mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-28 18:48:49 +00:00
45 lines
1.8 KiB
Markdown
45 lines
1.8 KiB
Markdown
### [CVE-2024-34470](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34470)
|
|
|
|
|
|
|
|
|
|
### Description
|
|
|
|
An issue was discovered in HSC Mailinspector 5.2.17-3 through v.5.2.18. An Unauthenticated Path Traversal vulnerability exists in the /public/loader.php file. The path parameter does not properly filter whether the file and directory passed are part of the webroot, allowing an attacker to read arbitrary files on the server.
|
|
|
|
### POC
|
|
|
|
#### Reference
|
|
- https://github.com/osvaldotenorio/CVE-2024-34470
|
|
|
|
#### Github
|
|
- https://github.com/0day404/HV-2024-POC
|
|
- https://github.com/12442RF/POC
|
|
- https://github.com/AboSteam/POPC
|
|
- https://github.com/Cappricio-Securities/CVE-2024-34470
|
|
- https://github.com/DMW11525708/wiki
|
|
- https://github.com/Lern0n/Lernon-POC
|
|
- https://github.com/Linxloop/fork_POC
|
|
- https://github.com/Mr-r00t11/CVE-2024-34470
|
|
- https://github.com/Ostorlab/KEV
|
|
- https://github.com/WhosGa/MyWiki
|
|
- https://github.com/Yuan08o/pocs
|
|
- https://github.com/admin772/POC
|
|
- https://github.com/adminlove520/pocWiki
|
|
- https://github.com/adysec/POC
|
|
- https://github.com/bigb0x/CVE-2024-34470
|
|
- https://github.com/cisp-pte/POC-20241008-sec-fork
|
|
- https://github.com/eeeeeeeeee-code/POC
|
|
- https://github.com/fkie-cad/nvd-json-data-feeds
|
|
- https://github.com/greenberglinken/2023hvv_1
|
|
- https://github.com/iemotion/POC
|
|
- https://github.com/laoa1573/wy876
|
|
- https://github.com/nomi-sec/PoC-in-GitHub
|
|
- https://github.com/oLy0/Vulnerability
|
|
- https://github.com/osvaldotenorio/CVE-2024-34470
|
|
- https://github.com/th3gokul/CVE-2024-34470
|
|
- https://github.com/wjlin0/poc-doc
|
|
- https://github.com/wy876/POC
|
|
- https://github.com/wy876/wiki
|
|
|