Skip to content
This repository has been archived by the owner on Oct 16, 2024. It is now read-only.

Commit

Permalink
fixed vulnerability
Browse files Browse the repository at this point in the history
  • Loading branch information
@racheljiang310
racheljiang310 committed Jun 2, 2024
1 parent 26a3774 commit cfd9210
Showing 21 changed files with 87 additions and 96 deletions.
1 change: 0 additions & 1 deletion archetypes/default.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
+++
title = '{{ replace .File.ContentBaseName "-" " " | title }}'
date = {{ .Date }}
draft = true
+++
1 change: 0 additions & 1 deletion content/CVEX/CVEX-2017-1000499.md
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@ title: CVEX-2017-1000499
description: phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
layout: single
date: 2024-05-27T15:34:00-07:00
draft: true
weight: 50
url: /CVEX-2017-1000499/
---
1 change: 0 additions & 1 deletion content/CVEX/CVEX-2023-0286.md
View file
Original file line number Diff line number Diff line change
@@ -2,7 +2,6 @@
title: CVEX-2023-0286
description: Clones openssl version 3.0.7, containing a vulnerability that attributes the wrong variable type (ASN1_TYPE rather than ASN1_STRING) to a x509 address, allowing elevation of privilege.
layout: single
draft: true
weight: 50
url: /CVEX-2023-0286/
---
1 change: 0 additions & 1 deletion content/CVEX/CVEX-2023-28155.md
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@ title: CVEX-2023-28155
description: The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.
layout: single
date: 2024-05-27T15:34:00-07:00
draft: true
weight: 50
url: /CVEX-2023-28155/
---
1 change: 0 additions & 1 deletion content/CVEX/CVEX-2023-31419.md
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@ title: CVEX-2023-31419
description: A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.
layout: single
date: 2024-05-27T15:34:00-07:00
draft: true
weight: 50
url: /CVEX-2023-31419/
---
1 change: 0 additions & 1 deletion content/CVEX/CVEX-2023-42282.md
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@ title: CVEX-2023-42282
description: The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.
layout: single
date: 2024-05-27T15:34:00-07:00
draft: true
weight: 50
url: /CVEX-2023-42282/
---
1 change: 0 additions & 1 deletion content/CVEX/CVEX-2024-21508.md
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@ title: CVEX-2024-21508
description: CVE-2024-21508 is a vulnerability found in versions of the mysql2 <= 3.9.4. This vulnerability allows for Remote Code Execution (RCE) through the readCodeFor function, due to improper validation of the supportBigNumbers and bigNumberStrings values. It does not require any specific privileges or user interaction and can be exploited over a network. The potential impact includes high integrity and confidentiality impact, as well as high availability impact.
layout: single
date: 2024-05-27T15:34:00-07:00
draft: true
weight: 50
url: /CVEX-2024-21508/
---
1 change: 0 additions & 1 deletion content/CVEX/CVEX-XPLOR.md
View file
Original file line number Diff line number Diff line change
@@ -3,7 +3,6 @@ title: CVEX-XPLOR
description: A Proof of Concept Demonstration of our CVEX model/framework
layout: single
date: 2024-05-27T15:34:00-07:00
draft: true
weight: 50
url: /CVEX-XPLOR/
---
2 changes: 1 addition & 1 deletion content/_index.md
View file
Original file line number Diff line number Diff line change
@@ -2,7 +2,7 @@
title: Common Vulnerability and Exposure Executables (CVEX)
description:
layout: single
draft: true
url: /
---
### A Collection of our Completed CVEXes
This static HUGO website serves as a database of completed CVEXes. These CVEXes were created by the Team of Professors Kruegel & Vigna, with 4 undergraduate researchers affiliated with UCSB's Early Research Scholars Program 2023-2024 cohort.
1 change: 0 additions & 1 deletion content/research.md
View file
Original file line number Diff line number Diff line change
@@ -2,7 +2,6 @@
title: About Xplor CVEX
description:
layout: single
draft: true
url: /research/
---

