Trương Hữu Phúc's repositories
CVE-2024-39943-Poc
CVE-2024-39943 rejetto HFS (aka HTTP File Server) 3 before 0.52.10 on Linux, UNIX, and macOS allows OS command execution by remote authenticated users (if they have Upload permissions). This occurs because a shell is used to execute df (i.e., with execSync instead of spawnSync in child_process in Node.js).
CVE-2024-27956
CVE-2024-27956 WordPress Automatic < 3.92.1 - Unauthenticated SQL Injection
CVE-2024-3495-Poc
CVE-2024-3495 Country State City Dropdown CF7 <= 2.7.2 - Unauthenticated SQL Injection
CVE-2024-3806-AND-CVE-2024-3807-Poc
CVE-2024-3806: Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CVE-2024-3807: Porto <= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta
CVE-2024-5326-Poc
CVE-2024-5326 Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX <= 4.1.2 - Missing Authorization to Arbitrary Options Update
CVE-2024-32523-Poc
CVE-2024-32523 Mailster <= 4.0.6 - Unauthenticated Local File Inclusion
CVE-2024-27971-Note
CVE-2024-27971 WordPress Premmerce Permalink Manager for WooCommerce Plugin <= 2.3.10 is vulnerable to Local File Inclusion
CVE-2024-32709-Poc
CVE-2024-32709 WP-Recall – Registration, Profile, Commerce & More <= 16.26.5 - Unauthenticated SQL Injection
CVE-2024-6028-Poc
CVE-2024-6028 Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter
CVE-2024-30491-Poc
CVE-2024-30491 ProfileGrid <= 5.7.8 - Authenticated (Subscriber+) SQL Injection
CVE-2024-4443-Poc
CVE-2024-4443 Business Directory Plugin – Easy Listing Directories for WordPress <= 6.4.2 - Unauthenticated SQL Injection via listingfields Parameter
CVE-2024-4898-Poc
CVE-2024-4898 InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.38 - Missing Authorization to Unauthenticated API setup/Arbitrary Options Update/Administrative User Creation
CVE-2024-5522-Poc
CVE-2024-5522 HTML5 Video Player <= 2.5.26 - Unauthenticated SQL Injection
bug-bounty
list of bug bounty writeups
CVE-2024-27972-Poc
CVE-2024-27972 WP Fusion Lite <= 3.41.24 - Authenticated (Contributor+) Remote Code Execution
CVE-2024-3293-Poc
CVE-2024-3293 rtMedia for WordPress, BuddyPress and bbPress <= 4.6.18 - Authenticated (Contributor+) SQL Injection via rtmedia_gallery Shortcode
CVE-2024-3552-Poc
CVE-2024-3552 Web Directory Free <= 1.6.9 - Unauthenticated SQL Injection
CVE-2024-3922-Poc
Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection
CVE-2024-4295-Poc
CVE-2024-4295 Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash
CVE-2024-4352-Poc
CVE-2024-4352 Tutor LMS Pro <= 2.7.0 - Missing Authorization to SQL Injection
4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
Golden-Guide-for-Pentesting
Golden Guide
OWASP-ZAP-Scripts
OWASP ZAP Proxy Scripts Scan CVE
poc-proxycommand-vulnerable-v2
Proof of conept to exploit vulnerable proxycommand configurations on ssh clients
templates_bugcrowd
Repository to house markdown templates for researchers