HoangKien1020

Pinned Repositories

CVE-2020-10238
CVE-2020-10238: Incorrect Access Control in com_templates PoC
Language:Python7 1 14
CVE-2020-10239
CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC
Language:Python7 1 12
CVE-2020-11890
CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE
Language:Python63 2 115
CVE-2020-14321
Course enrolments allowed privilege escalation from teacher role into manager role to RCE
Language:Python40 0 09
CVE-2021-21389
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.
Language:Python18 1 07
CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
Language:Python71 2 030
Joomla-SQLinjection
Collection about PoC for sql injection on Joomla
31 2 09
Moodle_RCE
22 1 07
pentest
Language:Python6 1 03
WebShells
Webshell with the newest, easiest, and shortest code and technique.
Language:ASP.NET10 2 07

HoangKien1020's Repositories

HoangKien1020/CVE-2021-23132
com_media allowed paths that are not intended for image uploads to RCE
Language:Python71 2 030
HoangKien1020/CVE-2020-11890
CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE
Language:Python63 2 115
HoangKien1020/CVE-2020-14321
Course enrolments allowed privilege escalation from teacher role into manager role to RCE
Language:Python40 0 09
HoangKien1020/Joomla-SQLinjection
Collection about PoC for sql injection on Joomla
31 2 09
HoangKien1020/Moodle_RCE
22 1 07
HoangKien1020/CVE-2021-21389
BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.
Language:Python18 1 07
HoangKien1020/WebShells
Webshell with the newest, easiest, and shortest code and technique.
Language:ASP.NET10 2 07
HoangKien1020/CVE-2020-10238
CVE-2020-10238: Incorrect Access Control in com_templates PoC
Language:Python7 1 14
HoangKien1020/CVE-2020-10239
CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC
Language:Python7 1 12
HoangKien1020/pentest
Language:Python6 1 03
HoangKien1020/CVE-2020-24597
Directory traversal in com_media to RCE
5 1 02
HoangKien1020/CVE-2021-21014
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker.
5 1 02
HoangKien1020/Drupal_RCE
4 1 01
HoangKien1020/LTU14-GROUP03
BTL: Hệ thống ATM kết nối trao đổi thông qua RMI
Language:Java4 2 02
HoangKien1020/PoC-Collection
PoC-Collection about some CVEs
Language:PHP41
HoangKien1020/CVE-2020-25627
Stored XSS via moodlenetprofile parameter in user profile
3 1 0
HoangKien1020/iOSPentest101
iOS Pentest 101
Language:JavaScript