"Locale problems" in both the 32-bit & 64-bit versions of Debian 8 droplets
Create a new Debian 8 droplet and login as root:
pothi
/ CVE-2023-39777
Created
September 23, 2023 11:41
— forked from GiongfNef/CVE-2023-39777
[POC] [CVE-2023-39777]
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [Summary] | |
| I have discovered a Cross-Site Scripting (XSS) vulnerability in vBulletin latest version 6.0.0, which also impacts lower versions. The vulnerability allows an attacker to inject malicious scripts into the Admin Control Panel, potentially leading to unauthorized access, data theft, or further exploitation. | |
| [Description] | |
| The XSS vulnerability can be triggered when an authenticated user accesses to path `/admincp` and try to login to the Admin Control Panel. The vulnerability is due to inadequate input sanitization, allowing an attacker to inject malicious scripts that will execute in the context of the targeted administrator's session so as to hijack admin's credential. | |
| [Steps to Reproduce] | |
| 1. Log in /admincp in vBulletin Admin Control Panel. | |
| 2. Through the 'url' parameter, it is possible to inject JS code to escape, bypass white space then trigger XSS. |
pothi
/ do-debian8-locale-issues.md
Created
May 6, 2021 17:04
— forked from 5car1z/do-debian8-locale-issues.md
Debian Locale Issues Fix
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # requirements: webp (sudo apt install webp or yum install webp) | |
| # version 1.3 | |
| # version 1.3 | |
| # - date: 2020-05-28 | |
| # - change the logic litte bit to make the output less noisy | |
| # version 1.2 | |
| # - date: 2020-05-28 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $sitemapURL = 'https://www.tinywp.in/sitemap.xml'; | |
| /** | |
| * fetch all URLs from sitemap.xml | |
| */ | |
| $xmlobject = simplexml_load_file($sitemapURL); |
pothi
/ compile-nginx-from-source-on-ubuntu.sh
Created
April 11, 2015 11:46
Compile Nginx from source on Ubuntu
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # What it is: a script to compile and install Nginx manually in Ubuntu 14.04 server | |
| # Author: Pothi Kalimuthu | |
| # Author URL: http://pothi.info | |
| # License: GPL v2 | |
| ### VARIABLES ### | |
| # Please know that this script should be executed as normal user with __sudo__ privileges. |
pothi
/ pma-auto-update.sh
Last active
March 24, 2017 07:58
Automate PhpMyAdmin updates - Please Check https://github.com/pothi/linux-bootstrap-snippets/blob/master/pma-auto-update.sh for Updates. Thanks!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Script to automate PhpMyAdmin updates | |
| # To manually switch to another version, use... | |
| # bash pma-auto-update.sh version_number | |
| ### Variables | |
| LOGDIR=$HOME/log | |
| LOG_FILE=$LOGDIR/phpmyadmin-updates.log |