Sander cgnl

## CVE-2024-22910
CVE-2024-22910: Authenticated XSS in CrushFTP < 10.6.0

[Description]
Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0 and
v.10.5.5 allows an attacker to  execute arbitrary code via a crafted
payload.

------------------------------------------

[Vulnerability Type]

## Simple_Rev_Shell.cs
using System;
using System.Text;
using System.IO;
using System.Diagnostics;
using System.ComponentModel;
using System.Linq;
using System.Net;
using System.Net.Sockets;


## ImportTo-ElasticSearchBulk.ps1
<#
.Synopsis
   Parse Nessus XML report and import to ElasticSearch using _bulk API
.DESCRIPTION
   Parse Nessus XML report and convert to expected json format (x-ndjson)
   for ElasticSearch _bulk API
.EXAMPLE
   .\ImportTo-ElasticSearchBulk.ps1 -InputXML "C:\folder\file.nessus" -Server es.contoso.com -Index "nessus" -type "vuln"
#>
	CVE-2024-22910: Authenticated XSS in CrushFTP < 10.6.0

	[Description]
	Cross Site Scripting (XSS) vulnerability in CrushFTP v.10.6.0 and
	v.10.5.5 allows an attacker to execute arbitrary code via a crafted
	payload.

	------------------------------------------

	[Vulnerability Type]
	using System;
	using System.Text;
	using System.IO;
	using System.Diagnostics;
	using System.ComponentModel;
	using System.Linq;
	using System.Net;
	using System.Net.Sockets;
	<#
	.Synopsis
	Parse Nessus XML report and import to ElasticSearch using _bulk API
	.DESCRIPTION
	Parse Nessus XML report and convert to expected json format (x-ndjson)
	for ElasticSearch _bulk API
	.EXAMPLE
	.\ImportTo-ElasticSearchBulk.ps1 -InputXML "C:\folder\file.nessus" -Server es.contoso.com -Index "nessus" -type "vuln"
	#>