Skip to content

Instantly share code, notes, and snippets.

View a1k-ghaz1's full-sized avatar

a1k-ghaz1

18 followers · 341 following
View GitHub Profile
@a1k-ghaz1
a1k-ghaz1 / exploitable_webpaths.md
Created April 29, 2024 16:03 — forked from kafkaesqu3/exploitable_webpaths.md
easy wins - exploitable/leaky web paths
Exploit/description Path
Microsoft Office Online Server SSRF (relay) /op/view.aspx
CVE-2017-11317 CVE-2019-18935 /Telerik.Web.Ui.WebResource.axd?type=rau
CVE-2017-11317 CVE-2019-18935 /Telerik.Web.UI.DialogHandler.aspx
CVE-2020-17519 /jobmanager/logs/
CVE-2017-7615 /verify.php?id=1&confirm_hash=
CVE-2018-1000130 /jolokia
CVE-2018-1000130 /actuator/jolokia
leak /actuator/env