mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-28 18:44:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2020/11/26 12:09:16

Browse source
This commit is contained in:
motikan2010-bot 2020-11-26 12:09:16 +09:00
parent e554e4cb54
commit 17ce01e061
29 changed files with 459 additions and 123 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
2009/CVE-2009-0229.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 264008888,
"name": "CVE-2009-0229-PoC",
"full_name": "zveriu\/CVE-2009-0229-PoC",
"owner": {
"login": "zveriu",
"id": 3428446,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/3428446?v=4",
"html_url": "https:\/\/github.com\/zveriu"
},
"html_url": "https:\/\/github.com\/zveriu\/CVE-2009-0229-PoC",
"description": "PoC for CVE-2009-0229 \"Print Spooler Read File Vulnerability\" LPE AFR (related to CVE-2020-1048)",
"fork": false,
"created_at": "2020-05-14T19:40:50Z",
"updated_at": "2020-05-20T20:29:49Z",
"pushed_at": "2020-05-15T11:32:42Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"forks": 1,
"watchers": 2,
"score": 0
}
]

25
2009/CVE-2009-0473.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 67456167,
"name": "CVE-2009-0473-check",
"full_name": "akbarq\/CVE-2009-0473-check",
"owner": {
"login": "akbarq",
"id": 7432727,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/7432727?v=4",
"html_url": "https:\/\/github.com\/akbarq"
},
"html_url": "https:\/\/github.com\/akbarq\/CVE-2009-0473-check",
"description": "Simple script to exploit open redirection vulnerability in Rockwell ControlLogix 1756-ENBT\/A",
"fork": false,
"created_at": "2016-09-05T23:08:29Z",
"updated_at": "2020-11-18T21:23:08Z",
"pushed_at": "2016-09-06T02:48:54Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

25
2009/CVE-2009-0689.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 162229782,
"name": "str2hax",
"full_name": "Fullmetal5\/str2hax",
"owner": {
"login": "Fullmetal5",
"id": 3742968,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/3742968?v=4",
"html_url": "https:\/\/github.com\/Fullmetal5"
},
"html_url": "https:\/\/github.com\/Fullmetal5\/str2hax",
"description": "An implementation of CVE-2009-0689 for the Nintendo Wii.",
"fork": false,
"created_at": "2018-12-18T04:24:43Z",
"updated_at": "2020-09-27T17:24:55Z",
"pushed_at": "2019-09-30T23:38:11Z",
"stargazers_count": 32,
"watchers_count": 32,
"forks_count": 7,
"forks": 7,
"watchers": 32,
"score": 0
}
]

25
2009/CVE-2009-1151.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 120135334,
"name": "pocs",
"full_name": "minervais\/pocs",
"owner": {
"login": "minervais",
"id": 47587685,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/47587685?v=4",
"html_url": "https:\/\/github.com\/minervais"
},
"html_url": "https:\/\/github.com\/minervais\/pocs",
"description": "phpMyAdmin '\/scripts\/setup.php' PHP Code Injection RCE PoC (CVE-2009-1151)",
"fork": false,
"created_at": "2018-02-03T22:26:09Z",
"updated_at": "2020-09-15T14:40:41Z",
"pushed_at": "2019-07-18T20:27:09Z",
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 3,
"forks": 3,
"watchers": 2,
"score": 0
}
]

25
2009/CVE-2009-1244.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 191334884,
"name": "vmware_exploit_pack_CVE-2009-1244",
"full_name": "piotrbania\/vmware_exploit_pack_CVE-2009-1244",
"owner": {
"login": "piotrbania",
"id": 51699228,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/51699228?v=4",
"html_url": "https:\/\/github.com\/piotrbania"
},
"html_url": "https:\/\/github.com\/piotrbania\/vmware_exploit_pack_CVE-2009-1244",
"description": "vmware cloudburst exploit CVE-2009-1244",
"fork": false,
"created_at": "2019-06-11T09:08:52Z",
"updated_at": "2020-04-14T09:22:50Z",
"pushed_at": "2019-06-11T13:49:03Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

