Discover @RandomRobbieBF Open Source projects

RandomRobbieBF

Stars
559
Global Rank 52,434 (Top 2 %)
Followers 206
Following 8
Registered over 5 years ago
Most used languages

Python
86.7 %

Go
8.3 %

Shell
3.3 %

Dockerfile
1.7 %
Location 🇬🇧 United Kingdom
Country Total Rank 3,458
Country Ranking

Python
512

Dockerfile
1,128

Go
1,595

Shell
2,097

CVE-2023-32243

CVE-2023-32243 - Essential Addons for Elementor 5.4.0-5.7.1 - Unauthenticated Privilege Escalation

Python

CVE-2023-2982

WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) <= 7.6.4 - Authentication Bypass

Python

grafana-ssrf

Authenticated SSRF in Grafana

Python

marshalsec-jar

marshalsec-0.0.3-SNAPSHOT-all compiled on X64

CVE-2023-7028

Python

phpunit-brute

Tool to try multiple paths for PHPunit RCE CVE-2017-9841

Python

wordpress-plugin-list

Wordpress Plugins List for Bruteforcing.

service-now

Service-Now Article Bruteforcer

Python

wp-file-manager

wp-file-manager RCE

Python

nuclei-drupal-sa

Nuclei templates for drupal vulns... far from perfect

CVE-2023-32117

Integrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints

CVE-2023-2732

MStore API <= 3.9.2 - Authentication Bypass

Python

kong-pwn

Use Exposed KongAPI to act like a proxy and get metadata urls or internal urls

Python

redash-reset

Python

CVE-2022-0952

Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update

Python

CVE-2023-5412

Image horizontal reel scroll slideshow <= 13.2 - Authenticated (Subscriber+) SQL Injection via Shortcode

coldfusion-amf

Coldfusion AMF PWN

Shell

super-secret-finder

Burp Plugin for Secret Matching

Python

CVE-2023-5204

AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response

CVE-2024-22145

InstaWP Connect <= 0.1.0.8 - Missing Authorization to Arbitrary Options Update (Subscriber+)

Python

simple-file-list-rce

Simple File List < 4.2.3 - Unauthenticated Arbitrary File Upload RCE

Python

CVE-2023-47840

Qode Essential Addons <= 1.5.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

Python

Log4J-Exploits

Log4J Exploits for Different Systems

Python

wordpress-exploits

Random Wordpres Exploits May or May Not Work.

CVE-2022-3904

CVE-2022-3904 MonsterInsights < 8.9.1 - Stored Cross-Site Scripting via Google Analytics

Python

woo

Exploit woocommerce SQLI and grab user and password hash

Python

SAP-brute

SAP Netweaver Login Bruteforcer.

Python

django-bruteforce

Django Admin Url Bruteforce tool.

Python

CVE-2020-12077

MapPress Maps Pro < 2.53.9 - Remote Code Execution (RCE) due to Incorrect Access Control in AJAX Actions

Python

CVE-2023-6700

Cookie Information | Free GDPR Consent Solution <= 2.0.22 - Authenticated (Subscriber+) Arbitrary Options Update

Python

wordpress-php-object-helper

Know a plugin has a php object exploit but need to find which lib to use?

Python

CVE-2023-2877

Formidable Forms < 6.3.1 - Subscriber+ Remote Code Execution

Python

csp-log4j

Finds CSP report urls and tests to see if they are vulnerable to log4j

CVE-2023-0630

CVE-2023-0630 - Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection

Python

what-wordpress

Tool to extract all themes and plugins that are shown on the front page of a wordpress site.

Python

dom-brute

Domain TLD prefix finder / 3rd party hosted.

