mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2022/10/23 00:16:39

Browse source
This commit is contained in:
motikan2010-bot 2022-10-23 09:16:39 +09:00
parent 359aff7069
commit 7432d15e68
25 changed files with 316 additions and 92 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2011/CVE-2011-3389.json
View file

@ -13,10 +13,10 @@
"description": ":muscle: Proof Of Concept of the BEAST attack against SSL\/TLS CVE-2011-3389 :muscle:",
"fork": false,
"created_at": "2015-03-28T10:28:16Z",
"updated_at": "2022-10-18T20:26:44Z",
"updated_at": "2022-10-22T21:29:28Z",
"pushed_at": "2019-01-30T21:36:22Z",
"stargazers_count": 54,
"watchers_count": 54,
"stargazers_count": 53,
"watchers_count": 53,
"forks_count": 32,
"allow_forking": true,
"is_template": false,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 32,
"watchers": 54,
"watchers": 53,
"score": 0
}
]

8
2018/CVE-2018-16763.json
View file

@ -329,10 +329,10 @@
"description": "Exploit to trigger RCE for CVE-2018-16763 on FuelCMS <= 1.4.1 and interactive shell. ",
"fork": false,
"created_at": "2022-05-31T15:31:37Z",
"updated_at": "2022-10-10T23:41:34Z",
"updated_at": "2022-10-22T21:16:36Z",
"pushed_at": "2022-06-01T20:45:02Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
@ -345,7 +345,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 5,
"watchers": 6,
"score": 0
}
]

8
2018/CVE-2018-6574.json
View file

@ -1357,10 +1357,10 @@
"description": null,
"fork": false,
"created_at": "2021-03-07T02:45:41Z",
"updated_at": "2021-10-24T05:33:24Z",
"updated_at": "2022-10-22T20:34:34Z",
"pushed_at": "2021-03-07T03:32:45Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
@ -1368,7 +1368,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"watchers": 2,
"score": 0
},
{

8
2019/CVE-2019-6447.json
View file

@ -13,10 +13,10 @@
"description": "ES File Explorer Open Port Vulnerability - CVE-2019-6447",
"fork": false,
"created_at": "2019-01-09T22:30:42Z",
"updated_at": "2022-10-15T05:23:41Z",
"updated_at": "2022-10-22T18:40:53Z",
"pushed_at": "2021-09-01T08:56:40Z",
"stargazers_count": 657,
"watchers_count": 657,
"stargazers_count": 658,
"watchers_count": 658,
"forks_count": 135,
"allow_forking": true,
"is_template": false,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 135,
"watchers": 657,
"watchers": 658,
"score": 0
},
{

8
2019/CVE-2019-7304.json
View file

@ -13,10 +13,10 @@
"description": "Linux privilege escalation exploit via snapd (CVE-2019-7304)",
"fork": false,
"created_at": "2019-02-12T06:02:06Z",
"updated_at": "2022-09-28T12:26:41Z",
"updated_at": "2022-10-22T22:04:28Z",
"pushed_at": "2019-05-09T21:34:26Z",
"stargazers_count": 622,
"watchers_count": 622,
"stargazers_count": 623,
"watchers_count": 623,
"forks_count": 158,
"allow_forking": true,
"is_template": false,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 158,
"watchers": 622,
"watchers": 623,
"score": 0
},
{

2
2019/CVE-2019-9053.json
View file

@ -154,7 +154,7 @@
"fork": false,
"created_at": "2022-10-08T14:20:48Z",
"updated_at": "2022-10-08T14:22:54Z",
"pushed_at": "2022-10-13T17:42:07Z",
"pushed_at": "2022-10-22T21:23:42Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,

