jakabakos's repositories
CVE-2023-36664-Ghostscript-command-injection
Ghostscript command injection vulnerability PoC (CVE-2023-36664)
CVE-2023-50164-Apache-Struts-RCE
A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate file upload parameters that can potentially lead to unauthorized path traversal and remote code execution (RCE).
Apache-OFBiz-Authentication-Bypass
This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.
CVE-2023-36884-MS-Office-HTML-RCE
MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit
CVE-2023-22884-Airflow-SQLi
CVE-2023-22884 PoC
PHP-payload-injection-to-PNGs
Inject PHP payload into PNG files through PLTE chunks
CVE-2024-23692-RCE-in-Rejetto-HFS
Unauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692)
CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento
CosmicSting: critical unauthenticated XXE vulnerability in Adobe Commerce and Magento (CVE-2024-34102)
ShadowRay-RCE-PoC-CVE-2023-48022
ShadowRay RCE POC (CVE-2023-48022)
CVE-2022-22965-Spring4Shell
PoC and exploit for CVE-2022-22965 Spring4Shell
CVE-2022-40127-Airflow-RCE
CVE-2022-40127 PoC and exploit
CVE-2023-22518-Confluence-RCE-PoC
Improper Authorization Vulnerability in Confluence Data Center and Server
CVE-2023-33246_Apache_RocketMQ_RCE
CVE-2023-33246 RocketMQ RCE exploit
CVE-2024-0986-Issabel-PBX-4.0.0-RCE-exploit
Issabel PBX 4.0.0 Remote Code Execution (Authenticated) - CVE-2024-0986
CVE-2024-37032-Ollama-RCE
Path traversal in Ollama with rogue registry server