Skip to content

Latest commit

 

History

History
215 lines (167 loc) · 14.1 KB

README.md

File metadata and controls

215 lines (167 loc) · 14.1 KB

OCD CVE Repository


The content provided in this CVE repository is intended for informational purposes only. The vulnerabilities and associated information documented here are provided "as is" and are not subject to any support. By using this repository, you acknowledge and agree that you are using the information contained herein at your own risk. We will not be liable for any direct, indirect or other kinds of damages.


CVE ID Exploit Type Product Author(s) References
CVE-2024-23767 PoC Configuration tampering Anybus X-Gateway Claire VACHEROT Blog post
CVE-2024-23766 PoC Denial of service Anybus X-Gateway Claire VACHEROT Blog post
CVE-2024-23765 - Denial of service Anybus X-Gateway Claire VACHEROT Blog post
CVE-2023-44256 PoC SSRF Fortinet FortiManager & FortiAnalyzer Mickael DORIGNY Advisory
CVE-2023-44249 - Authorization bypass Fortinet FortiManager & FortiAnalyzer Mickael DORIGNY Advisory
CVE-2023-42787 PoC Unprivileged user, web console CLI access Fortinet FortiManager & FortiAnalyzer Mickael DORIGNY Advisory
CVE-2023-41320 PoC SQLi (update clause) GLPI < 10.1.0 Guilhem RIOUX Advisory
CVE-2023-33303 - Insufficient Session Expiration Fortinet FortiEDR Kevin CARLI Advisory
CVE-2023-26469 PoC, MS Path traversal Jorani/bbalet Guilhem RIOUX -
CVE-2023-23565 PoC Local File Inclusion (authenticated) Geomatika IsiGeo Web 6.0 Romain PENLOUP -
CVE-2023-23564 PoC Command injection (authenticated) Geomatika IsiGeo Web 6.0 Romain PENLOUP & Guilhem RIOUX -
CVE-2023-23563 PoC SQL Injection (authenticated) Geomatika IsiGeo Web 6.0 Romain PENLOUP -
CVE-2023-20065 - Local Privilege Escalation CISCO IOS XE Software Mickael DORIGNY & Benoit MALABOEUF Advisory
CVE-2022-45186 PoC Authenticated Database Leak SuiteCRM <= 7.12.7 (<= 8.2.0) Guilhem RIOUX -
CVE-2022-45185 PoC Authenticated RCE (arbitrary unserialize) SuiteCRM <= 7.12.7 (<= 8.2.0) Guilhem RIOUX -
CVE-2022-41573 PoC File Upload Ovidentia 8.3 Nidal GUEDOUAR -
CVE-2022-41572 PoC Privilege escalation Eyesofnetwork <= 5.3 Guilhem RIOUX -
CVE-2022-41571 PoC Authenticated local file inclusion Eyesofnetwork <= 5.3 Guilhem RIOUX -
CVE-2022-41570 PoC Unauthenticated sql injection Eyesofnetwork <= 5.3 Guilhem RIOUX -
CVE-2022-35914 PoC Unauthenticated RCE GLPI (versions < 10.0.3 < 9.5.9 ) Cyril SERVIERES Blog post
CVE-2022-34346 PoC SQL Injection (Authentificated) PMB (version 7.4.1 ) Mike HOUZIAUX -
CVE-2022-34328 PoC XSS (Reflected) PMB (version 7.3.10 ) Mike HOUZIAUX -
CVE-2021-46107 PoC Unauthenticated SSRF Ligeo Archives (version < 4.0.78) Guilhem RIOUX -
CVE-2021-44032 PoC Authentication Bypass TP-Link Omada SDN Controler V4.4.4 (Windows) Kevin LEHONGRE -
CVE-2021-42056 - Privilege Escalation Safenet Authentication Client (Linux) Wilfried PASCAULT -
CVE-2021-36355 - File upload to RCE evolucaire imaging <8.5 (8.2.0.12) Cyril SERVIERES -
CVE-2020-25287 PoC Authenticated RCE Pligg 2.0.3 Mike HOUZIAUX -
CVE-2020-17454 PoC Self XSS WSO2 API Manager: 3.1.0 or earlier Zakaria BRAHIMI Advisory
CVE-2020-14950 PoC Authenticated RCE aapanel 6.6.6 Mike HOUZIAUX -
CVE-2020-14462 PoC Authenticated reflected XSS Caldera 2.7.0 Aurélien CHALOT -
CVE-2020-14421 PoC Authenticated RCE aapanel 6.6.6 Mike HOUZIAUX -
CVE-2020-14295 PoC Authenticated RCE (from SQLi) cacti (1.2.7, 1.2.12) Cyril SERVIERES Advisory
CVE-2020-14146 PoC XSS (Reflected) KumbiaPHP 1.1.1 Mike HOUZIAUX -
CVE-2020-11712 PoC XSS (Reflected) Openupload 0.4.3 Mike HOUZIAUX -
CVE-2020-10787 PoC Root EoP VestaCP 0.9.8-26 Alexandre ZANNI Post
CVE-2020-10786 PoC Authenticated RCE VestaCP 0.9.8-26 Alexandre ZANNI Post
CVE-2020-10220 Exploit Unauthenticated SQLi rConfig < 3.9.4 Jean-Pascal THOMAS Blog post
CVE-2020-8776
CVE-2020-8777
CVE-2020-8778
Exploit Stored XSS Alfresco 5.2.4 Alexandre ZANNI & Romain LOISEL Post
CVE-2020-1949 PoC Reflected XSS Sling CMS App 0.14.0 and previous releases Guillaume GRABÉ Advisory
CVE-2019-19585 PoC Root LPE rConfig < 3.9.4 Jean-Pascal THOMAS Blog post
CVE-2019-19509 Exploit Authenticated RCE rConfig < 3.9.4 Jean-Pascal THOMAS Blog post
CVE-2019-15253 Exploit Stored XSS Cisco DNAC 1.3 Dylan GARNAUD & Benoit MALABOEUF Advisory
CVE-2019-13029 Exploit Stored XSS REDCap 8.10/9.1 Alexandre ZANNI & Dylan GARNAUD Post

Note: the table is sorted by CVE ID.