8
2020/CVE-2020-11519.json
View file

@ -13,10 +13,10 @@
"description": "Technical Write-Up on and PoC Exploit for CVE-2020-11519 and CVE-2020-11520",
"fork": false,
"created_at": "2020-06-30T23:01:33Z",
"updated_at": "2022-04-29T18:08:15Z",
"updated_at": "2022-10-22T20:48:07Z",
"pushed_at": "2020-07-16T07:20:30Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 12,
"watchers_count": 12,
"forks_count": 3,
"allow_forking": true,
"is_template": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 3,
"watchers": 11,
"watchers": 12,
"score": 0
}
]

4
2020/CVE-2020-15778.json
View file

@ -45,13 +45,13 @@
"pushed_at": "2022-02-18T08:04:46Z",
"stargazers_count": 16,
"watchers_count": 16,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"forks": 6,
"watchers": 16,
"score": 0
}

8
2021/CVE-2021-21972.json
View file

@ -769,10 +769,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2022-10-22T07:05:20Z",
"updated_at": "2022-10-22T18:52:45Z",
"pushed_at": "2022-10-20T02:06:54Z",
"stargazers_count": 530,
"watchers_count": 530,
"stargazers_count": 531,
"watchers_count": 531,
"forks_count": 53,
"allow_forking": true,
"is_template": false,
@ -787,7 +787,7 @@
],
"visibility": "public",
"forks": 53,
"watchers": 530,
"watchers": 531,
"score": 0
}
]

12
2021/CVE-2021-24086.json
View file

@ -13,11 +13,11 @@
"description": "Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely.",
"fork": false,
"created_at": "2021-04-07T11:10:40Z",
"updated_at": "2022-10-22T15:00:13Z",
"updated_at": "2022-10-22T19:09:06Z",
"pushed_at": "2021-04-15T12:46:54Z",
"stargazers_count": 214,
"watchers_count": 214,
"forks_count": 48,
"stargazers_count": 216,
"watchers_count": 216,
"forks_count": 49,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -29,8 +29,8 @@
"tcpip"
],
"visibility": "public",
"forks": 48,
"watchers": 214,
"forks": 49,
"watchers": 216,
"score": 0
}
]

8
2021/CVE-2021-34527.json
View file

@ -41,10 +41,10 @@
"description": "PrintNightmare (CVE-2021-34527) PoC Exploit",
"fork": false,
"created_at": "2022-08-23T20:20:45Z",
"updated_at": "2022-10-16T23:51:31Z",
"updated_at": "2022-10-22T18:59:26Z",
"pushed_at": "2022-08-26T12:13:22Z",
"stargazers_count": 51,
"watchers_count": 51,
"stargazers_count": 52,
"watchers_count": 52,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
@ -52,7 +52,7 @@
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 51,
"watchers": 52,
"score": 0
},
{

8
2021/CVE-2021-3493.json
View file

@ -13,10 +13,10 @@
"description": "Ubuntu OverlayFS Local Privesc",
"fork": false,
"created_at": "2021-04-19T20:07:01Z",
"updated_at": "2022-10-21T14:57:24Z",
"updated_at": "2022-10-22T22:20:05Z",
"pushed_at": "2021-09-28T04:08:43Z",
"stargazers_count": 320,
"watchers_count": 320,
"stargazers_count": 321,
"watchers_count": 321,
"forks_count": 120,
"allow_forking": true,
"is_template": false,
@ -24,7 +24,7 @@
"topics": [],
"visibility": "public",
"forks": 120,
"watchers": 320,
"watchers": 321,
"score": 0
},
{

20
2021/CVE-2021-4034.json
View file

@ -75,18 +75,18 @@
"description": "CVE-2021-4034 1day",
"fork": false,
"created_at": "2022-01-25T23:51:37Z",
"updated_at": "2022-10-22T02:06:18Z",
"updated_at": "2022-10-22T20:00:26Z",
"pushed_at": "2022-06-08T04:00:28Z",
"stargazers_count": 1674,
"watchers_count": 1674,
"forks_count": 481,
"stargazers_count": 1675,
"watchers_count": 1675,
"forks_count": 482,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 481,
"watchers": 1674,
"forks": 482,
"watchers": 1675,
"score": 0
},
{
@ -878,10 +878,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2022-10-20T14:25:16Z",
"updated_at": "2022-10-22T22:56:03Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 643,
"watchers_count": 643,
"stargazers_count": 644,
"watchers_count": 644,
"forks_count": 141,
"allow_forking": true,
"is_template": false,
@ -891,7 +891,7 @@
],
"visibility": "public",
"forks": 141,
"watchers": 643,
"watchers": 644,
"score": 0
},
{

