mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
1.9 KiB
1.9 KiB
CVE-2015-3337
Description
Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
POC
Reference
- http://packetstormsecurity.com/files/131646/Elasticsearch-Directory-Traversal.html
- https://www.elastic.co/community/security
- https://www.exploit-db.com/exploits/37054/
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Awrrays/FrameVul
- https://github.com/CLincat/vulcat
- https://github.com/CrackerCat/myhktools
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/GhostTroops/myhktools
- https://github.com/H4cking2theGate/TraversalHunter
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/ZTK-009/RedTeamer
- https://github.com/amcai/myscan
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/cyberharsh/elasticsearch
- https://github.com/do0dl3/myhktools
- https://github.com/enomothem/PenTestNote
- https://github.com/fengjixuchui/RedTeamer
- https://github.com/hktalent/myhktools
- https://github.com/huimzjty/vulwiki
- https://github.com/iqrok/myhktools
- https://github.com/jas502n/CVE-2015-3337
- https://github.com/password520/RedTeamer
- https://github.com/superfish9/pt
- https://github.com/t0m4too/t0m4to
- https://github.com/touchmycrazyredhat/myhktools
- https://github.com/trhacknon/myhktools
- https://github.com/zhibx/fscan-Intranet