23
2009/CVE-2009-1330.json
View file

@ -1,4 +1,27 @@
[
{
"id": 163585014,
"name": "CVE-2009-1330",
"full_name": "adenkiewicz\/CVE-2009-1330",
"owner": {
"login": "adenkiewicz",
"id": 1060275,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/1060275?v=4",
"html_url": "https:\/\/github.com\/adenkiewicz"
},
"html_url": "https:\/\/github.com\/adenkiewicz\/CVE-2009-1330",
"description": "Simple exploit for Easy RM to MP3 Converter 2.7.3.700 on Windows 7 32b.",
"fork": false,
"created_at": "2018-12-30T12:17:08Z",
"updated_at": "2018-12-31T10:09:34Z",
"pushed_at": "2018-12-31T09:59:17Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 164236833,
"name": "CVE-2009-1330",

25
2009/CVE-2009-2265.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 300655070,
"name": "zaphoxx-coldfusion",
"full_name": "zaphoxx\/zaphoxx-coldfusion",
"owner": {
"login": "zaphoxx",
"id": 22231720,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/22231720?v=4",
"html_url": "https:\/\/github.com\/zaphoxx"
},
"html_url": "https:\/\/github.com\/zaphoxx\/zaphoxx-coldfusion",
"description": "coldfusion exploit based on https:\/\/cvedetails.com\/cve\/CVE-2009-2265\/",
"fork": false,
"created_at": "2020-10-02T15:17:21Z",
"updated_at": "2020-10-02T17:49:56Z",
"pushed_at": "2020-10-02T17:49:53Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

25
2009/CVE-2009-2698.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 121771822,
"name": "CVE-2009-2698",
"full_name": "xiaoxiaoleo\/CVE-2009-2698",
"owner": {
"login": "xiaoxiaoleo",
"id": 9813186,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/9813186?v=4",
"html_url": "https:\/\/github.com\/xiaoxiaoleo"
},
"html_url": "https:\/\/github.com\/xiaoxiaoleo\/CVE-2009-2698",
"description": "CVE-2009-2698 compiled for CentOS 4.8",
"fork": false,
"created_at": "2018-02-16T16:17:24Z",
"updated_at": "2020-11-05T03:16:12Z",
"pushed_at": "2018-02-16T16:30:00Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"forks": 0,
"watchers": 1,
"score": 0
}
]

25
2009/CVE-2009-4660.json Normal file
View file

@ -0,0 +1,25 @@
[
{
"id": 164956270,
"name": "CVE-2009-4660",
"full_name": "war4uthor\/CVE-2009-4660",
"owner": {
"login": "war4uthor",
"id": 45926018,
"avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/45926018?v=4",
"html_url": "https:\/\/github.com\/war4uthor"
},
"html_url": "https:\/\/github.com\/war4uthor\/CVE-2009-4660",
"description": "CVE-2009-4660 - BigAnt Server 2.52 'USV' Remote Buffer Overflow Vulnerability. Tested on Windows XP Professional SP3.",
"fork": false,
"created_at": "2019-01-09T23:47:50Z",
"updated_at": "2019-01-09T23:50:58Z",
"pushed_at": "2019-01-09T23:50:56Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

23
2009/CVE-2009-5147.json
View file

@ -21,5 +21,28 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 183373457,
"name": "-Ruby-dl-handle.c-CVE-2009-5147-",
"full_name": "zhangyongbo100\/-Ruby-dl-handle.c-CVE-2009-5147-",
"owner": {
"login": "zhangyongbo100",
"id": 49974023,
"avatar_url": "https:\/\/avatars0.githubusercontent.com\/u\/49974023?v=4",
"html_url": "https:\/\/github.com\/zhangyongbo100"
},
"html_url": "https:\/\/github.com\/zhangyongbo100\/-Ruby-dl-handle.c-CVE-2009-5147-",
"description": null,
"fork": false,
"created_at": "2019-04-25T06:46:50Z",
"updated_at": "2020-05-20T03:19:01Z",
"pushed_at": "2019-04-25T06:49:16Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

12
2015/CVE-2015-5995.json
View file

@ -13,13 +13,13 @@
"description": "An exploitation tool to extract passwords using CVE-2015-5995.",
"fork": false,
"created_at": "2018-10-04T18:20:47Z",
"updated_at": "2020-04-14T02:00:17Z",
"updated_at": "2020-11-25T23:16:27Z",
"pushed_at": "2018-10-05T17:16:04Z",
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 3,
"forks": 3,
"watchers": 6,
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 4,
"forks": 4,
"watchers": 7,
"score": 0
}
]

