mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2025/01/08 06:32:29

Browse source
This commit is contained in:
motikan2010-bot 2025-01-08 15:32:29 +09:00
parent 298fff475a
commit 1b219b7c29
47 changed files with 470 additions and 169 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2017/CVE-2017-10271.json
View file

@ -428,10 +428,10 @@
"description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具采用JDK 1.8+NetBeans8.2开发软件运行必须安装JDK 1.8或者以上版本。 支持weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。",
"fork": false,
"created_at": "2018-09-13T09:44:18Z",
"updated_at": "2025-01-03T04:58:07Z",
"updated_at": "2025-01-08T05:19:59Z",
"pushed_at": "2020-10-01T20:20:41Z",
"stargazers_count": 462,
"watchers_count": 462,
"stargazers_count": 463,
"watchers_count": 463,
"has_discussions": false,
"forks_count": 115,
"allow_forking": true,
@ -440,7 +440,7 @@
"topics": [],
"visibility": "public",
"forks": 115,
"watchers": 462,
"watchers": 463,
"score": 0,
"subscribers_count": 9
},

8
2017/CVE-2017-5638.json
View file

@ -2207,10 +2207,10 @@
"description": "This project demonstrates a Web Application Firewall (WAF) simulation using Flask and a vulnerability checker for CVE-2017-5638. The WAF middleware blocks HTTP requests containing specific patterns, and the vulnerability checker tests for and exploits the Apache Struts 2 vulnerability (CVE-2017-5638).",
"fork": false,
"created_at": "2024-07-11T15:16:56Z",
"updated_at": "2024-12-04T20:21:40Z",
"updated_at": "2025-01-08T04:59:31Z",
"pushed_at": "2024-07-11T15:19:51Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -2219,7 +2219,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},

31
2018/CVE-2018-16763.json
View file

@ -482,5 +482,36 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 913589801,
"name": "CVE-2018-16763-FuelCMS-1.4.1-RCE",
"full_name": "altsun\/CVE-2018-16763-FuelCMS-1.4.1-RCE",
"owner": {
"login": "altsun",
"id": 23631165,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23631165?v=4",
"html_url": "https:\/\/github.com\/altsun",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/altsun\/CVE-2018-16763-FuelCMS-1.4.1-RCE",
"description": "Fuel CMS 1.4.1 - Remote Code Execution",
"fork": false,
"created_at": "2025-01-08T01:30:07Z",
"updated_at": "2025-01-08T01:35:17Z",
"pushed_at": "2025-01-08T01:35:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

10
2019/CVE-2019-0708.json
View file

@ -1210,10 +1210,10 @@
"description": "dump",
"fork": false,
"created_at": "2019-05-21T06:57:19Z",
"updated_at": "2024-12-22T14:00:00Z",
"updated_at": "2025-01-08T03:13:48Z",
"pushed_at": "2019-06-01T05:15:11Z",
"stargazers_count": 492,
"watchers_count": 492,
"stargazers_count": 491,
"watchers_count": 491,
"has_discussions": false,
"forks_count": 178,
"allow_forking": true,
@ -1222,7 +1222,7 @@
"topics": [],
"visibility": "public",
"forks": 178,
"watchers": 492,
"watchers": 491,
"score": 0,
"subscribers_count": 34
},
@ -3086,7 +3086,7 @@
"description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell",
"fork": false,
"created_at": "2020-01-21T02:22:29Z",
"updated_at": "2025-01-03T19:08:50Z",
"updated_at": "2025-01-08T03:08:59Z",
"pushed_at": "2020-01-21T03:15:41Z",
"stargazers_count": 323,
"watchers_count": 323,

8
2019/CVE-2019-2725.json
View file

@ -14,10 +14,10 @@
"description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具采用JDK 1.8+NetBeans8.2开发软件运行必须安装JDK 1.8或者以上版本。 支持weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。",
"fork": false,
"created_at": "2018-09-13T09:44:18Z",
"updated_at": "2025-01-03T04:58:07Z",
"updated_at": "2025-01-08T05:19:59Z",
"pushed_at": "2020-10-01T20:20:41Z",
"stargazers_count": 462,
"watchers_count": 462,
"stargazers_count": 463,
"watchers_count": 463,
"has_discussions": false,
"forks_count": 115,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 115,
"watchers": 462,
"watchers": 463,
"score": 0,
"subscribers_count": 9
},