Python

CVE-2024-0679

ColorMag <= 3.1.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

Python

CVE-2024-9593

Time Clock <= 1.2.2 & Time Clock Pro <= 1.1.4 - Unauthenticated (Limited) Remote Code Execution

juicy-php

Juicy-php - finds PHP info files with juicy information

Python

S3-from-csp

Extracts all S3 Buckets from CSP report headers and then tests for file upload vulns

struts-splunk

Vuln Apache Struts with splunk

Dockerfile

wordpress-plugins-scraper

Will open the first page of wordpress website and extract all js and css links with wp-content/plugins/

Python

dnn-cookie

DNN-Cookie Tester

Python

CVE-2022-1442

WordPress Plugin Metform <= 2.1.3 - Improper Access Control Allowing Unauthenticated Sensitive Information Disclosure

Shell

CVE-2023-45657

Nexter <= 2.0.3 - Authenticated (Subscriber+) SQL Injection via 'to' and 'from'

Python

CVE-2021-25032

PublishPress Capabilities < 2.3.1 - Unauthenticated Arbitrary Options Update to Blog Compromise

Python

CVE-2022-47615

LearnPress Plugin < 4.2.0 - Unauthenticated LFI Description

Python

static-file-checker

Checks Djangos /static/staticfiles.json for exposed creds using nuclei

CVE-2021-24356

Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Subscriber + Arbitrary Plugin Installation

Python

CVE-2023-5070

Social Media Share Buttons & Social Sharing Icons <= 2.8.5 - Information Exposure

Python

CVE-2023-45828

RumbleTalk Live Group Chat <= 6.1.9 - Missing Authorization via handleRequest

CVE-2022-45808

LearnPress Plugin < 4.2.0 - Unauthenticated SQLi

CVE-2022-45354

Download Monitor <= 4.7.60 - Sensitive Information Exposure via REST API

Python

js-jobs

JS Job Manager < 1.1.9 - Unauthenticated Arbitrary Plugin Installation/Activation

Python

CVE-2023-36531

LiquidPoll – Advanced Polls for Creators and Brands <= 3.3.68 - Missing Authorization via activate_addon

Python

CVE-2021-24647

CVE-2021-24647 Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login

Python

CVE-2023-47529

Cloud Templates & Patterns collection <= 1.2.2 - Sensitive Information Exposure via Log File

CVE-2019-15896

LifterLMS <= 3.34.5 - Unauthenticated Options Import

Python

CVE-2023-47179

WooODT Lite <= 2.4.6 - Missing Authorization to Arbitrary Options Update (Subscriber+)

Python

e-signature-poc

e-signature < 1.5.6.8 - Unauthenticated Remote Code Execution

binary-edge-render-extract

Create a datatable output from a binaryedge render scan

CVE-2022-0439

CVE-2022-0439 - Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection

Python

wordpress-bf

Brute Force Wordpress Blogs.

Python

postgres-bruteforcer

This tool takes a list of default creds and tests it against a postgresql server and logs any that work and the databases it has access to.

import-users-from-csv-with-meta

Import Users From CSV with Meta 1.15 - Unauthorised Authenticated Users Export

Python

CVE-2023-6985

10Web AI Assistant – AI content writing assistant <= 1.0.18 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation Description

Python

CVE-2024-4875

HT Mega – Absolute Addons For Elementor <= 2.5.2 - Missing Authorization to Options Update

Python

CVE-2023-46615

KD Coming Soon <= 1.7 - Unauthenticated PHP Object Injection via cetitle

CVE-2024-25092

NextMove Lite < 2.18.0 - Subscriber+ Arbitrary Plugin Installation/Activation

Python

CVE-2020-36730

CMP - Coming Soon & Maintenance < 3.8.2 - Improper Access Controls on AJAX Calls (Subscriber+)

Python

CVE-2023-51409

AI Engine: ChatGPT Chatbot <= 1.9.98 - Unauthenticated Arbitrary File Upload via rest_upload

learning-management-system

Masteriyo - LMS for WordPress <= 1.6.7 - Sensitive Information Exposure

Python

CVE-2022-1203

Content Mask < 1.8.4 - Subscriber+ Arbitrary Options Update

Python

CVE-2021-34621

ProfilePress 3.0 - 3.1.3 - Unauthenticated Privilege Escalation

Python

RandomRobbieBF

Top repositories