CVEXv2: XPLOR CVEX Directory :: Common Vulneravilities and Exposures with Exploits

CVEX v2.0 was a collaborative effort from ERSP 2023-2024.
It takes inspiration from past CVEXes created from the past years. Using a similar `exploiter` vs `recorder` model, we’ve further divided our CVEs into 3 main containers: `server`, `client`, and `listener` while also enabling `tcpdump` traffic files and stack traces to be stored in a user’s local directory for better analysis of the exploit
CVEX-2017-1000499
CVEX-2023-28155
CVEX-2023-31419
CVEX-2023-42282
CVEX-2024-21508
CVEX-XPLOR
CVEX-2023-0286

CVEX LINK	Description	Images
`CVE-XPLOR`	Author \| `racheljiang310` A Proof of Concept Demonstration of our CVEX model/framework	Domain \| ghcr.io/ucsb-seclab `demo/client demo/server demo/listener`
`CVE-2017-1000499`	Author \| `racheljiang310` phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.	Domain \| ghcr.io/ucsb-seclab `cvex-2017-1000499/client cvex-2017-1000499/server cvex-2017-1000499/db cvex-2017-1000499/listener`
`CVE-2023-28155`	Author \| `racheljiang310` The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-28155/listener cvex-2023-28155/client cvex-2023-28155/bad_server cvex-2023-28155/php_server`
`CVE-2023-31419`	Author \| `racheljiang310` A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-31419/client cvex-2023-31419/server cvex-2023-31419/listener`
`CVE-2023-42282`	Author \| `racheljiang310` The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-42282/client cvex-2023-42282/server cvex-2023-42282/listener`
`CVE-2024-21508`	Author \| `racheljiang310` Found in versions of the mysql2 <= 3.9.4, this vulnerability allows for Remote Code Execution (RCE) through the readCodeFor function, due to improper validation of the supportBigNumbers and bigNumberStrings values. The potential impact includes high integrity and confidentiality impact, as well as high availability impact.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-42282/client cvex-2023-42282/server cvex-2023-42282/listener`
`CVE-2023-0286`	Author \| `yarwinliu` Clones openssl version 3.0.7, containing a vulnerability that attributes the wrong variable type (ASN1_TYPE rather than ASN1_STRING) to a x509 address, allowing elevation of privilege.	Domain \| ghcr.io/ucsb-seclab `cvex-2024-21508/listener cvex-2024-21508/server cvex-2024-21508/client`

CVEX LINK	Description	Images
`CVE-XPLOR`	Author \| `racheljiang310` A Proof of Concept Demonstration of our CVEX model/framework	Domain \| ghcr.io/ucsb-seclab `demo/client demo/server demo/listener`
`CVE-2017-1000499`	Author \| `racheljiang310` phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.	Domain \| ghcr.io/ucsb-seclab `cvex-2017-1000499/client cvex-2017-1000499/server cvex-2017-1000499/db cvex-2017-1000499/listener`
`CVE-2023-28155`	Author \| `racheljiang310` The Request package through 2.88.1 for Node.js allows a bypass of SSRF mitigations via an attacker-controller server that does a cross-protocol redirect (HTTP to HTTPS, or HTTPS to HTTP). This vulnerability only affects products that are no longer supported by the maintainer.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-28155/listener cvex-2023-28155/client cvex-2023-28155/bad_server cvex-2023-28155/php_server`
`CVE-2023-31419`	Author \| `racheljiang310` A flaw was discovered in Elasticsearch, affecting the _search API that allowed a specially crafted query string to cause a Stack Overflow and ultimately a Denial of Service.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-31419/client cvex-2023-31419/server cvex-2023-31419/listener`
`CVE-2023-42282`	Author \| `racheljiang310` The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) are improperly categorized as globally routable via isPublic.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-42282/client cvex-2023-42282/server cvex-2023-42282/listener`
`CVE-2024-21508`	Author \| `racheljiang310` Found in versions of the mysql2 <= 3.9.4, this vulnerability allows for Remote Code Execution (RCE) through the readCodeFor function, due to improper validation of the supportBigNumbers and bigNumberStrings values. The potential impact includes high integrity and confidentiality impact, as well as high availability impact.	Domain \| ghcr.io/ucsb-seclab `cvex-2023-42282/client cvex-2023-42282/server cvex-2023-42282/listener`
`CVE-2023-0286`	Author \| `yarwinliu` Clones openssl version 3.0.7, containing a vulnerability that attributes the wrong variable type (ASN1_TYPE rather than ASN1_STRING) to a x509 address, allowing elevation of privilege.	Domain \| ghcr.io/ucsb-seclab `cvex-2024-21508/listener cvex-2024-21508/server cvex-2024-21508/client`