CVE-2018-5955

This Metasploit module exploits CVE-2018-5955, an unsanitized argument vulnerability in GitStack through v2.3.10, allowing remote code execution via command injection in the web interface. It automates the exploitation process, including repository and user management.

This exploit demonstrates an unauthenticated remote code execution vulnerability in GitStack by adding a user, enabling web repository access, creating a repository, and uploading a PHP backdoor to execute arbitrary commands.

Cerberus is a vulnerability scanner that performs batch scanning for various vulnerabilities including SQLi, XSS, command injection, and middleware-specific CVEs like CVE-2018-5955. It includes features like subdomain enumeration, WAF detection, and proxy rotation.

This is a Python3 exploit for CVE-2018-5955, targeting GitStack 2.3.10 with unauthenticated RCE via PHP backdoor creation. It includes OS detection and reverse shell functionality.

This Python script exploits CVE-2018-5955, a remote command execution vulnerability in GitStack <= 2.3.10. It automates user creation, repository setup, and payload delivery via HTTP Basic Auth to achieve RCE.

This Metasploit module exploits unauthenticated REST API endpoints in GitStack through v2.3.10 to list users, repositories, create users, and manage repository access. It demonstrates authentication bypass and unauthorized user management.

This Metasploit module exploits an unsanitized argument vulnerability in GitStack through v2.3.10, allowing remote code execution via command injection in the authentication header. It automates the exploitation process, including repository and user management.