Auto Update 2024/03/26 18:27:15

This commit is contained in:
motikan2010-bot 2024-03-27 03:27:15 +09:00
parent d39ad72a16
commit 80d17ad80a
45 changed files with 299 additions and 223 deletions

View file

@ -43,10 +43,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-03-26T08:47:49Z",
"updated_at": "2024-03-26T16:28:13Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1896,
"watchers_count": 1896,
"stargazers_count": 1897,
"watchers_count": 1897,
"has_discussions": true,
"forks_count": 331,
"allow_forking": true,
@ -76,7 +76,7 @@
],
"visibility": "public",
"forks": 331,
"watchers": 1896,
"watchers": 1897,
"score": 0,
"subscribers_count": 35
},

View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-03-26T08:47:49Z",
"updated_at": "2024-03-26T16:28:13Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1896,
"watchers_count": 1896,
"stargazers_count": 1897,
"watchers_count": 1897,
"has_discussions": true,
"forks_count": 331,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 331,
"watchers": 1896,
"watchers": 1897,
"score": 0,
"subscribers_count": 35
},

View file

@ -263,10 +263,10 @@
"description": "A CVE-2016-5195 exploit example.",
"fork": false,
"created_at": "2016-10-23T00:16:33Z",
"updated_at": "2024-02-07T10:17:03Z",
"updated_at": "2024-03-26T15:06:38Z",
"pushed_at": "2017-03-21T16:46:38Z",
"stargazers_count": 303,
"watchers_count": 303,
"stargazers_count": 304,
"watchers_count": 304,
"has_discussions": false,
"forks_count": 125,
"allow_forking": true,
@ -279,7 +279,7 @@
],
"visibility": "public",
"forks": 125,
"watchers": 303,
"watchers": 304,
"score": 0,
"subscribers_count": 16
},
@ -447,10 +447,10 @@
"description": "Dirty Cow exploit - CVE-2016-5195",
"fork": false,
"created_at": "2016-11-25T21:08:01Z",
"updated_at": "2024-03-15T07:47:45Z",
"updated_at": "2024-03-26T16:35:37Z",
"pushed_at": "2021-04-08T11:35:12Z",
"stargazers_count": 805,
"watchers_count": 805,
"stargazers_count": 806,
"watchers_count": 806,
"has_discussions": false,
"forks_count": 427,
"allow_forking": true,
@ -463,7 +463,7 @@
],
"visibility": "public",
"forks": 427,
"watchers": 805,
"watchers": 806,
"score": 0,
"subscribers_count": 11
},
@ -1145,10 +1145,10 @@
"description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞Dirty Cow但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”",
"fork": false,
"created_at": "2022-03-07T18:36:50Z",
"updated_at": "2024-03-26T11:21:34Z",
"updated_at": "2024-03-26T14:25:11Z",
"pushed_at": "2023-02-02T02:17:30Z",
"stargazers_count": 269,
"watchers_count": 269,
"stargazers_count": 270,
"watchers_count": 270,
"has_discussions": false,
"forks_count": 77,
"allow_forking": true,
@ -1157,7 +1157,7 @@
"topics": [],
"visibility": "public",
"forks": 77,
"watchers": 269,
"watchers": 270,
"score": 0,
"subscribers_count": 4
},

View file

@ -13,7 +13,7 @@
"description": "Blueborne CVE-2017-0781 Android heap overflow vulnerability",
"fork": false,
"created_at": "2017-10-09T15:13:25Z",
"updated_at": "2024-03-12T17:35:10Z",
"updated_at": "2024-03-26T12:57:38Z",
"pushed_at": "2021-07-29T12:00:48Z",
"stargazers_count": 134,
"watchers_count": 134,