8
2020/CVE-2020-0796.json
View file

@ -202,10 +202,10 @@
"description": "Identifying and Mitigating the CVE-20200796 flaw in the fly",
"fork": false,
"created_at": "2020-03-11T18:42:32Z",
"updated_at": "2024-12-17T02:26:53Z",
"updated_at": "2025-01-08T00:49:34Z",
"pushed_at": "2020-03-12T10:19:35Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 15,
"allow_forking": true,
@ -219,7 +219,7 @@
],
"visibility": "public",
"forks": 15,
"watchers": 14,
"watchers": 15,
"score": 0,
"subscribers_count": 2
},

8
2020/CVE-2020-1350.json
View file

@ -14,10 +14,10 @@
"description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473",
"fork": false,
"created_at": "2020-03-11T17:51:29Z",
"updated_at": "2024-11-06T12:30:06Z",
"updated_at": "2025-01-08T00:43:57Z",
"pushed_at": "2021-08-16T18:16:20Z",
"stargazers_count": 161,
"watchers_count": 161,
"stargazers_count": 162,
"watchers_count": 162,
"has_discussions": false,
"forks_count": 29,
"allow_forking": true,
@ -43,7 +43,7 @@
],
"visibility": "public",
"forks": 29,
"watchers": 161,
"watchers": 162,
"score": 0,
"subscribers_count": 10
},

8
2020/CVE-2020-15368.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2020-15368, aka \"How to exploit a vulnerable driver\"",
"fork": false,
"created_at": "2021-06-29T04:38:24Z",
"updated_at": "2024-12-30T08:59:52Z",
"updated_at": "2025-01-08T02:41:48Z",
"pushed_at": "2022-04-14T03:17:44Z",
"stargazers_count": 447,
"watchers_count": 447,
"stargazers_count": 448,
"watchers_count": 448,
"has_discussions": false,
"forks_count": 46,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 46,
"watchers": 447,
"watchers": 448,
"score": 0,
"subscribers_count": 6
},

8
2020/CVE-2020-17087.json
View file

@ -76,10 +76,10 @@
"description": "Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CVE-2020-17087 and an off-by-one overflow",
"fork": false,
"created_at": "2021-07-02T16:03:16Z",
"updated_at": "2025-01-05T03:02:14Z",
"updated_at": "2025-01-08T02:43:56Z",
"pushed_at": "2022-09-01T06:33:36Z",
"stargazers_count": 185,
"watchers_count": 185,
"stargazers_count": 186,
"watchers_count": 186,
"has_discussions": false,
"forks_count": 49,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 49,
"watchers": 185,
"watchers": 186,
"score": 0,
"subscribers_count": 7
},

8
2020/CVE-2020-3153.json
View file

@ -81,10 +81,10 @@
"description": "Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal",
"fork": false,
"created_at": "2020-05-19T18:59:26Z",
"updated_at": "2024-02-29T10:32:54Z",
"updated_at": "2025-01-08T02:59:41Z",
"pushed_at": "2020-05-25T08:33:24Z",
"stargazers_count": 104,
"watchers_count": 104,
"stargazers_count": 105,
"watchers_count": 105,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
@ -93,7 +93,7 @@
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 104,
"watchers": 105,
"score": 0,
"subscribers_count": 2
}

8
2021/CVE-2021-21972.json
View file

@ -14,10 +14,10 @@
"description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473",
"fork": false,
"created_at": "2020-03-11T17:51:29Z",
"updated_at": "2024-11-06T12:30:06Z",
"updated_at": "2025-01-08T00:43:57Z",
"pushed_at": "2021-08-16T18:16:20Z",
"stargazers_count": 161,
"watchers_count": 161,
"stargazers_count": 162,
"watchers_count": 162,
"has_discussions": false,
"forks_count": 29,
"allow_forking": true,
@ -43,7 +43,7 @@
],
"visibility": "public",
"forks": 29,
"watchers": 161,
"watchers": 162,
"score": 0,
"subscribers_count": 10
},