2 changes: 1 addition & 1 deletion hugo.toml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
baseURL = '/'
baseURL = 'http://xplor-cvex.seclab.cs.ucsb.edu/'
languageCode = 'en-us'
relativeURLs = true
title = 'Common Vulneravilities and Exposures with Exploits'
16 changes: 8 additions & 8 deletions public/404.html
View file
Original file line number Diff line number Diff line change
@@ -7,12 +7,12 @@
<meta name="description" content="" />
<meta name="keywords" content="" />
<meta name="robots" content="noodp" />
<link rel="canonical" href="//localhost:1313/404.html" />
<link rel="canonical" href="http://localhost:1313/404.html" />
<meta property="og:locale" content="en" />
<meta property="og:title" content="404 Page not found :: Common Vulneravilities and Exposures with Exploits" />
<meta property="og:description" content="" />
<meta property="og:type" content="website" />
<meta property="og:url" content="//localhost:1313/404.html" />
<meta property="og:url" content="http://localhost:1313/404.html" />
<meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:image" content="" />
<meta property="og:image:width" content="2048" />
@@ -28,7 +28,7 @@
rel="stylesheet"
/>
<link href="./404.html" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
<link rel="stylesheet" href="//localhost:1313/styles.css" />
<link rel="stylesheet" href="http://localhost:1313/styles.css" />
</head>

<body>
@@ -38,7 +38,7 @@
<nav class="navbar">
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="//localhost:1313/">Home</a></li>
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="./research/">Statement</a></li>
<li><a href="./directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="./directoryv2/">CVEX 2.0 Directory</a></li>
@@ -64,20 +64,20 @@
<h1 class="post-title">404 — Page not found...</h1>
</header>
<p>
<a href="//localhost:1313/">Back to home page&nbsp;→</a>
<a href="http://localhost:1313/">Back to home page&nbsp;→</a>
</p>
</article>
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 16:35:08 PDT">Site built on: 2024-06-02 16:35:08 PDT</time>
<time datetime="2024-06-02 16:42:18 PDT">Site built on: 2024-06-02 16:42:18 PDT</time>
</p>
<div class="copyright">
<p></p>
<nav class="navbar">
<ul class="navbar__list">
<li><a href="//localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="//localhost:1313/sitemap.xml">Sitemap</a></li>
<li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
</ul>
</nav>
</div>
16 changes: 8 additions & 8 deletions public/CVEX-2017-1000499/index.html
View file
Original file line number Diff line number Diff line change
@@ -7,15 +7,15 @@
<meta name="description" content="phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc." />
<meta name="keywords" content="" />
<meta name="robots" content="noodp" />
<link rel="canonical" href="//localhost:1313/CVEX-2017-1000499/" />
<link rel="canonical" href="http://localhost:1313/CVEX-2017-1000499/" />
<meta property="og:locale" content="en" />
<meta property="og:title" content="CVEX-2017-1000499 :: Common Vulneravilities and Exposures with Exploits" />
<meta property="og:description" content="phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc." />
<meta property="og:type" content="article" />
<meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" />
<meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" />
<meta property="article:author" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:url" content="//localhost:1313/CVEX-2017-1000499/" />
<meta property="og:url" content="http://localhost:1313/CVEX-2017-1000499/" />
<meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:image" content="" />
<meta property="og:image:width" content="2048" />
@@ -31,7 +31,7 @@
rel="stylesheet"
/>
<link href="../CVEX-2017-1000499/" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
<link rel="stylesheet" href="//localhost:1313/styles.css" />
<link rel="stylesheet" href="http://localhost:1313/styles.css" />
</head>