8
2016/CVE-2016-7200.json
View file

@ -13,13 +13,13 @@
"description": "Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)",
"fork": false,
"created_at": "2017-01-04T23:41:27Z",
"updated_at": "2020-10-06T05:44:39Z",
"updated_at": "2020-11-26T01:47:08Z",
"pushed_at": "2017-01-04T23:42:46Z",
"stargazers_count": 133,
"watchers_count": 133,
"stargazers_count": 134,
"watchers_count": 134,
"forks_count": 51,
"forks": 51,
"watchers": 133,
"watchers": 134,
"score": 0
}
]

12
2016/CVE-2016-8610.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2016-8610 (SSL Death Alert) PoC",
"fork": false,
"created_at": "2016-12-27T10:09:43Z",
"updated_at": "2020-11-11T09:30:38Z",
"updated_at": "2020-11-25T22:40:16Z",
"pushed_at": "2016-12-28T10:12:29Z",
"stargazers_count": 23,
"watchers_count": 23,
"forks_count": 14,
"forks": 14,
"watchers": 23,
"stargazers_count": 24,
"watchers_count": 24,
"forks_count": 15,
"forks": 15,
"watchers": 24,
"score": 0
}
]

48
2017/CVE-2017-0213.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2017-06-29T18:49:44Z",
"updated_at": "2020-03-29T00:05:56Z",
"updated_at": "2020-11-25T23:12:09Z",
"pushed_at": "2017-06-07T17:09:19Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 6,
"forks": 6,
"watchers": 1,
"score": 0
},
{
@ -105,13 +105,13 @@
"description": "A version of CVE-2017-0213 that I plan to use with an Empire stager",
"fork": false,
"created_at": "2018-03-21T04:13:29Z",
"updated_at": "2018-03-21T04:20:49Z",
"updated_at": "2020-11-25T23:04:06Z",
"pushed_at": "2018-03-21T04:20:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 2,
"forks": 2,
"watchers": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 3,
"forks": 3,
"watchers": 1,
"score": 0
},
{
@ -128,13 +128,13 @@
"description": "Fixed No Virus Manual Automatic Loader exe no zip because zip picks up the anti virus detector.",
"fork": false,
"created_at": "2018-04-10T18:34:17Z",
"updated_at": "2020-02-23T21:10:36Z",
"updated_at": "2020-11-25T23:03:02Z",
"pushed_at": "2018-04-17T23:14:39Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 4,
"forks": 4,
"watchers": 1,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 5,
"forks": 5,
"watchers": 2,
"score": 0
},
{
@ -151,13 +151,13 @@
"description": "Binary",
"fork": false,
"created_at": "2019-06-27T05:56:35Z",
"updated_at": "2019-07-04T04:25:16Z",
"updated_at": "2020-11-25T23:11:22Z",
"pushed_at": "2019-07-04T04:25:15Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,
"forks": 1,
"watchers": 1,
"score": 0
}
]

24
2017/CVE-2017-9805.json
View file

@ -105,13 +105,13 @@
"description": "Exploit script for Apache Struts2 REST Plugin XStream RCE (CVE-2017-9805)",
"fork": false,
"created_at": "2017-11-24T14:46:35Z",
"updated_at": "2020-08-23T14:42:02Z",
"updated_at": "2020-11-25T21:45:36Z",
"pushed_at": "2018-02-09T00:22:16Z",
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 6,
"forks": 6,
"watchers": 10,
"stargazers_count": 11,
"watchers_count": 11,
"forks_count": 7,
"forks": 7,
"watchers": 11,
"score": 0
},
{
@ -151,13 +151,13 @@
"description": "Better Exploit Code For CVE 2017 9805 apache struts",
"fork": false,
"created_at": "2017-12-04T18:23:53Z",
"updated_at": "2019-09-28T07:29:05Z",
"updated_at": "2020-11-25T21:45:43Z",
"pushed_at": "2017-12-23T14:07:59Z",
"stargazers_count": 20,
"watchers_count": 20,
"forks_count": 7,
"forks": 7,
"watchers": 20,
"stargazers_count": 21,
"watchers_count": 21,
"forks_count": 8,
"forks": 8,
"watchers": 21,
"score": 0
},
{

