2024-07-08 03:28:49 +09:00
[
{
"id" : 825358517 ,
"name" : "chamilo-lms-unauthenticated-big-upload-rce-poc" ,
"full_name" : "m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc" ,
"owner" : {
"login" : "m3m0o" ,
"id" : 130102748 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/130102748?v=4" ,
"html_url" : "https:\/\/github.com\/m3m0o"
} ,
"html_url" : "https:\/\/github.com\/m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc" ,
"description" : "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220" ,
"fork" : false ,
"created_at" : "2024-07-07T15:08:30Z" ,
2024-08-09 03:30:00 +09:00
"updated_at" : "2024-08-08T16:05:32Z" ,
2024-07-27 09:29:42 +09:00
"pushed_at" : "2024-07-27T00:19:17Z" ,
2024-08-09 03:30:00 +09:00
"stargazers_count" : 8 ,
"watchers_count" : 8 ,
2024-07-08 03:28:49 +09:00
"has_discussions" : false ,
2024-07-31 03:29:38 +09:00
"forks_count" : 2 ,
2024-07-08 03:28:49 +09:00
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
2024-07-08 09:29:05 +09:00
"topics" : [
"chamilo" ,
"chamilo-lms" ,
"cve" ,
"cve-2023-4220" ,
"exploit" ,
"rce" ,
"rce-exploit"
] ,
2024-07-08 03:28:49 +09:00
"visibility" : "public" ,
2024-07-31 03:29:38 +09:00
"forks" : 2 ,
2024-08-09 03:30:00 +09:00
"watchers" : 8 ,
2024-07-08 03:28:49 +09:00
"score" : 0 ,
2024-07-08 15:29:00 +09:00
"subscribers_count" : 1
2024-07-08 03:28:49 +09:00
} ,
{
"id" : 825375455 ,
"name" : "Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220" ,
"full_name" : "dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220" ,
"owner" : {
"login" : "dollarboysushil" ,
"id" : 48991715 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/48991715?v=4" ,
"html_url" : "https:\/\/github.com\/dollarboysushil"
} ,
"html_url" : "https:\/\/github.com\/dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220" ,
"description" : "Unrestricted file upload in big file upload functionality in `\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell." ,
"fork" : false ,
"created_at" : "2024-07-07T15:53:54Z" ,
2024-08-01 03:29:43 +09:00
"updated_at" : "2024-07-31T16:11:57Z" ,
2024-07-08 03:28:49 +09:00
"pushed_at" : "2024-07-07T16:18:13Z" ,
2024-08-01 03:29:43 +09:00
"stargazers_count" : 1 ,
"watchers_count" : 1 ,
2024-07-08 03:28:49 +09:00
"has_discussions" : false ,
2024-07-09 15:29:02 +09:00
"forks_count" : 0 ,
2024-07-08 03:28:49 +09:00
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [
"chamilo-exploit" ,
"chamilo-lms" ,
"cve-2023-4220" ,
"file-upload-vulnerability" ,
"hackthebox"
] ,
"visibility" : "public" ,
2024-07-09 15:29:02 +09:00
"forks" : 0 ,
2024-08-01 03:29:43 +09:00
"watchers" : 1 ,
2024-07-08 03:28:49 +09:00
"score" : 0 ,
2024-07-08 15:29:00 +09:00
"subscribers_count" : 1
2024-07-08 03:28:49 +09:00
} ,
{
"id" : 825400213 ,
"name" : "CVE-2023-4220" ,
"full_name" : "charlesgargasson\/CVE-2023-4220" ,
"owner" : {
"login" : "charlesgargasson" ,
"id" : 26895987 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4" ,
"html_url" : "https:\/\/github.com\/charlesgargasson"
} ,
"html_url" : "https:\/\/github.com\/charlesgargasson\/CVE-2023-4220" ,
2024-07-11 21:29:37 +09:00
"description" : "RCE Chamilo 1.11.24" ,
2024-07-08 03:28:49 +09:00
"fork" : false ,
"created_at" : "2024-07-07T16:57:18Z" ,
2024-07-11 21:29:37 +09:00
"updated_at" : "2024-07-11T07:27:24Z" ,
"pushed_at" : "2024-07-11T07:27:20Z" ,
2024-07-08 03:28:49 +09:00
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"has_discussions" : false ,
"forks_count" : 0 ,
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [
"2023" ,
"beersel" ,
"bigupload" ,
"chamilo" ,
"chamilo-lms" ,
"cve" ,
"cve-2023-4220" ,
"exploit" ,
"lms" ,
"poc" ,
"rce"
] ,
"visibility" : "public" ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0 ,
