KIEN HOANG's repositories
CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
CVE-2020-11890
CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE
CVE-2020-14321
Course enrolments allowed privilege escalation from teacher role into manager role to RCE
Joomla-SQLinjection
Collection about PoC for sql injection on Joomla
CVE-2021-21389
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.
CVE-2020-10238
CVE-2020-10238: Incorrect Access Control in com_templates PoC
CVE-2020-10239
CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC
CVE-2020-24597
Directory traversal in com_media to RCE
CVE-2021-21014
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker.
LTU14-GROUP03
BTL: Hệ thống ATM kết nối trao đổi thông qua RMI
PoC-Collection
PoC-Collection about some CVEs
CVE-2020-25627
Stored XSS via moodlenetprofile parameter in user profile
iOSPentest101
iOS Pentest 101