PoC-in-GitHub/2019/CVE-2019-5418.json

[
    {
        "id": 175966226,
        "name": "CVE-2019-5418",
        "full_name": "mpgn\/CVE-2019-5418",
        "owner": {
            "login": "mpgn",
            "id": 5891788,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4",
            "html_url": "https:\/\/github.com\/mpgn",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/mpgn\/CVE-2019-5418",
        "description": "CVE-2019-5418 - File Content Disclosure on Ruby on Rails",
        "fork": false,
        "created_at": "2019-03-16T11:58:18Z",
        "updated_at": "2024-10-05T05:18:16Z",
        "pushed_at": "2021-04-05T21:28:36Z",
        "stargazers_count": 193,
        "watchers_count": 193,
        "has_discussions": false,
        "forks_count": 24,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [
            "rails"
        ],
        "visibility": "public",
        "forks": 24,
        "watchers": 193,
        "score": 0,
        "subscribers_count": 4
    },
    {
        "id": 176323109,
        "name": "CVE-2019-5418",
        "full_name": "omarkurt\/CVE-2019-5418",
        "owner": {
            "login": "omarkurt",
            "id": 1712468,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1712468?v=4",
            "html_url": "https:\/\/github.com\/omarkurt",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/omarkurt\/CVE-2019-5418",
        "description": "File Content Disclosure on Rails Test Case - CVE-2019-5418",
        "fork": false,
        "created_at": "2019-03-18T16:09:13Z",
        "updated_at": "2021-06-23T14:36:20Z",
        "pushed_at": "2019-03-18T16:15:25Z",
        "stargazers_count": 5,
        "watchers_count": 5,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [
            "cve-2019-5418",
            "ror",
            "vulnerable-app"
        ],
        "visibility": "public",
        "forks": 0,
        "watchers": 5,
        "score": 0,
        "subscribers_count": 0
    },
    {
        "id": 176545257,
        "name": "CVE-2019-5418-Scanner",
        "full_name": "brompwnie\/CVE-2019-5418-Scanner",
        "owner": {
            "login": "brompwnie",
            "id": 8638589,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8638589?v=4",
            "html_url": "https:\/\/github.com\/brompwnie",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/brompwnie\/CVE-2019-5418-Scanner",
        "description": "A multi-threaded Golang scanner to identify Ruby endpoints vulnerable to CVE-2019-5418",
        "fork": false,
        "created_at": "2019-03-19T15:38:01Z",
        "updated_at": "2024-08-12T19:46:56Z",
        "pushed_at": "2019-03-21T17:26:06Z",
        "stargazers_count": 35,
        "watchers_count": 35,
        "has_discussions": false,
        "forks_count": 16,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 16,
        "watchers": 35,
        "score": 0,
        "subscribers_count": 3
    },
    {
        "id": 177236589,
        "name": "Rails-doubletap-RCE",
        "full_name": "mpgn\/Rails-doubletap-RCE",
        "owner": {
            "login": "mpgn",
            "id": 5891788,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5891788?v=4",
            "html_url": "https:\/\/github.com\/mpgn",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/mpgn\/Rails-doubletap-RCE",
        "description": "RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)",
        "fork": false,
        "created_at": "2019-03-23T02:52:31Z",
        "updated_at": "2024-09-17T07:15:40Z",
        "pushed_at": "2023-01-19T12:13:40Z",
        "stargazers_count": 134,
        "watchers_count": 134,
        "has_discussions": false,
        "forks_count": 28,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [
            "rails"
        ],
        "visibility": "public",
        "forks": 28,
        "watchers": 134,
        "score": 0,
        "subscribers_count": 7
    },
    {
        "id": 178527770,
        "name": "CVE-2019-5418",
        "full_name": "takeokunn\/CVE-2019-5418",
        "owner": {
            "login": "takeokunn",
            "id": 11222510,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/11222510?v=4",
            "html_url": "https:\/\/github.com\/takeokunn",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/takeokunn\/CVE-2019-5418",