8
2021/CVE-2021-42278.json
View file

@ -13,10 +13,10 @@
"description": "Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user ",
"fork": false,
"created_at": "2021-12-11T15:10:30Z",
"updated_at": "2022-10-18T07:28:48Z",
"updated_at": "2022-10-22T21:07:31Z",
"pushed_at": "2022-07-10T22:23:13Z",
"stargazers_count": 858,
"watchers_count": 858,
"stargazers_count": 859,
"watchers_count": 859,
"forks_count": 178,
"allow_forking": true,
"is_template": false,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 178,
"watchers": 858,
"watchers": 859,
"score": 0
},
{

60
2022/CVE-2022-0236.json Normal file
View file

@ -0,0 +1,60 @@
[
{
"id": 448514056,
"name": "CVE-2022-0236",
"full_name": "qurbat\/CVE-2022-0236",
"owner": {
"login": "qurbat",
"id": 37518297,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/37518297?v=4",
"html_url": "https:\/\/github.com\/qurbat"
},
"html_url": "https:\/\/github.com\/qurbat\/CVE-2022-0236",
"description": "Proof of concept for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin (CVE-2022-0236)",
"fork": false,
"created_at": "2022-01-16T09:52:28Z",
"updated_at": "2022-07-07T07:47:57Z",
"pushed_at": "2022-01-18T17:14:53Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"wordpress-security"
],
"visibility": "public",
"forks": 2,
"watchers": 3,
"score": 0
},
{
"id": 448893968,
"name": "CVE-2022-0236",
"full_name": "xiska62314\/CVE-2022-0236",
"owner": {
"login": "xiska62314",
"id": 97891523,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4",
"html_url": "https:\/\/github.com\/xiska62314"
},
"html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-0236",
"description": "CVE-2022-0236",
"fork": false,
"created_at": "2022-01-17T12:56:19Z",
"updated_at": "2022-01-17T12:56:19Z",
"pushed_at": "2022-01-17T12:56:20Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
}
]

28
2022/CVE-2022-21660.json
View file

@ -1,4 +1,32 @@
[
{
"id": 446296593,
"name": "Gin-Vue-admin-poc-CVE-2022-21660",
"full_name": "UzJu\/Gin-Vue-admin-poc-CVE-2022-21660",
"owner": {
"login": "UzJu",
"id": 50813806,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50813806?v=4",
"html_url": "https:\/\/github.com\/UzJu"
},
"html_url": "https:\/\/github.com\/UzJu\/Gin-Vue-admin-poc-CVE-2022-21660",
"description": "CVE-2022-21660",
"fork": false,
"created_at": "2022-01-10T05:50:35Z",
"updated_at": "2022-07-24T05:20:50Z",
"pushed_at": "2022-01-10T05:52:03Z",
"stargazers_count": 26,
"watchers_count": 26,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 26,
"score": 0
},
{
"id": 462232980,
"name": "CVE-2022-21660",

28
2022/CVE-2022-21661.json
View file

@ -1,4 +1,32 @@
[
{
"id": 449096712,
"name": "CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection",
"full_name": "TAPESH-TEAM\/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection",
"owner": {
"login": "TAPESH-TEAM",
"id": 83407483,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/83407483?v=4",
"html_url": "https:\/\/github.com\/TAPESH-TEAM"
},
"html_url": "https:\/\/github.com\/TAPESH-TEAM\/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection",
"description": "WordPress Core 5.8.2 - 'WP_Query' SQL Injection",
"fork": false,
"created_at": "2022-01-18T01:05:04Z",
"updated_at": "2022-08-11T12:33:20Z",
"pushed_at": "2022-01-18T01:19:45Z",
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 10,
"score": 0
},
{
"id": 458502807,
"name": "wordpress-CVE-2022-21661",

