Reverse proxy for Loki with proper Grafana API authentication

Exploit for Grafana arbitrary file-read (CVE-2024-9264)

CVE-2022-23861: Multiple Stored Cross-Site Scripting in YSoft SafeQ

Universal, interactive, server-defined user interfaces made easy

This project is a REST API for authentication and authorization, including support for two-factor authentication (2FA).

CVE-2024-37081: Multiple Local Privilege Escalation in VMware vCenter Server

CVE-2024-22275: Partial File Read in VMware vCenter Server

CVE-2024-22274: Authenticated Remote Code Execution in VMware vCenter Server

This project serves as a starting point for building robust web applications leveraging the power of Next.js and NextAuth.js.

CVE-2021-42562: Improper Access Control in MITRE Caldera

CVE-2021-42561: Command Injection via the Human Plugin in MITRE Caldera

CVE-2021-42560: Unsafe XML Parsing in MITRE Caldera

CVE-2021-42559: Command Injection via Configurations in MITRE Caldera

MAL-007: XML External Entity via Local Registry Entries in WSO2 ESB

MAL-005: Zip Slip in Add Carbon Applications in WSO2 ESB

WSO2-2021-1261: Multiple Cross-Site Scripting in WSO2 ESB

WSO2-2021-1260: Deletion of Arbitrary files via Path Traversal in Artifact Name in WSO2 ESB

WSO2-2021-1258: Zip Slip vulnerability in WSO2 ESB

WSO2-2021-1259: H2 RCE via Malicious JDBC Connection String in WSO2 ESB

認識 JWT 以及透過 Django 實戰 📝