2024-07-08 15:29:00 +09:00
"subscribers_count" : 1
2024-07-08 21:29:24 +09:00
} ,
{
"id" : 825617104 ,
2024-07-29 15:29:35 +09:00
"name" : "CVE-2023-4220" ,
"full_name" : "insomnia-jacob\/CVE-2023-4220" ,
2024-07-08 21:29:24 +09:00
"owner" : {
"login" : "insomnia-jacob" ,
"id" : 174169862 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/174169862?v=4" ,
"html_url" : "https:\/\/github.com\/insomnia-jacob"
} ,
2024-07-29 15:29:35 +09:00
"html_url" : "https:\/\/github.com\/insomnia-jacob\/CVE-2023-4220" ,
2024-07-08 21:29:24 +09:00
"description" : "CVE-2023-4220 POC RCE" ,
"fork" : false ,
"created_at" : "2024-07-08T07:31:35Z" ,
2024-08-08 09:29:18 +09:00
"updated_at" : "2024-08-07T23:36:24Z" ,
"pushed_at" : "2024-08-07T23:36:20Z" ,
2024-07-31 09:29:21 +09:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2024-07-08 21:29:24 +09:00
"has_discussions" : false ,
2024-07-29 15:29:35 +09:00
"forks_count" : 1 ,
2024-07-08 21:29:24 +09:00
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [ ] ,
"visibility" : "public" ,
2024-07-29 15:29:35 +09:00
"forks" : 1 ,
2024-07-31 09:29:21 +09:00
"watchers" : 3 ,
2024-07-08 21:29:24 +09:00
"score" : 0 ,
2024-08-07 15:29:10 +09:00
"subscribers_count" : 1
2024-07-08 21:29:24 +09:00
} ,
{
"id" : 825678272 ,
2024-07-10 15:29:21 +09:00
"name" : "Chamilo-CVE-2023-4220-Exploit" ,
"full_name" : "Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit" ,
2024-07-08 21:29:24 +09:00
"owner" : {
"login" : "Ziad-Sakr" ,
"id" : 60154552 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/60154552?v=4" ,
"html_url" : "https:\/\/github.com\/Ziad-Sakr"
} ,
2024-07-10 15:29:21 +09:00
"html_url" : "https:\/\/github.com\/Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit" ,
2024-07-08 21:29:24 +09:00
"description" : "This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location \"\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php\" in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell." ,
"fork" : false ,
"created_at" : "2024-07-08T09:48:38Z" ,
2024-07-31 21:29:49 +09:00
"updated_at" : "2024-07-31T07:00:42Z" ,
2024-07-08 21:29:24 +09:00
"pushed_at" : "2024-07-08T11:55:53Z" ,
2024-07-31 21:29:49 +09:00
"stargazers_count" : 3 ,
"watchers_count" : 3 ,
2024-07-08 21:29:24 +09:00
"has_discussions" : false ,
2024-07-14 03:29:24 +09:00
"forks_count" : 2 ,
2024-07-08 21:29:24 +09:00
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [
"chamilo" ,
"chamilo-lms" ,
"cve" ,
"exploit" ,
2024-07-10 15:29:21 +09:00
"file-upload-poc" ,
"lms" ,
"penetration" ,
"penetration-testing" ,
"poc" ,
2024-07-08 21:29:24 +09:00
"web-shell"
] ,
"visibility" : "public" ,
2024-07-14 03:29:24 +09:00
"forks" : 2 ,
2024-07-31 21:29:49 +09:00
"watchers" : 3 ,
2024-07-08 21:29:24 +09:00
"score" : 0 ,
2024-07-09 15:29:02 +09:00
"subscribers_count" : 1
2024-07-10 03:29:28 +09:00
} ,
{
"id" : 826392009 ,
"name" : "cve-2023-4220-poc" ,
"full_name" : "HO4XXX\/cve-2023-4220-poc" ,
"owner" : {
"login" : "HO4XXX" ,
"id" : 128794868 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/128794868?v=4" ,
"html_url" : "https:\/\/github.com\/HO4XXX"
} ,
"html_url" : "https:\/\/github.com\/HO4XXX\/cve-2023-4220-poc" ,
2024-07-10 21:29:30 +09:00
"description" : "PoC for CVE-2023-4220 - Chamilo LMS - Unauthenticated File Upload in BigUpload" ,
2024-07-10 03:29:28 +09:00
"fork" : false ,
"created_at" : "2024-07-09T16:09:18Z" ,
2024-07-10 21:29:30 +09:00
"updated_at" : "2024-07-10T08:14:06Z" ,
2024-07-10 03:29:28 +09:00
"pushed_at" : "2024-07-09T16:13:18Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"has_discussions" : false ,
"forks_count" : 0 ,
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [ ] ,
"visibility" : "public" ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0 ,
