A collection of proof-of-concept exploit scripts written by the team at Redway Security for various CVEs.
- CVE-2022-2992: Remote Command Execution via Github import
- CVE-2023-32707: Splunk 'edit_user' Capability Privilege Escalation
- CVE-2024-34102: Magento admin user impersonation via arbritrary file read
- WSO2-2023-2988: WSO2 remote code execution through arbitrary file upload
This Git repository contains code, scripts, and documentation related to security exploits. The sole purpose of this repository is for ethical purposes, including cybersecurity research, vulnerability analysis, and learning about security weaknesses to strengthen digital defenses.
By accessing or using the content in this repository, you agree to assume full responsibility for your actions. The presence of specific exploits, vulnerabilities, or techniques in this repository does not imply endorsement or support by the maintainers.