Brandon Knight - Security Researcher - Exploit Intelligence Platform

CVE-2013-4490 METASPLOIT ruby WORKING POC

GitLab <5.4.1, <6.2.3 - Command Injection

The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.

View Code

CVE-1999-0502 METASPLOIT ruby WORKING POC

Unix - Info Disclosure

A Unix account has a default, null, blank, or missing password.

View Code

CVE-1999-0502 EXPLOITDB ruby WORKING POC

Unix - Info Disclosure

A Unix account has a default, null, blank, or missing password.

View Code

CVE-2013-4490 EXPLOITDB ruby WORKING POC

GitLab <5.4.1, <6.2.3 - Command Injection

The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.

View Code