mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-27 13:20:31 +01:00
2.2 KiB
2.2 KiB
CVE-2015-3337
Description
Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
POC
Reference
- http://packetstormsecurity.com/files/131646/Elasticsearch-Directory-Traversal.html
- https://www.elastic.co/community/security
- https://www.exploit-db.com/exploits/37054/
Github
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Awrrays/FrameVul
- https://github.com/CLincat/vulcat
- https://github.com/CrackerCat/myhktools
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/GhostTroops/myhktools
- https://github.com/H4cking2theGate/TraversalHunter
- https://github.com/J1ezds/Vulnerability-Wiki-page
- https://github.com/Penterep/ptelastic
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/XiaomingX/awesome-poc-for-red-team
- https://github.com/ZTK-009/RedTeamer
- https://github.com/amcai/myscan
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/cc8700619/poc
- https://github.com/cyberharsh/elasticsearch
- https://github.com/do0dl3/myhktools
- https://github.com/enomothem/PenTestNote
- https://github.com/fengjixuchui/RedTeamer
- https://github.com/g1san/Agents-for-Vulnerable-Dockers-and-related-Benchmarks
- https://github.com/hktalent/myhktools
- https://github.com/huimzjty/vulwiki
- https://github.com/iqrok/myhktools
- https://github.com/jas502n/CVE-2015-3337
- https://github.com/password520/RedTeamer
- https://github.com/superfish9/pt
- https://github.com/t0m4too/t0m4to
- https://github.com/touchmycrazyredhat/myhktools
- https://github.com/trhacknon/myhktools
- https://github.com/zhibx/fscan-Intranet