Showing 1 - 3 of 3

Files from JAS502N

First Active	2019-02-03
Last Active	2021-12-08

Grafana Arbitrary File Reading: Posted Dec 8, 2021; Authored by JAS502N | Site github.com; Grafana suffers from an unauthorized arbitrary file reading vulnerability. Version 8.3.1 addresses this issue.; tags | exploit, arbitrary; advisories | CVE-2021-43798; SHA-256 | 03758847d1cc50b64ba0545bbeb672ab0dab351105fe1fa058b3f6cde6f77d15; Download | Favorite | View

Apache Solr 8.3.0 Velocity Template Remote Code Execution: Posted Apr 3, 2020; Authored by Imran Dawoodjee, JAS502N, s00py, AleWong | Site metasploit.com; This Metasploit module exploits a vulnerability in Apache Solr versions 8.3.0 and below which allows remote code execution via a custom Velocity template. Currently, this module only supports Solr basic authentication. From the Tenable advisory: An attacker could target a vulnerable Apache Solr instance by first identifying a list of Solr core names. Once the core names have been identified, an attacker can send a specially crafted HTTP POST request to the Config API to toggle the params resource loader value for the Velocity Response Writer in the solrconfig.xml file to true. Enabling this parameter would allow an attacker to use the Velocity template parameter in a specially crafted Solr request, leading to remote code execution.; tags | exploit, remote, web, code execution; advisories | CVE-2019-17558; SHA-256 | 04c5dd5b8815196c9a380f26b4389f5a970acbe465ccd84df68c9cd5c9543808; Download | Favorite | View

LibSSH 0.7.6 / 0.8.4 Unauthorized Access: Posted Feb 3, 2019; Authored by JAS502N; LibSSH versions 0.7.6 and 0.8.4 unauthorized access proof of concept exploit.; tags | exploit, proof of concept; advisories | CVE-2018-10933; SHA-256 | c5b8fd0e5cbaa3811a98a28383bb380c8a42e3dea1a7a2195ac4e5790302813f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days