<body>
@@ -41,7 +41,7 @@
<nav class="navbar">
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="//localhost:1313/">Home</a></li>
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>
@@ -63,7 +63,7 @@
</header>
<main class="site-main"><article class="post">
<header class="post-header">
<h1 class="post-title"><a href="//localhost:1313/CVEX-2017-1000499/">CVEX-2017-1000499</a></h1>
<h1 class="post-title"><a href="http://localhost:1313/CVEX-2017-1000499/">CVEX-2017-1000499</a></h1>
<div class="post-meta">
<time pubdate datetime="2024-05-27 15:34:00 PDT">
Published on
@@ -86,14 +86,14 @@ <h1 class="post-title"><a href="//localhost:1313/CVEX-2017-1000499/">CVEX-2017-1
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 16:35:08 PDT">Site built on: 2024-06-02 16:35:08 PDT</time>
<time datetime="2024-06-02 16:42:18 PDT">Site built on: 2024-06-02 16:42:18 PDT</time>
</p>
<div class="copyright">
<p></p>
<nav class="navbar">
<ul class="navbar__list">
<li><a href="//localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="//localhost:1313/sitemap.xml">Sitemap</a></li>
<li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
</ul>
</nav>
</div>
16 changes: 8 additions & 8 deletions public/CVEX-2023-28155/index.html
View file
Original file line number Diff line number Diff line change
@@ -7,15 +7,15 @@
<meta name="description" content="The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer." />
<meta name="keywords" content="" />
<meta name="robots" content="noodp" />
<link rel="canonical" href="//localhost:1313/CVEX-2023-28155/" />
<link rel="canonical" href="http://localhost:1313/CVEX-2023-28155/" />
<meta property="og:locale" content="en" />
<meta property="og:title" content="CVEX-2023-28155 :: Common Vulneravilities and Exposures with Exploits" />
<meta property="og:description" content="The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer." />
<meta property="og:type" content="article" />
<meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" />
<meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" />
<meta property="article:author" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:url" content="//localhost:1313/CVEX-2023-28155/" />
<meta property="og:url" content="http://localhost:1313/CVEX-2023-28155/" />
<meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:image" content="" />
<meta property="og:image:width" content="2048" />
@@ -31,7 +31,7 @@
rel="stylesheet"
/>
<link href="../CVEX-2023-28155/" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
<link rel="stylesheet" href="//localhost:1313/styles.css" />
<link rel="stylesheet" href="http://localhost:1313/styles.css" />
</head>

<body>
@@ -41,7 +41,7 @@
<nav class="navbar">
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="//localhost:1313/">Home</a></li>
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>
@@ -63,7 +63,7 @@
</header>
<main class="site-main"><article class="post">
<header class="post-header">
<h1 class="post-title"><a href="//localhost:1313/CVEX-2023-28155/">CVEX-2023-28155</a></h1>
<h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-28155/">CVEX-2023-28155</a></h1>
<div class="post-meta">
<time pubdate datetime="2024-05-27 15:34:00 PDT">
Published on
@@ -86,14 +86,14 @@ <h1 class="post-title"><a href="//localhost:1313/CVEX-2023-28155/">CVEX-2023-281
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 16:35:08 PDT">Site built on: 2024-06-02 16:35:08 PDT</time>
<time datetime="2024-06-02 16:42:18 PDT">Site built on: 2024-06-02 16:42:18 PDT</time>
</p>
<div class="copyright">
<p></p>
<nav class="navbar">
<ul class="navbar__list">
<li><a href="//localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="//localhost:1313/sitemap.xml">Sitemap</a></li>
<li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
</ul>
</nav>
</div>
16 changes: 8 additions & 8 deletions public/CVEX-2023-31419/index.html
View file
Original file line number Diff line number Diff line change
@@ -7,15 +7,15 @@
<meta name="description" content="A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service." />
<meta name="keywords" content="" />
<meta name="robots" content="noodp" />
<link rel="canonical" href="//localhost:1313/CVEX-2023-31419/" />
<link rel="canonical" href="http://localhost:1313/CVEX-2023-31419/" />
<meta property="og:locale" content="en" />
<meta property="og:title" content="CVEX-2023-31419 :: Common Vulneravilities and Exposures with Exploits" />
<meta property="og:description" content="A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service." />
<meta property="og:type" content="article" />
<meta property="article:published_time" content="2024-05-27 15:34:00 -0700 PDT" />
<meta property="article:modified_time" content="2024-05-27 15:34:00 PDT" />
<meta property="article:author" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:url" content="//localhost:1313/CVEX-2023-31419/" />
<meta property="og:url" content="http://localhost:1313/CVEX-2023-31419/" />
<meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:image" content="" />
<meta property="og:image:width" content="2048" />
@@ -31,7 +31,7 @@
rel="stylesheet"
/>
<link href="../CVEX-2023-31419/" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
<link rel="stylesheet" href="//localhost:1313/styles.css" />
<link rel="stylesheet" href="http://localhost:1313/styles.css" />
</head>