2024-07-10 15:29:21 +09:00
"subscribers_count" : 1
2024-07-10 09:29:01 +09:00
} ,
{
"id" : 826491015 ,
"name" : "CVE-2023-4220-PoC" ,
"full_name" : "B1TC0R3\/CVE-2023-4220-PoC" ,
"owner" : {
"login" : "B1TC0R3" ,
"id" : 77125551 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/77125551?v=4" ,
"html_url" : "https:\/\/github.com\/B1TC0R3"
} ,
"html_url" : "https:\/\/github.com\/B1TC0R3\/CVE-2023-4220-PoC" ,
"description" : "Proof of concept exploit for CVE-2023-4220" ,
"fork" : false ,
"created_at" : "2024-07-09T20:06:40Z" ,
2024-07-11 03:29:24 +09:00
"updated_at" : "2024-07-10T13:26:12Z" ,
"pushed_at" : "2024-07-10T13:26:08Z" ,
2024-07-10 09:29:01 +09:00
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"has_discussions" : false ,
"forks_count" : 0 ,
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [ ] ,
"visibility" : "public" ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0 ,
2024-07-10 15:29:21 +09:00
"subscribers_count" : 2
2024-07-12 03:29:12 +09:00
} ,
{
"id" : 827338519 ,
"name" : "CVE-2023-4220" ,
"full_name" : "nr4x4\/CVE-2023-4220" ,
"owner" : {
"login" : "nr4x4" ,
"id" : 104433163 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/104433163?v=4" ,
"html_url" : "https:\/\/github.com\/nr4x4"
} ,
"html_url" : "https:\/\/github.com\/nr4x4\/CVE-2023-4220" ,
"description" : "CVE-2023– ,
"fork" : false ,
"created_at" : "2024-07-11T13:06:17Z" ,
2024-07-12 21:29:25 +09:00
"updated_at" : "2024-07-12T10:21:41Z" ,
"pushed_at" : "2024-07-12T10:21:38Z" ,
2024-07-12 03:29:12 +09:00
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"has_discussions" : false ,
"forks_count" : 0 ,
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [ ] ,
"visibility" : "public" ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0 ,
2024-07-12 15:29:16 +09:00
"subscribers_count" : 1
2024-07-15 15:29:40 +09:00
} ,
{
"id" : 828720069 ,
"name" : "CVE-2023-4220-Exploit" ,
"full_name" : "Al3xGD\/CVE-2023-4220-Exploit" ,
"owner" : {
"login" : "Al3xGD" ,
"id" : 115897853 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/115897853?v=4" ,
"html_url" : "https:\/\/github.com\/Al3xGD"
} ,
"html_url" : "https:\/\/github.com\/Al3xGD\/CVE-2023-4220-Exploit" ,
"description" : "LMS Chamilo 1.11.24 CVE-2023-4220 Exploit" ,
"fork" : false ,
"created_at" : "2024-07-15T01:38:47Z" ,
"updated_at" : "2024-07-15T01:51:16Z" ,
"pushed_at" : "2024-07-15T01:51:13Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"has_discussions" : false ,
"forks_count" : 0 ,
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [ ] ,
"visibility" : "public" ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0 ,
2024-07-16 15:29:45 +09:00
"subscribers_count" : 1
2024-08-02 15:29:17 +09:00
} ,
{
"id" : 837062013 ,
"name" : "chamilo-lms-unauthenticated-rce-poc" ,
"full_name" : "charchit-subedi\/chamilo-lms-unauthenticated-rce-poc" ,
"owner" : {
"login" : "charchit-subedi" ,
"id" : 59109697 ,
"avatar_url" : "https:\/\/avatars.githubusercontent.com\/u\/59109697?v=4" ,
"html_url" : "https:\/\/github.com\/charchit-subedi"
} ,
"html_url" : "https:\/\/github.com\/charchit-subedi\/chamilo-lms-unauthenticated-rce-poc" ,
"description" : "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220 " ,
"fork" : false ,
"created_at" : "2024-08-02T06:14:56Z" ,
"updated_at" : "2024-08-02T06:17:33Z" ,
"pushed_at" : "2024-08-02T06:17:11Z" ,
"stargazers_count" : 0 ,
"watchers_count" : 0 ,
"has_discussions" : false ,
"forks_count" : 0 ,
"allow_forking" : true ,
"is_template" : false ,
"web_commit_signoff_required" : false ,
"topics" : [ ] ,
"visibility" : "public" ,
"forks" : 0 ,
"watchers" : 0 ,
"score" : 0 ,
2024-08-03 15:28:46 +09:00
"subscribers_count" : 1
2024-07-08 03:28:49 +09:00
}
]
