CVE-2024-38819

The repository contains functional exploit code for multiple CVEs, including CVE-2026-22812, which demonstrates command execution via a session-based shell endpoint. The code is well-structured, includes error handling, and provides both single and batch detection capabilities.

This repository contains a functional proof-of-concept for CVE-2024-38819, demonstrating a path traversal vulnerability in Spring Framework 6.1.13. The exploit leverages percent-encoded directory traversal sequences through a symbolic link to access sensitive files like /etc/passwd.

This repository contains functional exploit code for multiple CVEs, primarily targeting Java-based vulnerabilities. The PoCs include deserialization attacks, RCE via LDAP/JNDI, and other offensive techniques, with clear examples of exploit chains.

This YAML file contains a functional exploit for CVE-2024-38819, demonstrating a path traversal vulnerability in Spring Boot 3.3.4. It sends a crafted HTTP request to access sensitive files (e.g., /etc/passwd) and verifies the response for successful exploitation.

This repository contains a functional proof-of-concept for CVE-2024-38819, demonstrating a path traversal vulnerability in Spring Framework 6.1.13. The exploit leverages percent-encoded directory traversal sequences via a symbolic link to access arbitrary files on the system.

This repository provides a detailed technical analysis of CVE-2024-38819, a path traversal vulnerability in Spring WebFlux and WebMVC.fn. It explains the root cause in the `StringUtils.cleanPath()` function and demonstrates how attackers can bypass path validation to access arbitrary files.