16
2021/CVE-2021-40444.json
View file

@ -541,10 +541,10 @@
"description": "CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit",
"fork": false,
"created_at": "2021-09-15T22:34:35Z",
"updated_at": "2024-12-22T08:51:34Z",
"updated_at": "2025-01-08T00:43:39Z",
"pushed_at": "2023-10-11T18:44:51Z",
"stargazers_count": 804,
"watchers_count": 804,
"stargazers_count": 805,
"watchers_count": 805,
"has_discussions": false,
"forks_count": 170,
"allow_forking": true,
@ -560,7 +560,7 @@
],
"visibility": "public",
"forks": 170,
"watchers": 804,
"watchers": 805,
"score": 0,
"subscribers_count": 18
},
@ -610,10 +610,10 @@
"description": "Modified code so that we don´t need to rely on CAB archives",
"fork": false,
"created_at": "2021-09-19T19:46:28Z",
"updated_at": "2025-01-06T17:07:26Z",
"updated_at": "2025-01-08T02:51:01Z",
"pushed_at": "2021-09-22T20:07:51Z",
"stargazers_count": 100,
"watchers_count": 100,
"stargazers_count": 101,
"watchers_count": 101,
"has_discussions": false,
"forks_count": 22,
"allow_forking": true,
@ -622,7 +622,7 @@
"topics": [],
"visibility": "public",
"forks": 22,
"watchers": 100,
"watchers": 101,
"score": 0,
"subscribers_count": 7
},

8
2021/CVE-2021-44228.json
View file

@ -107,10 +107,10 @@
"description": "Remote Code Injection In Log4j",
"fork": false,
"created_at": "2021-12-10T05:23:44Z",
"updated_at": "2024-12-31T10:04:30Z",
"updated_at": "2025-01-08T03:40:14Z",
"pushed_at": "2022-01-18T12:01:52Z",
"stargazers_count": 461,
"watchers_count": 461,
"stargazers_count": 462,
"watchers_count": 462,
"has_discussions": false,
"forks_count": 122,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 122,
"watchers": 461,
"watchers": 462,
"score": 0,
"subscribers_count": 8
},

8
2022/CVE-2022-22274.json
View file

@ -76,10 +76,10 @@
"description": null,
"fork": false,
"created_at": "2024-01-12T20:03:51Z",
"updated_at": "2024-11-28T00:21:37Z",
"updated_at": "2025-01-08T05:41:54Z",
"pushed_at": "2024-01-12T20:15:47Z",
"stargazers_count": 19,
"watchers_count": 19,
"stargazers_count": 20,
"watchers_count": 20,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 19,
"watchers": 20,
"score": 0,
"subscribers_count": 5
}

2
2022/CVE-2022-29078.json
View file

@ -127,6 +127,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2022/CVE-2022-4543.json
View file

@ -14,7 +14,7 @@
"description": null,
"fork": false,
"created_at": "2023-07-10T02:34:01Z",
"updated_at": "2024-11-19T01:36:09Z",
"updated_at": "2025-01-08T02:54:54Z",
"pushed_at": "2023-11-22T07:48:54Z",
"stargazers_count": 2,
"watchers_count": 2,

8
2022/CVE-2022-46689.json
View file

@ -107,10 +107,10 @@
"description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.",
"fork": false,
"created_at": "2022-12-26T06:56:35Z",
"updated_at": "2025-01-07T04:01:26Z",
"updated_at": "2025-01-08T04:25:49Z",
"pushed_at": "2023-08-02T09:35:14Z",
"stargazers_count": 883,
"watchers_count": 883,
"stargazers_count": 884,
"watchers_count": 884,
"has_discussions": false,
"forks_count": 72,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 72,
"watchers": 883,
"watchers": 884,
"score": 0,
"subscribers_count": 25
},