56
2022/CVE-2022-21907.json
View file

@ -75,6 +75,62 @@
"watchers": 25,
"score": 0
},
{
"id": 448729790,
"name": "CVE-2022-21907",
"full_name": "ZZ-SOCMAP\/CVE-2022-21907",
"owner": {
"login": "ZZ-SOCMAP",
"id": 98105412,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98105412?v=4",
"html_url": "https:\/\/github.com\/ZZ-SOCMAP"
},
"html_url": "https:\/\/github.com\/ZZ-SOCMAP\/CVE-2022-21907",
"description": "HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907",
"fork": false,
"created_at": "2022-01-17T02:28:50Z",
"updated_at": "2022-10-05T05:06:11Z",
"pushed_at": "2022-01-20T02:07:59Z",
"stargazers_count": 365,
"watchers_count": 365,
"forks_count": 98,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 98,
"watchers": 365,
"score": 0
},
{
"id": 448909871,
"name": "CVE-2022-21907",
"full_name": "xiska62314\/CVE-2022-21907",
"owner": {
"login": "xiska62314",
"id": 97891523,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97891523?v=4",
"html_url": "https:\/\/github.com\/xiska62314"
},
"html_url": "https:\/\/github.com\/xiska62314\/CVE-2022-21907",
"description": "CVE-2022-21907",
"fork": false,
"created_at": "2022-01-17T13:42:44Z",
"updated_at": "2022-01-17T13:42:44Z",
"pushed_at": "2022-01-17T13:42:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 448952968,
"name": "CVE-2022-21907-http.sys",

2
2022/CVE-2022-21971.json
View file

@ -76,7 +76,7 @@
"description": "POC Of CVE-2022-21971 ",
"fork": false,
"created_at": "2022-10-07T17:25:03Z",
"updated_at": "2022-10-21T11:16:37Z",
"updated_at": "2022-10-22T19:06:32Z",
"pushed_at": "2022-10-07T17:27:56Z",
"stargazers_count": 10,
"watchers_count": 10,

8
2022/CVE-2022-22954.json
View file

@ -688,10 +688,10 @@
"description": "一款针对Vcenter的综合利用工具包含目前最主流的CVE-2021-21972、CVE-2021-21985以及CVE-2021-22005、One Access的CVE-2022-22954、CVE-2022-22972\/31656以及log4j提供一键上传webshell命令执行或者上传公钥使用SSH免密连接",
"fork": false,
"created_at": "2022-10-04T03:39:27Z",
"updated_at": "2022-10-22T07:05:20Z",
"updated_at": "2022-10-22T18:52:45Z",
"pushed_at": "2022-10-20T02:06:54Z",
"stargazers_count": 530,
"watchers_count": 530,
"stargazers_count": 531,
"watchers_count": 531,
"forks_count": 53,
"allow_forking": true,
"is_template": false,
@ -706,7 +706,7 @@
],
"visibility": "public",
"forks": 53,
"watchers": 530,
"watchers": 531,
"score": 0
},
{

12
2022/CVE-2022-23131.json
View file

@ -69,18 +69,18 @@
"description": "cve-2022-23131 zabbix-saml-bypass-exp",
"fork": false,
"created_at": "2022-02-18T11:51:47Z",
"updated_at": "2022-10-21T22:11:21Z",
"updated_at": "2022-10-22T22:18:15Z",
"pushed_at": "2022-02-24T15:02:12Z",
"stargazers_count": 132,
"watchers_count": 132,
"forks_count": 46,
"stargazers_count": 133,
"watchers_count": 133,
"forks_count": 47,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 46,
"watchers": 132,
"forks": 47,
"watchers": 133,
"score": 0
},
{

8
2022/CVE-2022-3368.json
View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2022-10-18T09:16:04Z",
"updated_at": "2022-10-20T02:16:19Z",
"updated_at": "2022-10-22T19:43:11Z",
"pushed_at": "2022-10-18T09:30:55Z",
"stargazers_count": 20,
"watchers_count": 20,
"stargazers_count": 21,
"watchers_count": 21,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
@ -24,7 +24,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 20,
"watchers": 21,
"score": 0
}
]

30
2022/CVE-2022-36663.json Normal file
View file

@ -0,0 +1,30 @@
[
{
"id": 556017965,
"name": "CVE-2022-36663-PoC",
"full_name": "Qeisi\/CVE-2022-36663-PoC",
"owner": {
"login": "Qeisi",
"id": 84850150,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/84850150?v=4",
"html_url": "https:\/\/github.com\/Qeisi"
},
"html_url": "https:\/\/github.com\/Qeisi\/CVE-2022-36663-PoC",
"description": "Internal network scanner through Gluu IAM blind ssrf",
"fork": false,
"created_at": "2022-10-22T21:55:33Z",
"updated_at": "2022-10-22T22:14:24Z",
"pushed_at": "2022-10-23T00:01:45Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0
}
]

37
2022/CVE-2022-42889.json
View file

@ -13,7 +13,7 @@
"description": "CVE-2022-42889 dockerized sample application (Apache Commons Text RCE)",
"fork": false,
"created_at": "2022-10-17T16:07:50Z",
"updated_at": "2022-10-18T12:35:44Z",
"updated_at": "2022-10-23T00:00:42Z",
"pushed_at": "2022-10-17T16:09:23Z",
"stargazers_count": 1,
"watchers_count": 1,
@ -26,7 +26,8 @@
"cve",
"cve-2022-42889",
"poc",
"rce"
"rce",
"text4shell"
],
"visibility": "public",
"forks": 2,
@ -51,7 +52,7 @@
"pushed_at": "2022-10-20T11:56:13Z",
"stargazers_count": 25,
"watchers_count": 25,
"forks_count": 8,
"forks_count": 9,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -62,7 +63,7 @@
"poc"
],
"visibility": "public",
"forks": 8,
"forks": 9,
"watchers": 25,
"score": 0
},
@ -136,11 +137,11 @@
"description": "Dockerized POC for CVE-2022-42889 Text4Shell",
"fork": false,
"created_at": "2022-10-18T09:58:00Z",
"updated_at": "2022-10-22T17:33:01Z",
"updated_at": "2022-10-22T22:48:20Z",
"pushed_at": "2022-10-18T10:00:27Z",
"stargazers_count": 45,
"watchers_count": 45,
"forks_count": 13,
"stargazers_count": 46,
"watchers_count": 46,
"forks_count": 14,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -154,8 +155,8 @@
"text4shell"
],
"visibility": "public",
"forks": 13,
"watchers": 45,
"forks": 14,
"watchers": 46,
"score": 0
},
{
@ -204,7 +205,7 @@
"pushed_at": "2022-10-22T13:42:12Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -217,7 +218,7 @@
"text4shell"
],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 1,
"score": 0
},
@ -307,13 +308,13 @@
"pushed_at": "2022-10-20T12:51:08Z",
"stargazers_count": 24,
"watchers_count": 24,
"forks_count": 6,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 6,
"forks": 7,
"watchers": 24,
"score": 0
},
@ -393,10 +394,10 @@
"description": "Proof of Concept Appliction for testing CVE-2022-42889",
"fork": false,
"created_at": "2022-10-20T18:07:25Z",
"updated_at": "2022-10-21T19:34:11Z",
"updated_at": "2022-10-22T23:45:22Z",
"pushed_at": "2022-10-20T20:03:36Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
@ -404,7 +405,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 2,
"watchers": 3,
"score": 0
},
{