4
2018/CVE-2018-6389.json
View file

@ -473,8 +473,8 @@
"description": null,
"fork": false,
"created_at": "2020-10-18T14:01:59Z",
"updated_at": "2020-11-19T14:21:32Z",
"pushed_at": "2020-11-19T14:21:30Z",
"updated_at": "2020-11-25T22:30:31Z",
"pushed_at": "2020-11-25T22:30:29Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 1,

8
2019/CVE-2019-0708.json
View file

@ -1278,13 +1278,13 @@
"description": "A quick scanner for the CVE-2019-0708 \"BlueKeep\" vulnerability.",
"fork": false,
"created_at": "2019-05-23T22:50:12Z",
"updated_at": "2020-11-24T05:53:19Z",
"updated_at": "2020-11-26T02:30:21Z",
"pushed_at": "2019-06-22T21:48:45Z",
"stargazers_count": 775,
"watchers_count": 775,
"stargazers_count": 777,
"watchers_count": 777,
"forks_count": 190,
"forks": 190,
"watchers": 775,
"watchers": 777,
"score": 0
},
{

8
2019/CVE-2019-15858.json
View file

@ -13,13 +13,13 @@
"description": "Unauthenticated RCE at Woody Ad Snippets \/ CVE-2019-15858 (PoC)",
"fork": false,
"created_at": "2019-09-12T21:52:55Z",
"updated_at": "2020-06-09T18:27:58Z",
"updated_at": "2020-11-25T23:33:18Z",
"pushed_at": "2019-09-12T22:19:47Z",
"stargazers_count": 26,
"watchers_count": 26,
"stargazers_count": 27,
"watchers_count": 27,
"forks_count": 6,
"forks": 6,
"watchers": 26,
"watchers": 27,
"score": 0
}
]

12
2019/CVE-2019-1653.json
View file

@ -36,13 +36,13 @@
"description": "Just a PoC tool to extract password using CVE-2019-1653.",
"fork": false,
"created_at": "2019-04-01T07:40:01Z",
"updated_at": "2019-04-02T04:57:33Z",
"updated_at": "2020-11-25T23:13:59Z",
"pushed_at": "2019-04-01T07:50:48Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 3,
"forks": 3,
"watchers": 3,
"stargazers_count": 4,
"watchers_count": 4,
"forks_count": 4,
"forks": 4,
"watchers": 4,
"score": 0
}
]

4
2019/CVE-2019-17558.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2090,
"watchers_count": 2090,
"forks_count": 577,
"forks": 577,
"forks_count": 578,
"forks": 578,
"watchers": 2090,
"score": 0
},

8
2020/CVE-2020-1034.json
View file

@ -13,13 +13,13 @@
"description": "PoC demonstrating the use of cve-2020-1034 for privilege escalation",
"fork": false,
"created_at": "2020-11-23T10:24:07Z",
"updated_at": "2020-11-25T17:03:29Z",
"updated_at": "2020-11-26T03:02:25Z",
"pushed_at": "2020-11-23T11:20:28Z",
"stargazers_count": 47,
"watchers_count": 47,
"stargazers_count": 48,
"watchers_count": 48,
"forks_count": 10,
"forks": 10,
"watchers": 47,
"watchers": 48,
"score": 0
}
]

23
2020/CVE-2020-10977.json
View file

@ -21,5 +21,28 @@
"forks": 0,
"watchers": 6,
"score": 0
},
{
"id": 316070312,
"name": "CVE-2020-10977.py",
"full_name": "JustMichi\/CVE-2020-10977.py",
"owner": {
"login": "JustMichi",
"id": 10670516,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/10670516?v=4",
"html_url": "https:\/\/github.com\/JustMichi"
},
"html_url": "https:\/\/github.com\/JustMichi\/CVE-2020-10977.py",
"description": "authenticated arbitrary file read for Gitlab (CVE-2020-10977)",
"fork": false,
"created_at": "2020-11-25T22:48:26Z",
"updated_at": "2020-11-25T23:01:56Z",
"pushed_at": "2020-11-25T23:01:53Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2020/CVE-2020-13942.json
View file

@ -36,13 +36,13 @@
"description": "CVE-2020-13942 unauthenticated RCE POC through MVEL and OGNL injection",
"fork": false,
"created_at": "2020-11-19T08:22:17Z",
"updated_at": "2020-11-25T18:25:15Z",
"updated_at": "2020-11-25T22:40:09Z",
"pushed_at": "2020-11-20T21:34:10Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"forks_count": 7,
"forks": 7,
"watchers": 16,
"watchers": 17,
"score": 0
},
{