<body>
@@ -41,7 +41,7 @@
<nav class="navbar">
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="//localhost:1313/">Home</a></li>
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>
@@ -63,7 +63,7 @@
</header>
<main class="site-main"><article class="post">
<header class="post-header">
<h1 class="post-title"><a href="//localhost:1313/CVEX-2023-31419/">CVEX-2023-31419</a></h1>
<h1 class="post-title"><a href="http://localhost:1313/CVEX-2023-31419/">CVEX-2023-31419</a></h1>
<div class="post-meta">
<time pubdate datetime="2024-05-27 15:34:00 PDT">
Published on
@@ -86,14 +86,14 @@ <h1 class="post-title"><a href="//localhost:1313/CVEX-2023-31419/">CVEX-2023-314
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 16:35:08 PDT">Site built on: 2024-06-02 16:35:08 PDT</time>
<time datetime="2024-06-02 16:42:18 PDT">Site built on: 2024-06-02 16:42:18 PDT</time>
</p>
<div class="copyright">
<p></p>
<nav class="navbar">
<ul class="navbar__list">
<li><a href="//localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="//localhost:1313/sitemap.xml">Sitemap</a></li>
<li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
</ul>
</nav>
</div>
14 changes: 7 additions & 7 deletions public/categories/index.html
View file
Original file line number Diff line number Diff line change
@@ -7,12 +7,12 @@
<meta name="description" content="" />
<meta name="keywords" content="" />
<meta name="robots" content="noodp" />
<link rel="canonical" href="//localhost:1313/categories/" />
<link rel="canonical" href="http://localhost:1313/categories/" />
<meta property="og:locale" content="en" />
<meta property="og:title" content="Categories :: Common Vulneravilities and Exposures with Exploits" />
<meta property="og:description" content="" />
<meta property="og:type" content="website" />
<meta property="og:url" content="//localhost:1313/categories/" />
<meta property="og:url" content="http://localhost:1313/categories/" />
<meta property="og:site_name" content="Common Vulneravilities and Exposures with Exploits" />
<meta property="og:image" content="" />
<meta property="og:image:width" content="2048" />
@@ -28,7 +28,7 @@
rel="stylesheet"
/>
<link href="../categories/" rel="alternate" type="application/rss+xml" title="Common Vulneravilities and Exposures with Exploits" />
<link rel="stylesheet" href="//localhost:1313/styles.css" />
<link rel="stylesheet" href="http://localhost:1313/styles.css" />
</head>

<body>
@@ -38,7 +38,7 @@
<nav class="navbar">
<div class="navbar__first">
<ul class="navbar__list borders">
<li><a href="//localhost:1313/">Home</a></li>
<li><a href="http://localhost:1313/">Home</a></li>
<li><a href="../research/">Statement</a></li>
<li><a href="../directoryv1/">CVEX 1.0 Directory</a></li>
<li><a href="../directoryv2/">CVEX 2.0 Directory</a></li>
@@ -71,14 +71,14 @@ <h1 class="post-title">
</main>
<footer class="site-footer">
<p class="buildinfo">
<time datetime="2024-06-02 16:35:08 PDT">Site built on: 2024-06-02 16:35:08 PDT</time>
<time datetime="2024-06-02 16:42:18 PDT">Site built on: 2024-06-02 16:42:18 PDT</time>
</p>
<div class="copyright">
<p></p>
<nav class="navbar">
<ul class="navbar__list">
<li><a href="//localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="//localhost:1313/sitemap.xml">Sitemap</a></li>
<li><a href="http://localhost:1313/posts/index.xml">RSS</a></li>
<li><a href="http://localhost:1313/sitemap.xml">Sitemap</a></li>
</ul>
</nav>
</div>
Loading

0 comments on commit cfd9210

Please sign in to comment.