Pinned Repositories
CVE-2020-10238
CVE-2020-10238: Incorrect Access Control in com_templates PoC
CVE-2020-10239
CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC
CVE-2020-11890
CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE
CVE-2020-14321
Course enrolments allowed privilege escalation from teacher role into manager role to RCE
CVE-2021-21389
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.
CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
Joomla-SQLinjection
Collection about PoC for sql injection on Joomla
Moodle_RCE
pentest
WebShells
Webshell with the newest, easiest, and shortest code and technique.
HoangKien1020's Repositories
HoangKien1020/CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
HoangKien1020/CVE-2020-11890
CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE
HoangKien1020/CVE-2020-14321
Course enrolments allowed privilege escalation from teacher role into manager role to RCE
HoangKien1020/Joomla-SQLinjection
Collection about PoC for sql injection on Joomla
HoangKien1020/Moodle_RCE
HoangKien1020/CVE-2021-21389
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.
HoangKien1020/WebShells
Webshell with the newest, easiest, and shortest code and technique.
HoangKien1020/CVE-2020-10238
CVE-2020-10238: Incorrect Access Control in com_templates PoC
HoangKien1020/CVE-2020-10239
CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC
HoangKien1020/pentest
HoangKien1020/CVE-2020-24597
Directory traversal in com_media to RCE
HoangKien1020/CVE-2021-21014
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker.
HoangKien1020/Drupal_RCE
HoangKien1020/LTU14-GROUP03
BTL: Hệ thống ATM kết nối trao đổi thông qua RMI
HoangKien1020/PoC-Collection
PoC-Collection about some CVEs
HoangKien1020/CVE-2020-25627
Stored XSS via moodlenetprofile parameter in user profile
HoangKien1020/iOSPentest101
iOS Pentest 101