32
2020/CVE-2020-1472.json
View file

@ -36,13 +36,13 @@
"description": "Test tool for CVE-2020-1472",
"fork": false,
"created_at": "2020-09-08T08:58:37Z",
"updated_at": "2020-11-22T18:17:41Z",
"updated_at": "2020-11-26T02:52:59Z",
"pushed_at": "2020-10-21T12:10:28Z",
"stargazers_count": 1187,
"watchers_count": 1187,
"stargazers_count": 1188,
"watchers_count": 1188,
"forks_count": 271,
"forks": 271,
"watchers": 1187,
"watchers": 1188,
"score": 0
},
{
@ -82,13 +82,13 @@
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
"fork": false,
"created_at": "2020-09-14T16:56:51Z",
"updated_at": "2020-11-25T09:39:16Z",
"updated_at": "2020-11-26T02:22:02Z",
"pushed_at": "2020-11-03T09:45:24Z",
"stargazers_count": 708,
"watchers_count": 708,
"stargazers_count": 709,
"watchers_count": 709,
"forks_count": 202,
"forks": 202,
"watchers": 708,
"watchers": 709,
"score": 0
},
{
@ -105,13 +105,13 @@
"description": "Exploit Code for CVE-2020-1472 aka Zerologon",
"fork": false,
"created_at": "2020-09-14T16:57:49Z",
"updated_at": "2020-11-25T09:33:33Z",
"updated_at": "2020-11-25T22:02:47Z",
"pushed_at": "2020-11-05T16:37:20Z",
"stargazers_count": 147,
"watchers_count": 147,
"stargazers_count": 148,
"watchers_count": 148,
"forks_count": 36,
"forks": 36,
"watchers": 147,
"watchers": 148,
"score": 0
},
{
@ -128,13 +128,13 @@
"description": "Exploit for zerologon cve-2020-1472",
"fork": false,
"created_at": "2020-09-14T19:19:07Z",
"updated_at": "2020-11-25T09:35:47Z",
"updated_at": "2020-11-25T23:52:42Z",
"pushed_at": "2020-10-15T18:31:15Z",
"stargazers_count": 235,
"watchers_count": 235,
"stargazers_count": 236,
"watchers_count": 236,
"forks_count": 87,
"forks": 87,
"watchers": 235,
"watchers": 236,
"score": 0
},
{

24
2020/CVE-2020-14882.json
View file

@ -17,8 +17,8 @@
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2090,
"watchers_count": 2090,
"forks_count": 577,
"forks": 577,
"forks_count": 578,
"forks": 578,
"watchers": 2090,
"score": 0
},
@ -36,13 +36,13 @@
"description": "Vulmap - Web漏洞扫描和验证工具可对Web容器、Web服务器、Web中间件以及CMS等Web程序进行漏洞扫描并且具备漏洞利用功能。 相关测试人员可以使用vulmap检测目标是否存在特定漏洞并且可以使用漏洞利用功能验证漏洞是否真实存在。CVE-2020-14882, CVE-2020-2555, CVE-2020-2883",
"fork": false,
"created_at": "2020-10-09T06:34:36Z",
"updated_at": "2020-11-25T14:08:25Z",
"updated_at": "2020-11-26T01:16:17Z",
"pushed_at": "2020-11-10T02:58:25Z",
"stargazers_count": 371,
"watchers_count": 371,
"stargazers_count": 372,
"watchers_count": 372,
"forks_count": 71,
"forks": 71,
"watchers": 371,
"watchers": 372,
"score": 0
},
{
@ -93,19 +93,19 @@
},
{
"id": 308184758,
"name": "McMaster-University-0-day-Blind-Command-Injection",
"full_name": "Umarovm\/McMaster-University-0-day-Blind-Command-Injection",
"name": "-Patched-McMaster-University-Blind-Command-Injection",
"full_name": "Umarovm\/-Patched-McMaster-University-Blind-Command-Injection",
"owner": {
"login": "Umarovm",
"id": 25722145,
"avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/25722145?v=4",
"html_url": "https:\/\/github.com\/Umarovm"
},
"html_url": "https:\/\/github.com\/Umarovm\/McMaster-University-0-day-Blind-Command-Injection",
"html_url": "https:\/\/github.com\/Umarovm\/-Patched-McMaster-University-Blind-Command-Injection",
"description": "(patched) This targets McMaster University's website and takes advantage of CVE-2020-14882 in the outdated version of WebLogic Server (12.2.1.3.0), which is present in the university's subdomains, mosaic.mcmaster.ca and epprd.uts.mcmaster.ca.",
"fork": false,
"created_at": "2020-10-29T01:28:41Z",
"updated_at": "2020-10-31T01:09:15Z",
"updated_at": "2020-11-26T01:47:44Z",
"pushed_at": "2020-10-31T01:08:56Z",
"stargazers_count": 0,
"watchers_count": 0,
@ -293,8 +293,8 @@
"pushed_at": "2020-11-05T03:29:09Z",
"stargazers_count": 43,
"watchers_count": 43,
"forks_count": 13,
"forks": 13,
"forks_count": 14,
"forks": 14,
"watchers": 43,
"score": 0
},