        "description": null,
        "fork": false,
        "created_at": "2019-03-30T07:40:11Z",
        "updated_at": "2019-10-24T19:07:56Z",
        "pushed_at": "2019-03-30T07:54:58Z",
        "stargazers_count": 2,
        "watchers_count": 2,
        "has_discussions": false,
        "forks_count": 2,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 2,
        "watchers": 2,
        "score": 0,
        "subscribers_count": 3
    },
    {
        "id": 178909066,
        "name": "RailroadBandit",
        "full_name": "Bad3r\/RailroadBandit",
        "owner": {
            "login": "Bad3r",
            "id": 25513724,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25513724?v=4",
            "html_url": "https:\/\/github.com\/Bad3r",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/Bad3r\/RailroadBandit",
        "description": "a demo for Ruby on Rails CVE-2019-5418",
        "fork": false,
        "created_at": "2019-04-01T17:02:57Z",
        "updated_at": "2024-05-22T12:43:49Z",
        "pushed_at": "2019-04-11T22:45:52Z",
        "stargazers_count": 3,
        "watchers_count": 3,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 3,
        "score": 0,
        "subscribers_count": 1
    },
    {
        "id": 212888337,
        "name": "CVE-2019-5418-Rails3",
        "full_name": "ztgrace\/CVE-2019-5418-Rails3",
        "owner": {
            "login": "ztgrace",
            "id": 2554037,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/2554037?v=4",
            "html_url": "https:\/\/github.com\/ztgrace",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/ztgrace\/CVE-2019-5418-Rails3",
        "description": "Rails 3 PoC of CVE-2019-5418",
        "fork": false,
        "created_at": "2019-10-04T19:28:10Z",
        "updated_at": "2019-10-04T19:29:56Z",
        "pushed_at": "2023-07-13T22:14:58Z",
        "stargazers_count": 0,
        "watchers_count": 0,
        "has_discussions": false,
        "forks_count": 1,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 1,
        "watchers": 0,
        "score": 0,
        "subscribers_count": 2
    },
    {
        "id": 222660643,
        "name": "CVE-2019-5418",
        "full_name": "random-robbie\/CVE-2019-5418",
        "owner": {
            "login": "random-robbie",
            "id": 4902869,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/4902869?v=4",
            "html_url": "https:\/\/github.com\/random-robbie",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/random-robbie\/CVE-2019-5418",
        "description": null,
        "fork": false,
        "created_at": "2019-11-19T09:40:06Z",
        "updated_at": "2021-04-26T19:41:51Z",
        "pushed_at": "2019-11-19T09:41:18Z",
        "stargazers_count": 5,
        "watchers_count": 5,
        "has_discussions": false,
        "forks_count": 1,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 1,
        "watchers": 5,
        "score": 0,
        "subscribers_count": 3
    },
    {
        "id": 552810113,
        "name": "CVE-2019-5418",
        "full_name": "kailing0220\/CVE-2019-5418",
        "owner": {
            "login": "kailing0220",
            "id": 115863969,
            "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115863969?v=4",
            "html_url": "https:\/\/github.com\/kailing0220",
            "user_view_type": "public"
        },
        "html_url": "https:\/\/github.com\/kailing0220\/CVE-2019-5418",
        "description": "Ruby on Rails是一个 Web 应用程序框架,是一个相对较新的 Web 应用程序框架，构建在 Ruby 语言之上。这个漏洞主要是由于Ruby on Rails使用了指定参数的render file来渲染应用之外的视图，我们可以通过修改访问某控制器的请求包，通过“…\/…\/…\/…\/”来达到路径穿越的目的，然后再通过“{{”来进行模板查询路径的闭合，使得所要访问的文件被当做外部模板来解析。",
        "fork": false,
        "created_at": "2022-10-17T09:04:43Z",
        "updated_at": "2023-01-13T12:24:23Z",
        "pushed_at": "2022-10-17T09:17:42Z",
        "stargazers_count": 2,
        "watchers_count": 2,
        "has_discussions": false,
        "forks_count": 0,
        "allow_forking": true,
        "is_template": false,
        "web_commit_signoff_required": false,
        "topics": [],
        "visibility": "public",
        "forks": 0,
        "watchers": 2,
        "score": 0,
        "subscribers_count": 1
    }
]