9
star
24

CVE-2024-20767

Exploit Toolkit for Adobe ColdFusion CVE-2024-20767 Vulnerability
Python
8
star
25

CVE-2024-8517

SPIP BigUp Plugin Unauthenticated RCE
Python
8
star
26

LeakPy

LeakIX API Client/lib
Python
7
star
27

Balgo-Crypter

Balgo Crypter is a Xor encoded payload generation utility with hexadecimal.
Python
7
star
28

CVE-2024-5084

Hash Form – Drag & Drop Form Builder <= 1.1.0 - Unauthenticated Arbitrary File Upload to Remote Code Execution
Python
6
star
29

CVE-2023-27372

SPIP Vulnerability Scanner - CVE-2023-27372 Detector
Python
6
star
30

Ghost-Framework

Modified Version of Ghost Framework
Python
5
star
31

CVE-2024-45519

Zimbra - Remote Command Execution (CVE-2024-45519)
Python
5
star
32

CVE-2024-22899-to-22903-ExploitChain

Comprehensive Exploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery <= 7.2
Python
5
star
33

CVE-2017-9841

PHPUnit RCE
Python
4
star
34

CVE-2022-27925-Revshell

Python Script to exploit Zimbra Auth Bypass + RCE (CVE-2022-27925)
Python
4
star
35

CVE-2022-40684

Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684) [ Mass Exploit ]
Python
4
star
36

CVE-2022-1388

CVE-2022-1388 | F5 - Big IP Pre Auth RCE via '/mgmt/tm/util/bash' endpoint
Python
4
star
37

CVE-2024-31819

Unauthenticated Remote Code Execution (RCE) Vulnerability in WWBNIndex Plugin of AVideo Platform from 12.4 to 14.2
Python
4
star
38

CVE-2023-35885

CloudPanel 2 Remote Code Execution Exploit
PHP
3
star
39

CVE-2022-26134

CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection
Python
3
star
40

CVE-2022-31814

pfBlockerNG <= 2.1.4_26 Unauth RCE (CVE-2022-31814)
Python
3
star
41

dorkscanner

Python
3
star
42

CVE-2023-3519

Citrix ADC RCE CVE-2023-3519
Python
3
star
43

CTF-Challenges

This repo contains challenges I made to train my friends
PHP
3
star
44

CVE-2022-29303

Python script to exploit CVE-2022-29303
Python
3
star
45

My-CVEs

List of my CVEs
3
star
46

CVE-2023-1698

WAGO Remote Exploit Tool for CVE-2023-1698
Python
3
star
47

CVE-2023-28432

Automated vulnerability scanner for CVE-2023-28432 in Minio deployments, revealing sensitive environment variables.
Python
3
star
48

CyberPanel

CyberPanel v2.3.6 Pre-Auth RCE Exploit Tool
Python
3
star
49

msf-exploit-collection

✪ Collection of Metasploit Modules ✪
Ruby
3
star
50

CVE-2022-29464

Python script to exploit CVE-2022-29464 (mass mode)
Python
2
star
51

NmapWeb-Choca

Use nmap from Flask App (testing purpose)
HTML
2
star
52

CVE-2021-46422

Telesquare SDT-CW3B1 1.1.0 - OS Command Injection
Python
2
star
53

PersonalRobloxScripts

Here is my personal exploits
Lua
2
star
54

CVE-2023-33617

Authenticated OS command injection vulnerability (CVE-2023-33617)
Python
2
star
55

CVE-2022-22954

Python script to exploit CVE-2022-22954 and then exploit CVE-2022-22960
Python
2
star
56

SQLI-DIOS

Created SQLI DIOS
2
star
57

CVE-2022-30525-Reverse-Shell

Simple python script to exploit CVE-2022-30525 (FIXED): Zyxel Firewall Unauthenticated Remote Command Injection
Python
2
star
58

BalgoFuckerrrr

SSH Botnet remastored by Balgo Security and mindfuckerrrr
Python
2
star
59

CVE-2021-41773

Python
2
star
60

CVE-2021-35064

Python script to exploit CVE-2021-35064 and CVE-2021-36356
Python
2
star
61

CVE-2022-44877

Bash Script for Checking Command Injection Vulnerability on CentOS Web Panel [CWP] (CVE-2022-44877)
Shell
2
star
62

VSCode-Config-File-Parser

This program is designed to parse Visual Studio Code configuration files (sftp.json) that may be exposed on the internet
Python
2
star
63

CVE-2022-39952

PoC for CVE-2022-39952 affecting Fortinet FortiNAC.
Python
2
star
64

CVE-2022-29455

DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions.
Python
2
star
65

CVE-2022-36804-ReverseShell

PoC exploit for CVE-2022-36804 (BitBucket Critical Command Injection)
Python
2
star
66

CVE-2023-35082

Remote Unauthenticated API Access Vulnerability in MobileIron Core 11.2 and older
Python
2
star
67

CVE-2023-38646

Remote Code Execution on Metabase CVE-2023-38646
Python
2
star
68

pentest-reseau

Projet de pentest réseau automatisé
Python
2
star
69

CVE-2023-36846

Remote Code Execution on Junos OS CVE-2023-36846
Python
2
star
70

CVE-2019-19492

FreeSWITCH Exploit (CVE-2019-19492)
Python
2
star
71

PythonRAT

botnet
Python
1
star
72

GithubBackup

GitHub Backup Script
Shell
1
star
73

Shells

PHP
1
star
74

onelinepy

Python
1
star
75

MultiPwn

Python
1
star
76

Piano-Tiles-Bot

My own Bot to cheat on Piano Tiles
Python
1
star
77

projet_selinux

Projet SELinux
Shell
1
star
78

sinkhole

Sinkhole for my school project
Python
1
star
79

ssl_explorer

A CLI Tool for Extracting Server Ownership Clues from SSL/TLS Certificates
Go
1
star
80

lfi-training

LFI Challenge - Capture The Flag (CTF)
PHP
1
star