20
2020/CVE-2020-16898.json
View file

@ -13,13 +13,13 @@
"description": "CVE-2020-16898 (Bad Neighbor) Microsoft Windows TCP\/IP Vulnerability Detection Logic and Rule",
"fork": false,
"created_at": "2020-10-07T19:56:09Z",
"updated_at": "2020-11-25T10:47:56Z",
"updated_at": "2020-11-26T02:29:28Z",
"pushed_at": "2020-10-26T10:15:32Z",
"stargazers_count": 201,
"watchers_count": 201,
"stargazers_count": 202,
"watchers_count": 202,
"forks_count": 28,
"forks": 28,
"watchers": 201,
"watchers": 202,
"score": 0
},
{
@ -82,13 +82,13 @@
"description": "Proof-of-Concept (PoC) script to exploit IPv6 (CVE-2020-16898).",
"fork": false,
"created_at": "2020-10-14T14:42:52Z",
"updated_at": "2020-10-23T09:14:05Z",
"updated_at": "2020-11-26T02:29:48Z",
"pushed_at": "2020-10-14T16:56:04Z",
"stargazers_count": 17,
"watchers_count": 17,
"forks_count": 5,
"forks": 5,
"watchers": 17,
"stargazers_count": 18,
"watchers_count": 18,
"forks_count": 6,
"forks": 6,
"watchers": 18,
"score": 0
},
{

8
2020/CVE-2020-24227.json
View file

@ -13,13 +13,13 @@
"description": "Playground Sessions - Storing User Credentials in Plaintext",
"fork": false,
"created_at": "2020-11-21T12:55:42Z",
"updated_at": "2020-11-25T04:29:32Z",
"updated_at": "2020-11-26T01:10:09Z",
"pushed_at": "2020-11-21T13:18:01Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 0,
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0
}
]

4
2020/CVE-2020-9484.json
View file

@ -40,8 +40,8 @@
"pushed_at": "2020-05-21T10:15:35Z",
"stargazers_count": 93,
"watchers_count": 93,
"forks_count": 24,
"forks": 24,
"forks_count": 25,
"forks": 25,
"watchers": 93,
"score": 0
},