8
2023/CVE-2023-0656.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2024-01-12T20:03:51Z",
"updated_at": "2024-11-28T00:21:37Z",
"updated_at": "2025-01-08T05:41:54Z",
"pushed_at": "2024-01-12T20:15:47Z",
"stargazers_count": 19,
"watchers_count": 19,
"stargazers_count": 20,
"watchers_count": 20,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 19,
"watchers": 20,
"score": 0,
"subscribers_count": 5
}

2
2023/CVE-2023-2645.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

6
2023/CVE-2023-2825.json
View file

@ -203,8 +203,8 @@
"description": "Exploiting CVE-2023-2825 on a VM",
"fork": false,
"created_at": "2025-01-02T16:10:01Z",
"updated_at": "2025-01-07T23:50:33Z",
"pushed_at": "2025-01-07T23:50:29Z",
"updated_at": "2025-01-08T02:41:35Z",
"pushed_at": "2025-01-08T02:41:32Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
@ -217,6 +217,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

31
2023/CVE-2023-3824.json
View file

@ -29,5 +29,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 913593509,
"name": "poc-cve-2023-3824",
"full_name": "fr33c0d3\/poc-cve-2023-3824",
"owner": {
"login": "fr33c0d3",
"id": 194177575,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194177575?v=4",
"html_url": "https:\/\/github.com\/fr33c0d3",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/fr33c0d3\/poc-cve-2023-3824",
"description": "PoC CVE 2023-3824",
"fork": false,
"created_at": "2025-01-08T01:43:29Z",
"updated_at": "2025-01-08T01:50:01Z",
"pushed_at": "2025-01-08T01:49:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-45866.json
View file

@ -14,10 +14,10 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2025-01-07T20:59:01Z",
"updated_at": "2025-01-08T05:55:25Z",
"pushed_at": "2024-08-18T08:26:46Z",
"stargazers_count": 1369,
"watchers_count": 1369,
"stargazers_count": 1370,
"watchers_count": 1370,
"has_discussions": false,
"forks_count": 233,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 233,
"watchers": 1369,
"watchers": 1370,
"score": 0,
"subscribers_count": 21
},

4
2023/CVE-2023-50164.json
View file

@ -428,13 +428,13 @@
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 1,
"score": 0,
"subscribers_count": 1

4
2024/CVE-2024-0582.json
View file

@ -81,13 +81,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1

4
2024/CVE-2024-10924.json
View file

@ -158,13 +158,13 @@
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"forks": 3,
"watchers": 1,
"score": 0,
"subscribers_count": 1

4
2024/CVE-2024-12849.json
View file

@ -28,7 +28,7 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
},
{
"id": 913426666,
@ -59,6 +59,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

16
2024/CVE-2024-3400.json
View file

@ -293,10 +293,10 @@
"description": "CVE-2024-3400 Palo Alto OS Command Injection",
"fork": false,
"created_at": "2024-04-16T14:18:08Z",
"updated_at": "2025-01-04T13:34:10Z",
"updated_at": "2025-01-08T03:40:00Z",
"pushed_at": "2024-04-16T22:35:43Z",
"stargazers_count": 151,
"watchers_count": 151,
"stargazers_count": 152,
"watchers_count": 152,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@ -305,7 +305,7 @@
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 151,
"watchers": 152,
"score": 0,
"subscribers_count": 1
},
@ -417,10 +417,10 @@
"description": "CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect",
"fork": false,
"created_at": "2024-04-16T21:24:15Z",
"updated_at": "2025-01-07T23:28:39Z",
"updated_at": "2025-01-08T03:10:14Z",
"pushed_at": "2024-04-17T11:03:32Z",
"stargazers_count": 23,
"watchers_count": 23,
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -429,7 +429,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 23,
"watchers": 24,
"score": 0,
"subscribers_count": 2
},

2
2024/CVE-2024-34102.json
View file

@ -712,6 +712,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

24
2024/CVE-2024-35250.json
View file

@ -14,19 +14,19 @@
"description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver",
"fork": false,
"created_at": "2024-10-13T19:30:20Z",
"updated_at": "2025-01-06T16:52:03Z",
"updated_at": "2025-01-08T03:20:04Z",
"pushed_at": "2024-11-29T16:56:23Z",
"stargazers_count": 254,
"watchers_count": 254,
"stargazers_count": 257,
"watchers_count": 257,
"has_discussions": false,
"forks_count": 56,
"forks_count": 57,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 56,
"watchers": 254,
"forks": 57,
"watchers": 257,
"score": 0,
"subscribers_count": 7
},
@ -45,19 +45,19 @@
"description": "Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。) ",
"fork": false,
"created_at": "2024-10-25T10:06:09Z",
"updated_at": "2024-12-17T10:07:43Z",
"updated_at": "2025-01-08T01:57:03Z",
"pushed_at": "2024-10-21T04:15:27Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 4,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 6,
"forks": 6,
"watchers": 10,
"score": 0,
"subscribers_count": 0
},

8
2024/CVE-2024-36401.json
View file

@ -362,10 +362,10 @@
"description": "geoserver图形化漏洞利用工具",
"fork": false,
"created_at": "2024-10-05T10:08:55Z",
"updated_at": "2025-01-06T06:29:08Z",
"updated_at": "2025-01-08T01:09:49Z",
"pushed_at": "2024-10-08T03:16:26Z",
"stargazers_count": 30,
"watchers_count": 30,
"stargazers_count": 31,
"watchers_count": 31,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -374,7 +374,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 30,
"watchers": 31,
"score": 0,
"subscribers_count": 1
},

4
2024/CVE-2024-40711.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 38,
"watchers_count": 38,
"has_discussions": false,
"forks_count": 11,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 11,
"forks": 12,
"watchers": 38,
"score": 0,
"subscribers_count": 0

8
2024/CVE-2024-42327.json
View file

@ -200,10 +200,10 @@
"description": "Zabbix CVE-2024-42327 PoC",
"fork": false,
"created_at": "2025-01-01T18:25:44Z",
"updated_at": "2025-01-07T16:16:09Z",
"updated_at": "2025-01-08T02:31:14Z",
"pushed_at": "2025-01-03T13:49:03Z",
"stargazers_count": 29,
"watchers_count": 29,
"stargazers_count": 32,
"watchers_count": 32,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -212,7 +212,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 29,
"watchers": 32,
"score": 0,
"subscribers_count": 1
}

2
2024/CVE-2024-436.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

4
2024/CVE-2024-45519.json
View file

@ -50,13 +50,13 @@
"stargazers_count": 119,
"watchers_count": 119,
"has_discussions": false,
"forks_count": 18,
"forks_count": 19,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 18,
"forks": 19,
"watchers": 119,
"score": 0,
"subscribers_count": 3

39
2024/CVE-2024-4577.json
View file

@ -169,10 +169,10 @@
"description": "PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC",
"fork": false,
"created_at": "2024-06-07T09:52:54Z",
"updated_at": "2025-01-02T14:48:39Z",
"updated_at": "2025-01-08T00:45:04Z",
"pushed_at": "2024-06-22T15:13:52Z",
"stargazers_count": 243,
"watchers_count": 243,
"stargazers_count": 244,
"watchers_count": 244,
"has_discussions": false,
"forks_count": 52,
"allow_forking": true,
@ -181,7 +181,7 @@
"topics": [],
"visibility": "public",
"forks": 52,
"watchers": 243,
"watchers": 244,
"score": 0,
"subscribers_count": 4
},
@ -1298,37 +1298,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 830629911,
"name": "CVE-2024-4577",
"full_name": "nNoSuger\/CVE-2024-4577",
"owner": {
"login": "nNoSuger",
"id": 130155594,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130155594?v=4",
"html_url": "https:\/\/github.com\/nNoSuger",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/nNoSuger\/CVE-2024-4577",
"description": "CVE",
"fork": false,
"created_at": "2024-07-18T16:39:27Z",
"updated_at": "2024-07-18T16:39:27Z",
"pushed_at": "2024-07-18T16:39:27Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 833329743,
"name": "CVE-2024-4577",

31
2024/CVE-2024-49112.json
View file

@ -60,5 +60,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 913597480,
"name": "CVE-2024-49112-PoC",
"full_name": "bo0l3an\/CVE-2024-49112-PoC",
"owner": {
"login": "bo0l3an",
"id": 194175693,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194175693?v=4",
"html_url": "https:\/\/github.com\/bo0l3an",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/bo0l3an\/CVE-2024-49112-PoC",
"description": "CVE-2024-49112 LDAP RCE PoC and Metasploit Module",
"fork": false,
"created_at": "2025-01-08T01:56:41Z",
"updated_at": "2025-01-08T02:48:44Z",
"pushed_at": "2025-01-08T02:48:40Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

12
2024/CVE-2024-49113.json
View file

@ -14,19 +14,19 @@
"description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113",
"fork": false,
"created_at": "2025-01-01T15:48:38Z",
"updated_at": "2025-01-07T19:31:09Z",
"updated_at": "2025-01-08T03:27:17Z",
"pushed_at": "2025-01-02T16:07:23Z",
"stargazers_count": 396,
"watchers_count": 396,
"stargazers_count": 397,
"watchers_count": 397,
"has_discussions": false,
"forks_count": 92,
"forks_count": 93,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 92,
"watchers": 396,
"forks": 93,
"watchers": 397,
"score": 0,
"subscribers_count": 3
},

10
2024/CVE-2024-53677.json
View file

@ -45,10 +45,10 @@
"description": "A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.",
"fork": false,
"created_at": "2024-12-13T17:42:55Z",
"updated_at": "2025-01-07T16:09:03Z",
"updated_at": "2025-01-08T02:10:58Z",
"pushed_at": "2024-12-20T10:05:15Z",
"stargazers_count": 82,
"watchers_count": 82,
"stargazers_count": 83,
"watchers_count": 83,
"has_discussions": false,
"forks_count": 30,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 30,
"watchers": 82,
"watchers": 83,
"score": 0,
"subscribers_count": 3
},
@ -307,6 +307,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

33
2024/CVE-2024-54761.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 888849471,
"name": "CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection",
"full_name": "nscan9\/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection",
"owner": {
"login": "nscan9",
"id": 142240382,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142240382?v=4",
"html_url": "https:\/\/github.com\/nscan9",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/nscan9\/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection",
"description": null,
"fork": false,
"created_at": "2024-11-15T05:55:29Z",
"updated_at": "2025-01-08T05:15:44Z",
"pushed_at": "2025-01-08T05:15:40Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

2
2024/CVE-2024-54910.json
View file

@ -28,6 +28,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

33
2024/CVE-2024-56278.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 912594591,
"name": "CVE-2024-56278",
"full_name": "DoTTak\/CVE-2024-56278",
"owner": {
"login": "DoTTak",
"id": 57674710,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4",
"html_url": "https:\/\/github.com\/DoTTak",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/DoTTak\/CVE-2024-56278",
"description": "PoC of CVE-2024-56278",
"fork": false,
"created_at": "2025-01-06T01:51:46Z",
"updated_at": "2025-01-08T01:10:07Z",
"pushed_at": "2025-01-06T01:55:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

33
2024/CVE-2024-56289.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 912596084,
"name": "CVE-2024-56289",
"full_name": "DoTTak\/CVE-2024-56289",
"owner": {
"login": "DoTTak",
"id": 57674710,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4",
"html_url": "https:\/\/github.com\/DoTTak",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/DoTTak\/CVE-2024-56289",
"description": "PoC of CVE-2024-56289",
"fork": false,
"created_at": "2025-01-06T01:58:24Z",
"updated_at": "2025-01-08T01:11:03Z",
"pushed_at": "2025-01-06T01:58:47Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-6387.json
View file

@ -2931,10 +2931,10 @@
"description": null,
"fork": false,
"created_at": "2025-01-04T00:25:33Z",
"updated_at": "2025-01-07T13:13:10Z",
"updated_at": "2025-01-08T03:48:05Z",
"pushed_at": "2025-01-04T00:37:14Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -2943,7 +2943,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 6,
"watchers": 7,
"score": 0,
"subscribers_count": 1
}

36
2024/CVE-2024-7627.json Normal file
View file

@ -0,0 +1,36 @@
[
{
"id": 913607383,
"name": "CVE-2024-7627-PoC",
"full_name": "siunam321\/CVE-2024-7627-PoC",
"owner": {
"login": "siunam321",
"id": 104430134,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104430134?v=4",
"html_url": "https:\/\/github.com\/siunam321",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/siunam321\/CVE-2024-7627-PoC",
"description": "Proof-of-Concept script for WordPress plugin Bit File Manager version 6.0 - 6.5.5 Unauthenticated Remote Code Execution via Race Condition (CVE-2024-7627) vulnerability",
"fork": false,
"created_at": "2025-01-08T02:32:41Z",
"updated_at": "2025-01-08T03:34:13Z",
"pushed_at": "2025-01-08T02:40:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"proof-of-concept",
"wordpress-plugin"
],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

33
2025/CVE-2025-22352.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 912596332,
"name": "CVE-2025-22352",
"full_name": "DoTTak\/CVE-2025-22352",
"owner": {
"login": "DoTTak",
"id": 57674710,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4",
"html_url": "https:\/\/github.com\/DoTTak",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/DoTTak\/CVE-2025-22352",
"description": "PoC of CVE-2025-22352",
"fork": false,
"created_at": "2025-01-06T01:59:29Z",
"updated_at": "2025-01-08T01:11:24Z",
"pushed_at": "2025-01-06T02:06:06Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

33
2025/CVE-2025-22510.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 913582821,
"name": "CVE-2025-22510",
"full_name": "DoTTak\/CVE-2025-22510",
"owner": {
"login": "DoTTak",
"id": 57674710,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4",
"html_url": "https:\/\/github.com\/DoTTak",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/DoTTak\/CVE-2025-22510",
"description": "PoC of CVE-2025-22510",
"fork": false,
"created_at": "2025-01-08T01:02:02Z",
"updated_at": "2025-01-08T01:19:22Z",
"pushed_at": "2025-01-08T01:08:55Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

40
README.md
View file

@ -1,5 +1,17 @@
# PoC in GitHub
## 2025
### CVE-2025-22352 (2025-01-07)
<code>Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices &amp; Attributes allows Blind SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices &amp; Attributes: from n/a through 1.4.8.
</code>
- [DoTTak/CVE-2025-22352](https://github.com/DoTTak/CVE-2025-22352)
### CVE-2025-22510
- [DoTTak/CVE-2025-22510](https://github.com/DoTTak/CVE-2025-22510)
## 2024
### CVE-2024-0012 (2024-11-18)
@ -1051,7 +1063,6 @@
- [l0n3m4n/CVE-2024-4577-RCE](https://github.com/l0n3m4n/CVE-2024-4577-RCE)
- [bibo318/CVE-2024-4577-RCE-ATTACK](https://github.com/bibo318/CVE-2024-4577-RCE-ATTACK)
- [waived/CVE-2024-4577-PHP-RCE](https://github.com/waived/CVE-2024-4577-PHP-RCE)
- [nNoSuger/CVE-2024-4577](https://github.com/nNoSuger/CVE-2024-4577)
- [a-roshbaik/CVE-2024-4577](https://github.com/a-roshbaik/CVE-2024-4577)
- [a-roshbaik/CVE-2024-4577-PHP-RCE](https://github.com/a-roshbaik/CVE-2024-4577-PHP-RCE)
- [Jcccccx/CVE-2024-4577](https://github.com/Jcccccx/CVE-2024-4577)
@ -1623,6 +1634,13 @@
- [D3N14LD15K/CVE-2024-7593_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-7593_PoC_Exploit)
- [skyrowalker/CVE-2024-7593](https://github.com/skyrowalker/CVE-2024-7593)
### CVE-2024-7627 (2024-09-05)
<code>The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions.
</code>
- [siunam321/CVE-2024-7627-PoC](https://github.com/siunam321/CVE-2024-7627-PoC)
### CVE-2024-7646 (2024-08-16)
<code>A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.
@ -7215,6 +7233,7 @@
- [tnkr/poc_monitor](https://github.com/tnkr/poc_monitor)
- [CCIEVoice2009/CVE-2024-49112](https://github.com/CCIEVoice2009/CVE-2024-49112)
- [bo0l3an/CVE-2024-49112-PoC](https://github.com/bo0l3an/CVE-2024-49112-PoC)
### CVE-2024-49113 (2024-12-10)
@ -7915,6 +7934,9 @@
- [hotplugin0x01/CVE-2024-54679](https://github.com/hotplugin0x01/CVE-2024-54679)
### CVE-2024-54761
- [nscan9/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection](https://github.com/nscan9/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection)
### CVE-2024-54819 (2025-01-07)
<code>I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due to improper input validation in classes/security/validation.php
@ -8031,6 +8053,20 @@
- [Chocapikk/CVE-2024-56145](https://github.com/Chocapikk/CVE-2024-56145)
- [Sachinart/CVE-2024-56145-craftcms-rce](https://github.com/Sachinart/CVE-2024-56145-craftcms-rce)
### CVE-2024-56278 (2025-01-07)
<code>Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP Ultimate Exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through 2.9.1.
</code>
- [DoTTak/CVE-2024-56278](https://github.com/DoTTak/CVE-2024-56278)
### CVE-2024-56289 (2025-01-07)
<code>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Groundhogg Inc. Groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through 3.7.3.3.
</code>
- [DoTTak/CVE-2024-56289](https://github.com/DoTTak/CVE-2024-56289)
### CVE-2024-56331 (2024-12-20)
<code>Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker to access sensitive local files on the server by exploiting the `file:///` protocol. This vulnerability is triggered via the **&quot;real-browser&quot;** request type, which takes a screenshot of the URL provided by the attacker. By supplying local file paths, such as `file:///etc/passwd`, an attacker can read sensitive data from the server. This vulnerability arises because the system does not properly validate or sanitize the user input for the URL field. Specifically: 1. The URL input (`&lt;input data-v-5f5c86d7=&quot;&quot; id=&quot;url&quot; type=&quot;url&quot; class=&quot;form-control&quot; pattern=&quot;https?://.+&quot; required=&quot;&quot;&gt;`) allows users to input arbitrary file paths, including those using the `file:///` protocol, without server-side validation. 2. The server then uses the user-provided URL to make a request, passing it to a browser instance that performs the &quot;real-browser&quot; request, which takes a screenshot of the content at the given URL. If a local file path is entered (e.g., `file:///etc/passwd`), the browser fetches and captures the files content. Since the user input is not validated, an attacker can manipulate the URL to request local files (e.g., `file:///etc/passwd`), and the system will capture a screenshot of the file's content, potentially exposing sensitive data. Any **authenticated user** who can submit a URL in &quot;real-browser&quot; mode is at risk of exposing sensitive data through screenshots of these files. This issue has been addressed in version 1.23.16 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
@ -8846,6 +8882,7 @@
</code>
- [jhonnybonny/CVE-2023-3824](https://github.com/jhonnybonny/CVE-2023-3824)
- [fr33c0d3/poc-cve-2023-3824](https://github.com/fr33c0d3/poc-cve-2023-3824)
### CVE-2023-3836 (2023-07-22)
@ -42251,6 +42288,7 @@
- [antisecc/CVE-2018-16763](https://github.com/antisecc/CVE-2018-16763)
- [VitoBonetti/CVE-2018-16763](https://github.com/VitoBonetti/CVE-2018-16763)
- [saccles/CVE-2018-16763-Proof-of-Concept](https://github.com/saccles/CVE-2018-16763-Proof-of-Concept)
- [altsun/CVE-2018-16763-FuelCMS-1.4.1-RCE](https://github.com/altsun/CVE-2018-16763-FuelCMS-1.4.1-RCE)
### CVE-2018-16809 (2019-03-07)