21
README.md
View file

@ -23,6 +23,15 @@ Improper Restriction of XML External Entity Reference in GitHub repository skylo
- [Haxatron/CVE-2022-0219](https://github.com/Haxatron/CVE-2022-0219)
### CVE-2022-0236 (2022-01-18)
<code>
The WP Import Export WordPress plugin (both free and premium versions) is vulnerable to unauthenticated sensitive data disclosure due to a missing capability check on the download function wpie_process_file_download found in the ~/includes/classes/class-wpie-general.php file. This made it possible for unauthenticated attackers to download any imported or exported information from a vulnerable site which can contain sensitive information like user data. This affects versions up to, and including, 3.9.15.
</code>
- [qurbat/CVE-2022-0236](https://github.com/qurbat/CVE-2022-0236)
- [xiska62314/CVE-2022-0236](https://github.com/xiska62314/CVE-2022-0236)
### CVE-2022-0265 (2022-03-03)
<code>
@ -838,6 +847,7 @@ Rust is a multi-paradigm, general-purpose programming language designed for perf
Gin-vue-admin is a backstage management system based on vue and gin. In versions prior to 2.4.7 low privilege users are able to modify higher privilege users. Authentication is missing on the `setUserInfo` function. Users are advised to update as soon as possible. There are no known workarounds.
</code>
- [UzJu/Gin-Vue-admin-poc-CVE-2022-21660](https://github.com/UzJu/Gin-Vue-admin-poc-CVE-2022-21660)
- [UzJu/CVE-2022-21660](https://github.com/UzJu/CVE-2022-21660)
### CVE-2022-21661 (2022-01-06)
@ -846,6 +856,7 @@ Gin-vue-admin is a backstage management system based on vue and gin. In versions
WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to improper sanitization in WP_Query, there can be cases where SQL injection is possible through plugins or themes that use it in a certain way. This has been patched in WordPress version 5.8.3. Older affected versions are also fixed via security release, that go back till 3.7.37. We strongly recommend that you keep auto-updates enabled. There are no known workarounds for this vulnerability.
</code>
- [TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection](https://github.com/TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection)
- [purple-WL/wordpress-CVE-2022-21661](https://github.com/purple-WL/wordpress-CVE-2022-21661)
- [0x4E0x650x6F/Wordpress-cve-CVE-2022-21661](https://github.com/0x4E0x650x6F/Wordpress-cve-CVE-2022-21661)
- [PyterSmithDarkGhost/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection-main](https://github.com/PyterSmithDarkGhost/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection-main)
@ -921,6 +932,8 @@ HTTP Protocol Stack Remote Code Execution Vulnerability.
- [corelight/cve-2022-21907](https://github.com/corelight/cve-2022-21907)
- [mauricelambert/CVE-2022-21907](https://github.com/mauricelambert/CVE-2022-21907)
- [ZZ-SOCMAP/CVE-2022-21907](https://github.com/ZZ-SOCMAP/CVE-2022-21907)
- [xiska62314/CVE-2022-21907](https://github.com/xiska62314/CVE-2022-21907)
- [p0dalirius/CVE-2022-21907-http.sys](https://github.com/p0dalirius/CVE-2022-21907-http.sys)
- [michelep/CVE-2022-21907-Vulnerability-PoC](https://github.com/michelep/CVE-2022-21907-Vulnerability-PoC)
- [polakow/CVE-2022-21907](https://github.com/polakow/CVE-2022-21907)
@ -3686,6 +3699,14 @@ Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an aut
- [lutrasecurity/CVE-2022-36532](https://github.com/lutrasecurity/CVE-2022-36532)
### CVE-2022-36663 (2022-09-06)
<code>
Gluu Oxauth before v4.4.1 allows attackers to execute blind SSRF (Server-Side Request Forgery) attacks via a crafted request_uri parameter.
</code>
- [Qeisi/CVE-2022-36663-PoC](https://github.com/Qeisi/CVE-2022-36663-PoC)
### CVE-2022-36804 (2022-08-25)
<code>