EJS-Exploit
CVE-2022-26134
EJS-Exploit | CVE-2022-26134 | |
---|---|---|
1 | 1 | |
11 | 258 | |
- | - | |
0.0 | 6.8 | |
almost 3 years ago | almost 2 years ago | |
Python | Python | |
MIT License | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
EJS-Exploit
-
Simple Remote Code Execution on EJS Web Applications with express-fileupload
TLDR with no explaination
CVE-2022-26134
What are some alternatives?
express-fileupload - Simple express file upload middleware that wraps around busboy
sigma - Main Sigma Rule Repository
Egyscan - Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
tomcat-jmxproxy-rce-exp - Apache Tomcat JMXProxy RCE
PayloadsAllTheThings - A list of useful payloads and bypass for Web Application Security and Pentest/CTF
CVE-2022-26134-Exploit-Detection - This repository contains Yara rule and the method that a security investigator may want to use for CVE-2022-26134 threat hunting on their Linux confluence servers.
Youtube-Downloader - Download video and audio from YouTube links.
DogWalk-rce-poc - 🐾Dogwalk PoC (using diagcab file to obtain RCE on windows)
py4jshell - Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.
CVE-2022-26134 - [CVE-2022-26134]Confluence OGNL expression injected RCE with sandbox bypass.
Serein - 【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
CVE-2021-40444 - CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit