From 1b219b7c29a31d3ab8608c30859be49f93fc48ed Mon Sep 17 00:00:00 2001 From: motikan2010-bot <k.agena1993@gmail.com> Date: Wed, 8 Jan 2025 15:32:29 +0900 Subject: [PATCH] Auto Update 2025/01/08 06:32:29 --- 2017/CVE-2017-10271.json | 8 ++++---- 2017/CVE-2017-5638.json | 8 ++++---- 2018/CVE-2018-16763.json | 31 +++++++++++++++++++++++++++++++ 2019/CVE-2019-0708.json | 10 +++++----- 2019/CVE-2019-2725.json | 8 ++++---- 2020/CVE-2020-0796.json | 8 ++++---- 2020/CVE-2020-1350.json | 8 ++++---- 2020/CVE-2020-15368.json | 8 ++++---- 2020/CVE-2020-17087.json | 8 ++++---- 2020/CVE-2020-3153.json | 8 ++++---- 2021/CVE-2021-21972.json | 8 ++++---- 2021/CVE-2021-40444.json | 16 ++++++++-------- 2021/CVE-2021-44228.json | 8 ++++---- 2022/CVE-2022-22274.json | 8 ++++---- 2022/CVE-2022-29078.json | 2 +- 2022/CVE-2022-4543.json | 2 +- 2022/CVE-2022-46689.json | 8 ++++---- 2023/CVE-2023-0656.json | 8 ++++---- 2023/CVE-2023-2645.json | 2 +- 2023/CVE-2023-2825.json | 6 +++--- 2023/CVE-2023-3824.json | 31 +++++++++++++++++++++++++++++++ 2023/CVE-2023-45866.json | 8 ++++---- 2023/CVE-2023-50164.json | 4 ++-- 2024/CVE-2024-0582.json | 4 ++-- 2024/CVE-2024-10924.json | 4 ++-- 2024/CVE-2024-12849.json | 4 ++-- 2024/CVE-2024-3400.json | 16 ++++++++-------- 2024/CVE-2024-34102.json | 2 +- 2024/CVE-2024-35250.json | 24 ++++++++++++------------ 2024/CVE-2024-36401.json | 8 ++++---- 2024/CVE-2024-40711.json | 4 ++-- 2024/CVE-2024-42327.json | 8 ++++---- 2024/CVE-2024-436.json | 2 +- 2024/CVE-2024-45519.json | 4 ++-- 2024/CVE-2024-4577.json | 39 ++++----------------------------------- 2024/CVE-2024-49112.json | 31 +++++++++++++++++++++++++++++++ 2024/CVE-2024-49113.json | 12 ++++++------ 2024/CVE-2024-53677.json | 10 +++++----- 2024/CVE-2024-54761.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-54910.json | 2 +- 2024/CVE-2024-56278.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-56289.json | 33 +++++++++++++++++++++++++++++++++ 2024/CVE-2024-6387.json | 8 ++++---- 2024/CVE-2024-7627.json | 36 ++++++++++++++++++++++++++++++++++++ 2025/CVE-2025-22352.json | 33 +++++++++++++++++++++++++++++++++ 2025/CVE-2025-22510.json | 33 +++++++++++++++++++++++++++++++++ README.md | 40 +++++++++++++++++++++++++++++++++++++++- 47 files changed, 470 insertions(+), 169 deletions(-) create mode 100644 2024/CVE-2024-54761.json create mode 100644 2024/CVE-2024-56278.json create mode 100644 2024/CVE-2024-56289.json create mode 100644 2024/CVE-2024-7627.json create mode 100644 2025/CVE-2025-22352.json create mode 100644 2025/CVE-2025-22510.json diff --git a/2017/CVE-2017-10271.json b/2017/CVE-2017-10271.json index b1d055642e..b30ae1baa4 100644 --- a/2017/CVE-2017-10271.json +++ b/2017/CVE-2017-10271.json @@ -428,10 +428,10 @@ "description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。", "fork": false, "created_at": "2018-09-13T09:44:18Z", - "updated_at": "2025-01-03T04:58:07Z", + "updated_at": "2025-01-08T05:19:59Z", "pushed_at": "2020-10-01T20:20:41Z", - "stargazers_count": 462, - "watchers_count": 462, + "stargazers_count": 463, + "watchers_count": 463, "has_discussions": false, "forks_count": 115, "allow_forking": true, @@ -440,7 +440,7 @@ "topics": [], "visibility": "public", "forks": 115, - "watchers": 462, + "watchers": 463, "score": 0, "subscribers_count": 9 }, diff --git a/2017/CVE-2017-5638.json b/2017/CVE-2017-5638.json index 26d043dc1b..2fb258e5ae 100644 --- a/2017/CVE-2017-5638.json +++ b/2017/CVE-2017-5638.json @@ -2207,10 +2207,10 @@ "description": "This project demonstrates a Web Application Firewall (WAF) simulation using Flask and a vulnerability checker for CVE-2017-5638. The WAF middleware blocks HTTP requests containing specific patterns, and the vulnerability checker tests for and exploits the Apache Struts 2 vulnerability (CVE-2017-5638).", "fork": false, "created_at": "2024-07-11T15:16:56Z", - "updated_at": "2024-12-04T20:21:40Z", + "updated_at": "2025-01-08T04:59:31Z", "pushed_at": "2024-07-11T15:19:51Z", - "stargazers_count": 1, - "watchers_count": 1, + "stargazers_count": 2, + "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -2219,7 +2219,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 1, + "watchers": 2, "score": 0, "subscribers_count": 1 }, diff --git a/2018/CVE-2018-16763.json b/2018/CVE-2018-16763.json index 1d970e6307..5b94862826 100644 --- a/2018/CVE-2018-16763.json +++ b/2018/CVE-2018-16763.json @@ -482,5 +482,36 @@ "watchers": 0, "score": 0, "subscribers_count": 1 + }, + { + "id": 913589801, + "name": "CVE-2018-16763-FuelCMS-1.4.1-RCE", + "full_name": "altsun\/CVE-2018-16763-FuelCMS-1.4.1-RCE", + "owner": { + "login": "altsun", + "id": 23631165, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23631165?v=4", + "html_url": "https:\/\/github.com\/altsun", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/altsun\/CVE-2018-16763-FuelCMS-1.4.1-RCE", + "description": "Fuel CMS 1.4.1 - Remote Code Execution", + "fork": false, + "created_at": "2025-01-08T01:30:07Z", + "updated_at": "2025-01-08T01:35:17Z", + "pushed_at": "2025-01-08T01:35:14Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2019/CVE-2019-0708.json b/2019/CVE-2019-0708.json index d0d8672ea1..5c346292c4 100644 --- a/2019/CVE-2019-0708.json +++ b/2019/CVE-2019-0708.json @@ -1210,10 +1210,10 @@ "description": "dump", "fork": false, "created_at": "2019-05-21T06:57:19Z", - "updated_at": "2024-12-22T14:00:00Z", + "updated_at": "2025-01-08T03:13:48Z", "pushed_at": "2019-06-01T05:15:11Z", - "stargazers_count": 492, - "watchers_count": 492, + "stargazers_count": 491, + "watchers_count": 491, "has_discussions": false, "forks_count": 178, "allow_forking": true, @@ -1222,7 +1222,7 @@ "topics": [], "visibility": "public", "forks": 178, - "watchers": 492, + "watchers": 491, "score": 0, "subscribers_count": 34 }, @@ -3086,7 +3086,7 @@ "description": "CVE-2019-0708-EXP-Windows版单文件exe版,运行后直接在当前控制台反弹System权限Shell", "fork": false, "created_at": "2020-01-21T02:22:29Z", - "updated_at": "2025-01-03T19:08:50Z", + "updated_at": "2025-01-08T03:08:59Z", "pushed_at": "2020-01-21T03:15:41Z", "stargazers_count": 323, "watchers_count": 323, diff --git a/2019/CVE-2019-2725.json b/2019/CVE-2019-2725.json index 614ba367e3..07bdd7327a 100644 --- a/2019/CVE-2019-2725.json +++ b/2019/CVE-2019-2725.json @@ -14,10 +14,10 @@ "description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具,采用JDK 1.8+NetBeans8.2开发,软件运行必须安装JDK 1.8或者以上版本。 支持:weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。", "fork": false, "created_at": "2018-09-13T09:44:18Z", - "updated_at": "2025-01-03T04:58:07Z", + "updated_at": "2025-01-08T05:19:59Z", "pushed_at": "2020-10-01T20:20:41Z", - "stargazers_count": 462, - "watchers_count": 462, + "stargazers_count": 463, + "watchers_count": 463, "has_discussions": false, "forks_count": 115, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 115, - "watchers": 462, + "watchers": 463, "score": 0, "subscribers_count": 9 }, diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json index 5fd3fe95f0..fd380176d9 100644 --- a/2020/CVE-2020-0796.json +++ b/2020/CVE-2020-0796.json @@ -202,10 +202,10 @@ "description": "Identifying and Mitigating the CVE-2020–0796 flaw in the fly", "fork": false, "created_at": "2020-03-11T18:42:32Z", - "updated_at": "2024-12-17T02:26:53Z", + "updated_at": "2025-01-08T00:49:34Z", "pushed_at": "2020-03-12T10:19:35Z", - "stargazers_count": 14, - "watchers_count": 14, + "stargazers_count": 15, + "watchers_count": 15, "has_discussions": false, "forks_count": 15, "allow_forking": true, @@ -219,7 +219,7 @@ ], "visibility": "public", "forks": 15, - "watchers": 14, + "watchers": 15, "score": 0, "subscribers_count": 2 }, diff --git a/2020/CVE-2020-1350.json b/2020/CVE-2020-1350.json index 1cf7a4bc3d..3783d88286 100644 --- a/2020/CVE-2020-1350.json +++ b/2020/CVE-2020-1350.json @@ -14,10 +14,10 @@ "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473", "fork": false, "created_at": "2020-03-11T17:51:29Z", - "updated_at": "2024-11-06T12:30:06Z", + "updated_at": "2025-01-08T00:43:57Z", "pushed_at": "2021-08-16T18:16:20Z", - "stargazers_count": 161, - "watchers_count": 161, + "stargazers_count": 162, + "watchers_count": 162, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -43,7 +43,7 @@ ], "visibility": "public", "forks": 29, - "watchers": 161, + "watchers": 162, "score": 0, "subscribers_count": 10 }, diff --git a/2020/CVE-2020-15368.json b/2020/CVE-2020-15368.json index da240d31eb..b7c4b02cad 100644 --- a/2020/CVE-2020-15368.json +++ b/2020/CVE-2020-15368.json @@ -14,10 +14,10 @@ "description": "CVE-2020-15368, aka \"How to exploit a vulnerable driver\"", "fork": false, "created_at": "2021-06-29T04:38:24Z", - "updated_at": "2024-12-30T08:59:52Z", + "updated_at": "2025-01-08T02:41:48Z", "pushed_at": "2022-04-14T03:17:44Z", - "stargazers_count": 447, - "watchers_count": 447, + "stargazers_count": 448, + "watchers_count": 448, "has_discussions": false, "forks_count": 46, "allow_forking": true, @@ -31,7 +31,7 @@ ], "visibility": "public", "forks": 46, - "watchers": 447, + "watchers": 448, "score": 0, "subscribers_count": 6 }, diff --git a/2020/CVE-2020-17087.json b/2020/CVE-2020-17087.json index a894f79527..0e831a1209 100644 --- a/2020/CVE-2020-17087.json +++ b/2020/CVE-2020-17087.json @@ -76,10 +76,10 @@ "description": "Techniques based on named pipes for pool overflow exploitation targeting the most recent (and oldest) Windows versions demonstrated on CVE-2020-17087 and an off-by-one overflow", "fork": false, "created_at": "2021-07-02T16:03:16Z", - "updated_at": "2025-01-05T03:02:14Z", + "updated_at": "2025-01-08T02:43:56Z", "pushed_at": "2022-09-01T06:33:36Z", - "stargazers_count": 185, - "watchers_count": 185, + "stargazers_count": 186, + "watchers_count": 186, "has_discussions": false, "forks_count": 49, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 49, - "watchers": 185, + "watchers": 186, "score": 0, "subscribers_count": 7 }, diff --git a/2020/CVE-2020-3153.json b/2020/CVE-2020-3153.json index e479343e0b..c5fda134eb 100644 --- a/2020/CVE-2020-3153.json +++ b/2020/CVE-2020-3153.json @@ -81,10 +81,10 @@ "description": "Cisco AnyConnect < 4.8.02042 privilege escalation through path traversal", "fork": false, "created_at": "2020-05-19T18:59:26Z", - "updated_at": "2024-02-29T10:32:54Z", + "updated_at": "2025-01-08T02:59:41Z", "pushed_at": "2020-05-25T08:33:24Z", - "stargazers_count": 104, - "watchers_count": 104, + "stargazers_count": 105, + "watchers_count": 105, "has_discussions": false, "forks_count": 18, "allow_forking": true, @@ -93,7 +93,7 @@ "topics": [], "visibility": "public", "forks": 18, - "watchers": 104, + "watchers": 105, "score": 0, "subscribers_count": 2 } diff --git a/2021/CVE-2021-21972.json b/2021/CVE-2021-21972.json index 2e7f47de7f..ea8eef35f2 100644 --- a/2021/CVE-2021-21972.json +++ b/2021/CVE-2021-21972.json @@ -14,10 +14,10 @@ "description": "NSE scripts to detect CVE-2020-1350 SIGRED and CVE-2020-0796 SMBGHOST, CVE-2021-21972, proxyshell, CVE-2021-34473", "fork": false, "created_at": "2020-03-11T17:51:29Z", - "updated_at": "2024-11-06T12:30:06Z", + "updated_at": "2025-01-08T00:43:57Z", "pushed_at": "2021-08-16T18:16:20Z", - "stargazers_count": 161, - "watchers_count": 161, + "stargazers_count": 162, + "watchers_count": 162, "has_discussions": false, "forks_count": 29, "allow_forking": true, @@ -43,7 +43,7 @@ ], "visibility": "public", "forks": 29, - "watchers": 161, + "watchers": 162, "score": 0, "subscribers_count": 10 }, diff --git a/2021/CVE-2021-40444.json b/2021/CVE-2021-40444.json index d79305d147..8352863580 100644 --- a/2021/CVE-2021-40444.json +++ b/2021/CVE-2021-40444.json @@ -541,10 +541,10 @@ "description": "CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit", "fork": false, "created_at": "2021-09-15T22:34:35Z", - "updated_at": "2024-12-22T08:51:34Z", + "updated_at": "2025-01-08T00:43:39Z", "pushed_at": "2023-10-11T18:44:51Z", - "stargazers_count": 804, - "watchers_count": 804, + "stargazers_count": 805, + "watchers_count": 805, "has_discussions": false, "forks_count": 170, "allow_forking": true, @@ -560,7 +560,7 @@ ], "visibility": "public", "forks": 170, - "watchers": 804, + "watchers": 805, "score": 0, "subscribers_count": 18 }, @@ -610,10 +610,10 @@ "description": "Modified code so that we don´t need to rely on CAB archives", "fork": false, "created_at": "2021-09-19T19:46:28Z", - "updated_at": "2025-01-06T17:07:26Z", + "updated_at": "2025-01-08T02:51:01Z", "pushed_at": "2021-09-22T20:07:51Z", - "stargazers_count": 100, - "watchers_count": 100, + "stargazers_count": 101, + "watchers_count": 101, "has_discussions": false, "forks_count": 22, "allow_forking": true, @@ -622,7 +622,7 @@ "topics": [], "visibility": "public", "forks": 22, - "watchers": 100, + "watchers": 101, "score": 0, "subscribers_count": 7 }, diff --git a/2021/CVE-2021-44228.json b/2021/CVE-2021-44228.json index c02fade2b5..0ca5c1800b 100644 --- a/2021/CVE-2021-44228.json +++ b/2021/CVE-2021-44228.json @@ -107,10 +107,10 @@ "description": "Remote Code Injection In Log4j", "fork": false, "created_at": "2021-12-10T05:23:44Z", - "updated_at": "2024-12-31T10:04:30Z", + "updated_at": "2025-01-08T03:40:14Z", "pushed_at": "2022-01-18T12:01:52Z", - "stargazers_count": 461, - "watchers_count": 461, + "stargazers_count": 462, + "watchers_count": 462, "has_discussions": false, "forks_count": 122, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 122, - "watchers": 461, + "watchers": 462, "score": 0, "subscribers_count": 8 }, diff --git a/2022/CVE-2022-22274.json b/2022/CVE-2022-22274.json index 4548adc86a..b672e93155 100644 --- a/2022/CVE-2022-22274.json +++ b/2022/CVE-2022-22274.json @@ -76,10 +76,10 @@ "description": null, "fork": false, "created_at": "2024-01-12T20:03:51Z", - "updated_at": "2024-11-28T00:21:37Z", + "updated_at": "2025-01-08T05:41:54Z", "pushed_at": "2024-01-12T20:15:47Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 20, + "watchers_count": 20, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -88,7 +88,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 19, + "watchers": 20, "score": 0, "subscribers_count": 5 } diff --git a/2022/CVE-2022-29078.json b/2022/CVE-2022-29078.json index 9b5f621b51..19e9a8bf9c 100644 --- a/2022/CVE-2022-29078.json +++ b/2022/CVE-2022-29078.json @@ -127,6 +127,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2022/CVE-2022-4543.json b/2022/CVE-2022-4543.json index 67b2b52743..14bb1d94b1 100644 --- a/2022/CVE-2022-4543.json +++ b/2022/CVE-2022-4543.json @@ -14,7 +14,7 @@ "description": null, "fork": false, "created_at": "2023-07-10T02:34:01Z", - "updated_at": "2024-11-19T01:36:09Z", + "updated_at": "2025-01-08T02:54:54Z", "pushed_at": "2023-11-22T07:48:54Z", "stargazers_count": 2, "watchers_count": 2, diff --git a/2022/CVE-2022-46689.json b/2022/CVE-2022-46689.json index d7588e10cd..2e05bbd7fc 100644 --- a/2022/CVE-2022-46689.json +++ b/2022/CVE-2022-46689.json @@ -107,10 +107,10 @@ "description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.", "fork": false, "created_at": "2022-12-26T06:56:35Z", - "updated_at": "2025-01-07T04:01:26Z", + "updated_at": "2025-01-08T04:25:49Z", "pushed_at": "2023-08-02T09:35:14Z", - "stargazers_count": 883, - "watchers_count": 883, + "stargazers_count": 884, + "watchers_count": 884, "has_discussions": false, "forks_count": 72, "allow_forking": true, @@ -119,7 +119,7 @@ "topics": [], "visibility": "public", "forks": 72, - "watchers": 883, + "watchers": 884, "score": 0, "subscribers_count": 25 }, diff --git a/2023/CVE-2023-0656.json b/2023/CVE-2023-0656.json index 94f55c95e4..11dfd1157e 100644 --- a/2023/CVE-2023-0656.json +++ b/2023/CVE-2023-0656.json @@ -14,10 +14,10 @@ "description": null, "fork": false, "created_at": "2024-01-12T20:03:51Z", - "updated_at": "2024-11-28T00:21:37Z", + "updated_at": "2025-01-08T05:41:54Z", "pushed_at": "2024-01-12T20:15:47Z", - "stargazers_count": 19, - "watchers_count": 19, + "stargazers_count": 20, + "watchers_count": 20, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 19, + "watchers": 20, "score": 0, "subscribers_count": 5 } diff --git a/2023/CVE-2023-2645.json b/2023/CVE-2023-2645.json index da1c069d0c..2d7cf9a7d6 100644 --- a/2023/CVE-2023-2645.json +++ b/2023/CVE-2023-2645.json @@ -28,6 +28,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2023/CVE-2023-2825.json b/2023/CVE-2023-2825.json index e459e421b6..d9c77efd51 100644 --- a/2023/CVE-2023-2825.json +++ b/2023/CVE-2023-2825.json @@ -203,8 +203,8 @@ "description": "Exploiting CVE-2023-2825 on a VM", "fork": false, "created_at": "2025-01-02T16:10:01Z", - "updated_at": "2025-01-07T23:50:33Z", - "pushed_at": "2025-01-07T23:50:29Z", + "updated_at": "2025-01-08T02:41:35Z", + "pushed_at": "2025-01-08T02:41:32Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, @@ -217,6 +217,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2023/CVE-2023-3824.json b/2023/CVE-2023-3824.json index e820bf4e41..2c71797628 100644 --- a/2023/CVE-2023-3824.json +++ b/2023/CVE-2023-3824.json @@ -29,5 +29,36 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 913593509, + "name": "poc-cve-2023-3824", + "full_name": "fr33c0d3\/poc-cve-2023-3824", + "owner": { + "login": "fr33c0d3", + "id": 194177575, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194177575?v=4", + "html_url": "https:\/\/github.com\/fr33c0d3", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/fr33c0d3\/poc-cve-2023-3824", + "description": "PoC CVE 2023-3824", + "fork": false, + "created_at": "2025-01-08T01:43:29Z", + "updated_at": "2025-01-08T01:50:01Z", + "pushed_at": "2025-01-08T01:49:58Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2023/CVE-2023-45866.json b/2023/CVE-2023-45866.json index b2310ec1dd..be1a18fc84 100644 --- a/2023/CVE-2023-45866.json +++ b/2023/CVE-2023-45866.json @@ -14,10 +14,10 @@ "description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)", "fork": false, "created_at": "2024-01-16T06:52:02Z", - "updated_at": "2025-01-07T20:59:01Z", + "updated_at": "2025-01-08T05:55:25Z", "pushed_at": "2024-08-18T08:26:46Z", - "stargazers_count": 1369, - "watchers_count": 1369, + "stargazers_count": 1370, + "watchers_count": 1370, "has_discussions": false, "forks_count": 233, "allow_forking": true, @@ -26,7 +26,7 @@ "topics": [], "visibility": "public", "forks": 233, - "watchers": 1369, + "watchers": 1370, "score": 0, "subscribers_count": 21 }, diff --git a/2023/CVE-2023-50164.json b/2023/CVE-2023-50164.json index aa23aabb8e..be857c12d4 100644 --- a/2023/CVE-2023-50164.json +++ b/2023/CVE-2023-50164.json @@ -428,13 +428,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 1, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-0582.json b/2024/CVE-2024-0582.json index 356d8b0fa6..64979aa01a 100644 --- a/2024/CVE-2024-0582.json +++ b/2024/CVE-2024-0582.json @@ -81,13 +81,13 @@ "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, - "forks_count": 0, + "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 0, + "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-10924.json b/2024/CVE-2024-10924.json index 4584696f4f..00e0feb2cf 100644 --- a/2024/CVE-2024-10924.json +++ b/2024/CVE-2024-10924.json @@ -158,13 +158,13 @@ "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, - "forks_count": 2, + "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 2, + "forks": 3, "watchers": 1, "score": 0, "subscribers_count": 1 diff --git a/2024/CVE-2024-12849.json b/2024/CVE-2024-12849.json index fb01f03101..4c32a23422 100644 --- a/2024/CVE-2024-12849.json +++ b/2024/CVE-2024-12849.json @@ -28,7 +28,7 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 }, { "id": 913426666, @@ -59,6 +59,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2024/CVE-2024-3400.json b/2024/CVE-2024-3400.json index ff50f00713..2db57e5083 100644 --- a/2024/CVE-2024-3400.json +++ b/2024/CVE-2024-3400.json @@ -293,10 +293,10 @@ "description": "CVE-2024-3400 Palo Alto OS Command Injection", "fork": false, "created_at": "2024-04-16T14:18:08Z", - "updated_at": "2025-01-04T13:34:10Z", + "updated_at": "2025-01-08T03:40:00Z", "pushed_at": "2024-04-16T22:35:43Z", - "stargazers_count": 151, - "watchers_count": 151, + "stargazers_count": 152, + "watchers_count": 152, "has_discussions": false, "forks_count": 24, "allow_forking": true, @@ -305,7 +305,7 @@ "topics": [], "visibility": "public", "forks": 24, - "watchers": 151, + "watchers": 152, "score": 0, "subscribers_count": 1 }, @@ -417,10 +417,10 @@ "description": "CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect", "fork": false, "created_at": "2024-04-16T21:24:15Z", - "updated_at": "2025-01-07T23:28:39Z", + "updated_at": "2025-01-08T03:10:14Z", "pushed_at": "2024-04-17T11:03:32Z", - "stargazers_count": 23, - "watchers_count": 23, + "stargazers_count": 24, + "watchers_count": 24, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -429,7 +429,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 23, + "watchers": 24, "score": 0, "subscribers_count": 2 }, diff --git a/2024/CVE-2024-34102.json b/2024/CVE-2024-34102.json index 5f3a730b1e..b06d7dba25 100644 --- a/2024/CVE-2024-34102.json +++ b/2024/CVE-2024-34102.json @@ -712,6 +712,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2024/CVE-2024-35250.json b/2024/CVE-2024-35250.json index bed0dcf727..5b33e54734 100644 --- a/2024/CVE-2024-35250.json +++ b/2024/CVE-2024-35250.json @@ -14,19 +14,19 @@ "description": "PoC for the Untrusted Pointer Dereference in the ks.sys driver", "fork": false, "created_at": "2024-10-13T19:30:20Z", - "updated_at": "2025-01-06T16:52:03Z", + "updated_at": "2025-01-08T03:20:04Z", "pushed_at": "2024-11-29T16:56:23Z", - "stargazers_count": 254, - "watchers_count": 254, + "stargazers_count": 257, + "watchers_count": 257, "has_discussions": false, - "forks_count": 56, + "forks_count": 57, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 56, - "watchers": 254, + "forks": 57, + "watchers": 257, "score": 0, "subscribers_count": 7 }, @@ -45,19 +45,19 @@ "description": "Cobalt Strike 的 CVE-2024-35250 的 BOF。(请给我加个星,谢谢。) ", "fork": false, "created_at": "2024-10-25T10:06:09Z", - "updated_at": "2024-12-17T10:07:43Z", + "updated_at": "2025-01-08T01:57:03Z", "pushed_at": "2024-10-21T04:15:27Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 10, + "watchers_count": 10, "has_discussions": false, - "forks_count": 4, + "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 4, - "watchers": 6, + "forks": 6, + "watchers": 10, "score": 0, "subscribers_count": 0 }, diff --git a/2024/CVE-2024-36401.json b/2024/CVE-2024-36401.json index ca1689830d..a978a7e8aa 100644 --- a/2024/CVE-2024-36401.json +++ b/2024/CVE-2024-36401.json @@ -362,10 +362,10 @@ "description": "geoserver图形化漏洞利用工具", "fork": false, "created_at": "2024-10-05T10:08:55Z", - "updated_at": "2025-01-06T06:29:08Z", + "updated_at": "2025-01-08T01:09:49Z", "pushed_at": "2024-10-08T03:16:26Z", - "stargazers_count": 30, - "watchers_count": 30, + "stargazers_count": 31, + "watchers_count": 31, "has_discussions": false, "forks_count": 0, "allow_forking": true, @@ -374,7 +374,7 @@ "topics": [], "visibility": "public", "forks": 0, - "watchers": 30, + "watchers": 31, "score": 0, "subscribers_count": 1 }, diff --git a/2024/CVE-2024-40711.json b/2024/CVE-2024-40711.json index 72ca90b053..9e8c6948ae 100644 --- a/2024/CVE-2024-40711.json +++ b/2024/CVE-2024-40711.json @@ -19,13 +19,13 @@ "stargazers_count": 38, "watchers_count": 38, "has_discussions": false, - "forks_count": 11, + "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 11, + "forks": 12, "watchers": 38, "score": 0, "subscribers_count": 0 diff --git a/2024/CVE-2024-42327.json b/2024/CVE-2024-42327.json index 01853c7d0d..e27882bda2 100644 --- a/2024/CVE-2024-42327.json +++ b/2024/CVE-2024-42327.json @@ -200,10 +200,10 @@ "description": "Zabbix CVE-2024-42327 PoC", "fork": false, "created_at": "2025-01-01T18:25:44Z", - "updated_at": "2025-01-07T16:16:09Z", + "updated_at": "2025-01-08T02:31:14Z", "pushed_at": "2025-01-03T13:49:03Z", - "stargazers_count": 29, - "watchers_count": 29, + "stargazers_count": 32, + "watchers_count": 32, "has_discussions": false, "forks_count": 4, "allow_forking": true, @@ -212,7 +212,7 @@ "topics": [], "visibility": "public", "forks": 4, - "watchers": 29, + "watchers": 32, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-436.json b/2024/CVE-2024-436.json index 9e18b318a7..f662265072 100644 --- a/2024/CVE-2024-436.json +++ b/2024/CVE-2024-436.json @@ -28,6 +28,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2024/CVE-2024-45519.json b/2024/CVE-2024-45519.json index 7bef973f0f..e95ba1f14a 100644 --- a/2024/CVE-2024-45519.json +++ b/2024/CVE-2024-45519.json @@ -50,13 +50,13 @@ "stargazers_count": 119, "watchers_count": 119, "has_discussions": false, - "forks_count": 18, + "forks_count": 19, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 18, + "forks": 19, "watchers": 119, "score": 0, "subscribers_count": 3 diff --git a/2024/CVE-2024-4577.json b/2024/CVE-2024-4577.json index d7f9c25a5c..4aefd293d1 100644 --- a/2024/CVE-2024-4577.json +++ b/2024/CVE-2024-4577.json @@ -169,10 +169,10 @@ "description": "PHP CGI Argument Injection (CVE-2024-4577) Remote Code Execution PoC", "fork": false, "created_at": "2024-06-07T09:52:54Z", - "updated_at": "2025-01-02T14:48:39Z", + "updated_at": "2025-01-08T00:45:04Z", "pushed_at": "2024-06-22T15:13:52Z", - "stargazers_count": 243, - "watchers_count": 243, + "stargazers_count": 244, + "watchers_count": 244, "has_discussions": false, "forks_count": 52, "allow_forking": true, @@ -181,7 +181,7 @@ "topics": [], "visibility": "public", "forks": 52, - "watchers": 243, + "watchers": 244, "score": 0, "subscribers_count": 4 }, @@ -1298,37 +1298,6 @@ "score": 0, "subscribers_count": 1 }, - { - "id": 830629911, - "name": "CVE-2024-4577", - "full_name": "nNoSuger\/CVE-2024-4577", - "owner": { - "login": "nNoSuger", - "id": 130155594, - "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130155594?v=4", - "html_url": "https:\/\/github.com\/nNoSuger", - "user_view_type": "public" - }, - "html_url": "https:\/\/github.com\/nNoSuger\/CVE-2024-4577", - "description": "CVE", - "fork": false, - "created_at": "2024-07-18T16:39:27Z", - "updated_at": "2024-07-18T16:39:27Z", - "pushed_at": "2024-07-18T16:39:27Z", - "stargazers_count": 0, - "watchers_count": 0, - "has_discussions": false, - "forks_count": 0, - "allow_forking": true, - "is_template": false, - "web_commit_signoff_required": false, - "topics": [], - "visibility": "public", - "forks": 0, - "watchers": 0, - "score": 0, - "subscribers_count": 1 - }, { "id": 833329743, "name": "CVE-2024-4577", diff --git a/2024/CVE-2024-49112.json b/2024/CVE-2024-49112.json index 5403e38e63..6ef3dc323e 100644 --- a/2024/CVE-2024-49112.json +++ b/2024/CVE-2024-49112.json @@ -60,5 +60,36 @@ "watchers": 1, "score": 0, "subscribers_count": 1 + }, + { + "id": 913597480, + "name": "CVE-2024-49112-PoC", + "full_name": "bo0l3an\/CVE-2024-49112-PoC", + "owner": { + "login": "bo0l3an", + "id": 194175693, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/194175693?v=4", + "html_url": "https:\/\/github.com\/bo0l3an", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/bo0l3an\/CVE-2024-49112-PoC", + "description": "CVE-2024-49112 LDAP RCE PoC and Metasploit Module", + "fork": false, + "created_at": "2025-01-08T01:56:41Z", + "updated_at": "2025-01-08T02:48:44Z", + "pushed_at": "2025-01-08T02:48:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 } ] \ No newline at end of file diff --git a/2024/CVE-2024-49113.json b/2024/CVE-2024-49113.json index cc7dc85fce..4c380cf5e2 100644 --- a/2024/CVE-2024-49113.json +++ b/2024/CVE-2024-49113.json @@ -14,19 +14,19 @@ "description": "LdapNightmare is a PoC tool that tests a vulnerable Windows Server against CVE-2024-49113", "fork": false, "created_at": "2025-01-01T15:48:38Z", - "updated_at": "2025-01-07T19:31:09Z", + "updated_at": "2025-01-08T03:27:17Z", "pushed_at": "2025-01-02T16:07:23Z", - "stargazers_count": 396, - "watchers_count": 396, + "stargazers_count": 397, + "watchers_count": 397, "has_discussions": false, - "forks_count": 92, + "forks_count": 93, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", - "forks": 92, - "watchers": 396, + "forks": 93, + "watchers": 397, "score": 0, "subscribers_count": 3 }, diff --git a/2024/CVE-2024-53677.json b/2024/CVE-2024-53677.json index 8bfa95d345..6c43dd8b80 100644 --- a/2024/CVE-2024-53677.json +++ b/2024/CVE-2024-53677.json @@ -45,10 +45,10 @@ "description": "A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.", "fork": false, "created_at": "2024-12-13T17:42:55Z", - "updated_at": "2025-01-07T16:09:03Z", + "updated_at": "2025-01-08T02:10:58Z", "pushed_at": "2024-12-20T10:05:15Z", - "stargazers_count": 82, - "watchers_count": 82, + "stargazers_count": 83, + "watchers_count": 83, "has_discussions": false, "forks_count": 30, "allow_forking": true, @@ -57,7 +57,7 @@ "topics": [], "visibility": "public", "forks": 30, - "watchers": 82, + "watchers": 83, "score": 0, "subscribers_count": 3 }, @@ -307,6 +307,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2024/CVE-2024-54761.json b/2024/CVE-2024-54761.json new file mode 100644 index 0000000000..f51c70366b --- /dev/null +++ b/2024/CVE-2024-54761.json @@ -0,0 +1,33 @@ +[ + { + "id": 888849471, + "name": "CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection", + "full_name": "nscan9\/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection", + "owner": { + "login": "nscan9", + "id": 142240382, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/142240382?v=4", + "html_url": "https:\/\/github.com\/nscan9", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/nscan9\/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection", + "description": null, + "fork": false, + "created_at": "2024-11-15T05:55:29Z", + "updated_at": "2025-01-08T05:15:44Z", + "pushed_at": "2025-01-08T05:15:40Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 1, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 1, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-54910.json b/2024/CVE-2024-54910.json index 9cffe3cd67..b43f00e806 100644 --- a/2024/CVE-2024-54910.json +++ b/2024/CVE-2024-54910.json @@ -28,6 +28,6 @@ "forks": 0, "watchers": 0, "score": 0, - "subscribers_count": 0 + "subscribers_count": 1 } ] \ No newline at end of file diff --git a/2024/CVE-2024-56278.json b/2024/CVE-2024-56278.json new file mode 100644 index 0000000000..a5e3f21486 --- /dev/null +++ b/2024/CVE-2024-56278.json @@ -0,0 +1,33 @@ +[ + { + "id": 912594591, + "name": "CVE-2024-56278", + "full_name": "DoTTak\/CVE-2024-56278", + "owner": { + "login": "DoTTak", + "id": 57674710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4", + "html_url": "https:\/\/github.com\/DoTTak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DoTTak\/CVE-2024-56278", + "description": "PoC of CVE-2024-56278", + "fork": false, + "created_at": "2025-01-06T01:51:46Z", + "updated_at": "2025-01-08T01:10:07Z", + "pushed_at": "2025-01-06T01:55:25Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-56289.json b/2024/CVE-2024-56289.json new file mode 100644 index 0000000000..15793fbfc0 --- /dev/null +++ b/2024/CVE-2024-56289.json @@ -0,0 +1,33 @@ +[ + { + "id": 912596084, + "name": "CVE-2024-56289", + "full_name": "DoTTak\/CVE-2024-56289", + "owner": { + "login": "DoTTak", + "id": 57674710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4", + "html_url": "https:\/\/github.com\/DoTTak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DoTTak\/CVE-2024-56289", + "description": "PoC of CVE-2024-56289", + "fork": false, + "created_at": "2025-01-06T01:58:24Z", + "updated_at": "2025-01-08T01:11:03Z", + "pushed_at": "2025-01-06T01:58:47Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2024/CVE-2024-6387.json b/2024/CVE-2024-6387.json index 6fdebed19b..93adc75706 100644 --- a/2024/CVE-2024-6387.json +++ b/2024/CVE-2024-6387.json @@ -2931,10 +2931,10 @@ "description": null, "fork": false, "created_at": "2025-01-04T00:25:33Z", - "updated_at": "2025-01-07T13:13:10Z", + "updated_at": "2025-01-08T03:48:05Z", "pushed_at": "2025-01-04T00:37:14Z", - "stargazers_count": 6, - "watchers_count": 6, + "stargazers_count": 7, + "watchers_count": 7, "has_discussions": false, "forks_count": 5, "allow_forking": true, @@ -2943,7 +2943,7 @@ "topics": [], "visibility": "public", "forks": 5, - "watchers": 6, + "watchers": 7, "score": 0, "subscribers_count": 1 } diff --git a/2024/CVE-2024-7627.json b/2024/CVE-2024-7627.json new file mode 100644 index 0000000000..b82c6d2028 --- /dev/null +++ b/2024/CVE-2024-7627.json @@ -0,0 +1,36 @@ +[ + { + "id": 913607383, + "name": "CVE-2024-7627-PoC", + "full_name": "siunam321\/CVE-2024-7627-PoC", + "owner": { + "login": "siunam321", + "id": 104430134, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104430134?v=4", + "html_url": "https:\/\/github.com\/siunam321", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/siunam321\/CVE-2024-7627-PoC", + "description": "Proof-of-Concept script for WordPress plugin Bit File Manager version 6.0 - 6.5.5 Unauthenticated Remote Code Execution via Race Condition (CVE-2024-7627) vulnerability", + "fork": false, + "created_at": "2025-01-08T02:32:41Z", + "updated_at": "2025-01-08T03:34:13Z", + "pushed_at": "2025-01-08T02:40:09Z", + "stargazers_count": 1, + "watchers_count": 1, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [ + "proof-of-concept", + "wordpress-plugin" + ], + "visibility": "public", + "forks": 0, + "watchers": 1, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2025/CVE-2025-22352.json b/2025/CVE-2025-22352.json new file mode 100644 index 0000000000..d9d86a379a --- /dev/null +++ b/2025/CVE-2025-22352.json @@ -0,0 +1,33 @@ +[ + { + "id": 912596332, + "name": "CVE-2025-22352", + "full_name": "DoTTak\/CVE-2025-22352", + "owner": { + "login": "DoTTak", + "id": 57674710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4", + "html_url": "https:\/\/github.com\/DoTTak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DoTTak\/CVE-2025-22352", + "description": "PoC of CVE-2025-22352", + "fork": false, + "created_at": "2025-01-06T01:59:29Z", + "updated_at": "2025-01-08T01:11:24Z", + "pushed_at": "2025-01-06T02:06:06Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/2025/CVE-2025-22510.json b/2025/CVE-2025-22510.json new file mode 100644 index 0000000000..ea63e148b2 --- /dev/null +++ b/2025/CVE-2025-22510.json @@ -0,0 +1,33 @@ +[ + { + "id": 913582821, + "name": "CVE-2025-22510", + "full_name": "DoTTak\/CVE-2025-22510", + "owner": { + "login": "DoTTak", + "id": 57674710, + "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57674710?v=4", + "html_url": "https:\/\/github.com\/DoTTak", + "user_view_type": "public" + }, + "html_url": "https:\/\/github.com\/DoTTak\/CVE-2025-22510", + "description": "PoC of CVE-2025-22510", + "fork": false, + "created_at": "2025-01-08T01:02:02Z", + "updated_at": "2025-01-08T01:19:22Z", + "pushed_at": "2025-01-08T01:08:55Z", + "stargazers_count": 0, + "watchers_count": 0, + "has_discussions": false, + "forks_count": 0, + "allow_forking": true, + "is_template": false, + "web_commit_signoff_required": false, + "topics": [], + "visibility": "public", + "forks": 0, + "watchers": 0, + "score": 0, + "subscribers_count": 0 + } +] \ No newline at end of file diff --git a/README.md b/README.md index 0a5a689f2e..aed61183b7 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,17 @@ # PoC in GitHub +## 2025 +### CVE-2025-22352 (2025-01-07) + +<code>Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ELEXtensions ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes allows Blind SQL Injection.This issue affects ELEX WooCommerce Advanced Bulk Edit Products, Prices & Attributes: from n/a through 1.4.8. +</code> + +- [DoTTak/CVE-2025-22352](https://github.com/DoTTak/CVE-2025-22352) + +### CVE-2025-22510 +- [DoTTak/CVE-2025-22510](https://github.com/DoTTak/CVE-2025-22510) + + ## 2024 ### CVE-2024-0012 (2024-11-18) @@ -1051,7 +1063,6 @@ - [l0n3m4n/CVE-2024-4577-RCE](https://github.com/l0n3m4n/CVE-2024-4577-RCE) - [bibo318/CVE-2024-4577-RCE-ATTACK](https://github.com/bibo318/CVE-2024-4577-RCE-ATTACK) - [waived/CVE-2024-4577-PHP-RCE](https://github.com/waived/CVE-2024-4577-PHP-RCE) -- [nNoSuger/CVE-2024-4577](https://github.com/nNoSuger/CVE-2024-4577) - [a-roshbaik/CVE-2024-4577](https://github.com/a-roshbaik/CVE-2024-4577) - [a-roshbaik/CVE-2024-4577-PHP-RCE](https://github.com/a-roshbaik/CVE-2024-4577-PHP-RCE) - [Jcccccx/CVE-2024-4577](https://github.com/Jcccccx/CVE-2024-4577) @@ -1623,6 +1634,13 @@ - [D3N14LD15K/CVE-2024-7593_PoC_Exploit](https://github.com/D3N14LD15K/CVE-2024-7593_PoC_Exploit) - [skyrowalker/CVE-2024-7593](https://github.com/skyrowalker/CVE-2024-7593) +### CVE-2024-7627 (2024-09-05) + +<code>The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions. +</code> + +- [siunam321/CVE-2024-7627-PoC](https://github.com/siunam321/CVE-2024-7627-PoC) + ### CVE-2024-7646 (2024-08-16) <code>A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster. @@ -7215,6 +7233,7 @@ - [tnkr/poc_monitor](https://github.com/tnkr/poc_monitor) - [CCIEVoice2009/CVE-2024-49112](https://github.com/CCIEVoice2009/CVE-2024-49112) +- [bo0l3an/CVE-2024-49112-PoC](https://github.com/bo0l3an/CVE-2024-49112-PoC) ### CVE-2024-49113 (2024-12-10) @@ -7915,6 +7934,9 @@ - [hotplugin0x01/CVE-2024-54679](https://github.com/hotplugin0x01/CVE-2024-54679) +### CVE-2024-54761 +- [nscan9/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection](https://github.com/nscan9/CVE-2024-54761-BigAnt-Office-Messenger-5.6.06-RCE-via-SQL-Injection) + ### CVE-2024-54819 (2025-01-07) <code>I, Librarian before and including 5.11.1 is vulnerable to Server-Side Request Forgery (SSRF) due to improper input validation in classes/security/validation.php @@ -8031,6 +8053,20 @@ - [Chocapikk/CVE-2024-56145](https://github.com/Chocapikk/CVE-2024-56145) - [Sachinart/CVE-2024-56145-craftcms-rce](https://github.com/Sachinart/CVE-2024-56145-craftcms-rce) +### CVE-2024-56278 (2025-01-07) + +<code>Improper Control of Generation of Code ('Code Injection') vulnerability in Smackcoders WP Ultimate Exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through 2.9.1. +</code> + +- [DoTTak/CVE-2024-56278](https://github.com/DoTTak/CVE-2024-56278) + +### CVE-2024-56289 (2025-01-07) + +<code>Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Groundhogg Inc. Groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through 3.7.3.3. +</code> + +- [DoTTak/CVE-2024-56289](https://github.com/DoTTak/CVE-2024-56289) + ### CVE-2024-56331 (2024-12-20) <code>Uptime Kuma is an open source, self-hosted monitoring tool. An **Improper URL Handling Vulnerability** allows an attacker to access sensitive local files on the server by exploiting the `file:///` protocol. This vulnerability is triggered via the **"real-browser"** request type, which takes a screenshot of the URL provided by the attacker. By supplying local file paths, such as `file:///etc/passwd`, an attacker can read sensitive data from the server. This vulnerability arises because the system does not properly validate or sanitize the user input for the URL field. Specifically: 1. The URL input (`<input data-v-5f5c86d7="" id="url" type="url" class="form-control" pattern="https?://.+" required="">`) allows users to input arbitrary file paths, including those using the `file:///` protocol, without server-side validation. 2. The server then uses the user-provided URL to make a request, passing it to a browser instance that performs the "real-browser" request, which takes a screenshot of the content at the given URL. If a local file path is entered (e.g., `file:///etc/passwd`), the browser fetches and captures the file’s content. Since the user input is not validated, an attacker can manipulate the URL to request local files (e.g., `file:///etc/passwd`), and the system will capture a screenshot of the file's content, potentially exposing sensitive data. Any **authenticated user** who can submit a URL in "real-browser" mode is at risk of exposing sensitive data through screenshots of these files. This issue has been addressed in version 1.23.16 and all users are advised to upgrade. There are no known workarounds for this vulnerability. @@ -8846,6 +8882,7 @@ </code> - [jhonnybonny/CVE-2023-3824](https://github.com/jhonnybonny/CVE-2023-3824) +- [fr33c0d3/poc-cve-2023-3824](https://github.com/fr33c0d3/poc-cve-2023-3824) ### CVE-2023-3836 (2023-07-22) @@ -42251,6 +42288,7 @@ - [antisecc/CVE-2018-16763](https://github.com/antisecc/CVE-2018-16763) - [VitoBonetti/CVE-2018-16763](https://github.com/VitoBonetti/CVE-2018-16763) - [saccles/CVE-2018-16763-Proof-of-Concept](https://github.com/saccles/CVE-2018-16763-Proof-of-Concept) +- [altsun/CVE-2018-16763-FuelCMS-1.4.1-RCE](https://github.com/altsun/CVE-2018-16763-FuelCMS-1.4.1-RCE) ### CVE-2018-16809 (2019-03-07)