69
README.md
View file

@ -1752,6 +1752,7 @@ GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an iss
</code>
- [thewhiteh4t/cve-2020-10977](https://github.com/thewhiteh4t/cve-2020-10977)
- [JustMichi/CVE-2020-10977.py](https://github.com/JustMichi/CVE-2020-10977.py)
### CVE-2020-11076 (2020-05-22)
@ -2357,7 +2358,7 @@ Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
- [zhzyker/vulmap](https://github.com/zhzyker/vulmap)
- [jas502n/CVE-2020-14882](https://github.com/jas502n/CVE-2020-14882)
- [s1kr10s/CVE-2020-14882](https://github.com/s1kr10s/CVE-2020-14882)
- [Umarovm/McMaster-University-0-day-Blind-Command-Injection](https://github.com/Umarovm/McMaster-University-0-day-Blind-Command-Injection)
- [Umarovm/-Patched-McMaster-University-Blind-Command-Injection](https://github.com/Umarovm/-Patched-McMaster-University-Blind-Command-Injection)
- [RedTeamWing/CVE-2020-14882](https://github.com/RedTeamWing/CVE-2020-14882)
- [0thm4n3/cve-2020-14882](https://github.com/0thm4n3/cve-2020-14882)
- [wsfengfan/cve-2020-14882](https://github.com/wsfengfan/cve-2020-14882)
@ -15685,6 +15686,46 @@ Liferay Portal through 6.2.10 allows remote authenticated users to execute arbit
## 2009
### CVE-2009-0229 (2009-06-10)
<code>
The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted separator page, aka &quot;Print Spooler Read File Vulnerability.&quot;
</code>
- [zveriu/CVE-2009-0229-PoC](https://github.com/zveriu/CVE-2009-0229-PoC)
### CVE-2009-0473 (2009-02-06)
<code>
Open redirect vulnerability in the web interface in the Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge Module allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
</code>
- [akbarq/CVE-2009-0473-check](https://github.com/akbarq/CVE-2009-0473-check)
### CVE-2009-0689 (2009-07-01)
<code>
Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa.c) and the (2) gdtoa (aka new dtoa) implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x before 3.5.4, K-Meleon 1.5.3, SeaMonkey 1.1.8, and other products, allows context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large precision value in the format argument to a printf function, which triggers incorrect memory allocation and a heap-based buffer overflow during conversion to a floating-point number.
</code>
- [Fullmetal5/str2hax](https://github.com/Fullmetal5/str2hax)
### CVE-2009-1151 (2009-03-26)
<code>
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
</code>
- [minervais/pocs](https://github.com/minervais/pocs)
### CVE-2009-1244 (2009-04-13)
<code>
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.
</code>
- [piotrbania/vmware_exploit_pack_CVE-2009-1244](https://github.com/piotrbania/vmware_exploit_pack_CVE-2009-1244)
### CVE-2009-1324 (2009-04-17)
<code>
@ -15699,6 +15740,7 @@ Stack-based buffer overflow in Mini-stream ASX to MP3 Converter 3.0.0.7 allows r
Stack-based buffer overflow in Easy RM to MP3 Converter allows remote attackers to execute arbitrary code via a long filename in a playlist (.pls) file.
</code>
- [adenkiewicz/CVE-2009-1330](https://github.com/adenkiewicz/CVE-2009-1330)
- [war4uthor/CVE-2009-1330](https://github.com/war4uthor/CVE-2009-1330)
- [exploitwritter/CVE-2009-1330_EasyRMToMp3Converter](https://github.com/exploitwritter/CVE-2009-1330_EasyRMToMp3Converter)
@ -15718,6 +15760,14 @@ The BigDecimal library in Ruby 1.8.6 before p369 and 1.8.7 before p173 allows co
- [NZKoz/bigdecimal-segfault-fix](https://github.com/NZKoz/bigdecimal-segfault-fix)
### CVE-2009-2265 (2009-07-05)
<code>
Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow remote attackers to create executable files in arbitrary directories via directory traversal sequences in the input to unspecified connector modules, as exploited in the wild for remote code execution in July 2009, related to the file browser and the editor/filemanager/connectors/ directory.
</code>
- [zaphoxx/zaphoxx-coldfusion](https://github.com/zaphoxx/zaphoxx-coldfusion)
### CVE-2009-2692 (2009-08-14)
<code>
@ -15726,6 +15776,14 @@ The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not in
- [jdvalentini/CVE-2009-2692](https://github.com/jdvalentini/CVE-2009-2692)
### CVE-2009-2698 (2009-08-27)
<code>
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket.
</code>
- [xiaoxiaoleo/CVE-2009-2698](https://github.com/xiaoxiaoleo/CVE-2009-2698)
### CVE-2009-3103 (2009-09-08)
<code>
@ -15758,6 +15816,14 @@ The loadContentFromCookie function in core/Cookie.php in Piwik before 0.5 does n
- [Alexeyan/CVE-2009-4137](https://github.com/Alexeyan/CVE-2009-4137)
### CVE-2009-4660 (2010-03-03)
<code>
Stack-based buffer overflow in the AntServer Module (AntServer.exe) in BigAnt IM Server 2.50 allows remote attackers to execute arbitrary code via a long GET request to TCP port 6660.
</code>
- [war4uthor/CVE-2009-4660](https://github.com/war4uthor/CVE-2009-4660)
### CVE-2009-5147 (2017-03-29)
<code>
@ -15765,6 +15831,7 @@ DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.
</code>
- [vpereira/CVE-2009-5147](https://github.com/vpereira/CVE-2009-5147)
- [zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-](https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-)
## 2008