cve/CVE-2022-1162.md at 43553e9af13bbdba84028635c21659dede3160a7

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, SAML) in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts

POC

Reference

http://packetstormsecurity.com/files/166828/Gitlab-14.9-Authentication-Bypass.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/DarkFunct/CVE_Exploits
https://github.com/Greenwolf/CVE-2022-1162
https://github.com/NaInSec/CVE-PoC-in-GitHub
https://github.com/SYRTI/POC_to_review
https://github.com/WhooAmii/POC_to_review
https://github.com/ipsBruno/CVE-2022-1162
https://github.com/k0mi-tg/CVE-POC
https://github.com/manas3c/CVE-POC
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/toowoxx/gitlab-password-reset-script
https://github.com/trganda/dockerv
https://github.com/trhacknon/Pocingit
https://github.com/whoforget/CVE-POC
https://github.com/youwizard/CVE-POC
https://github.com/zecool/cve

1.4 KiB Raw Blame History

CVE-2022-1162

Description

POC

Reference

Github

1.4 KiB

Raw Blame History