View file

@ -414,10 +414,10 @@
"description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具采用JDK 1.8+NetBeans8.2开发软件运行必须安装JDK 1.8或者以上版本。 支持weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。",
"fork": false,
"created_at": "2018-09-13T09:44:18Z",
"updated_at": "2024-03-25T07:17:12Z",
"updated_at": "2024-03-26T13:53:49Z",
"pushed_at": "2020-10-01T20:20:41Z",
"stargazers_count": 419,
"watchers_count": 419,
"stargazers_count": 420,
"watchers_count": 420,
"has_discussions": false,
"forks_count": 166,
"allow_forking": true,
@ -426,7 +426,7 @@
"topics": [],
"visibility": "public",
"forks": 166,
"watchers": 419,
"watchers": 420,
"score": 0,
"subscribers_count": 9
},

View file

@ -43,10 +43,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-03-26T08:47:49Z",
"updated_at": "2024-03-26T16:28:13Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1896,
"watchers_count": 1896,
"stargazers_count": 1897,
"watchers_count": 1897,
"has_discussions": true,
"forks_count": 331,
"allow_forking": true,
@ -76,7 +76,7 @@
],
"visibility": "public",
"forks": 331,
"watchers": 1896,
"watchers": 1897,
"score": 0,
"subscribers_count": 35
},

View file

@ -557,10 +557,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-03-26T08:47:49Z",
"updated_at": "2024-03-26T16:28:13Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1896,
"watchers_count": 1896,
"stargazers_count": 1897,
"watchers_count": 1897,
"has_discussions": true,
"forks_count": 331,
"allow_forking": true,
@ -590,7 +590,7 @@
],
"visibility": "public",
"forks": 331,
"watchers": 1896,
"watchers": 1897,
"score": 0,
"subscribers_count": 35
},

View file

@ -80,10 +80,10 @@
"description": "Exploit for Drupal v7.x + v8.x (Drupalgeddon 2 \/ CVE-2018-7600 \/ SA-CORE-2018-002)",
"fork": false,
"created_at": "2018-04-12T22:53:14Z",
"updated_at": "2024-03-25T04:09:36Z",
"updated_at": "2024-03-26T14:13:57Z",
"pushed_at": "2021-01-08T10:31:22Z",
"stargazers_count": 561,
"watchers_count": 561,
"stargazers_count": 562,
"watchers_count": 562,
"has_discussions": false,
"forks_count": 185,
"allow_forking": true,
@ -102,7 +102,7 @@
],
"visibility": "public",
"forks": 185,
"watchers": 561,
"watchers": 562,
"score": 0,
"subscribers_count": 23
},

View file

@ -1,20 +1,20 @@
[
{
"id": 777694657,
"name": "CVE-2011-5325",
"full_name": "itwizardo\/CVE-2011-5325",
"name": "CVE-2019-12550",
"full_name": "itwizardo\/CVE-2019-12550",
"owner": {
"login": "itwizardo",
"id": 32465924,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/32465924?v=4",
"html_url": "https:\/\/github.com\/itwizardo"
},
"html_url": "https:\/\/github.com\/itwizardo\/CVE-2011-5325",
"html_url": "https:\/\/github.com\/itwizardo\/CVE-2019-12550",
"description": "Proof Of Concept",
"fork": false,
"created_at": "2024-03-26T10:44:03Z",
"updated_at": "2024-03-26T10:44:04Z",
"pushed_at": "2024-03-26T10:44:04Z",
"updated_at": "2024-03-26T13:13:55Z",
"pushed_at": "2024-03-26T17:15:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

View file

@ -193,10 +193,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-03-26T08:47:49Z",
"updated_at": "2024-03-26T16:28:13Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1896,
"watchers_count": 1896,
"stargazers_count": 1897,
"watchers_count": 1897,
"has_discussions": true,
"forks_count": 331,
"allow_forking": true,
@ -226,7 +226,7 @@
],
"visibility": "public",
"forks": 331,
"watchers": 1896,
"watchers": 1897,
"score": 0,
"subscribers_count": 35
}

View file

@ -13,10 +13,10 @@
"description": "Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具采用JDK 1.8+NetBeans8.2开发软件运行必须安装JDK 1.8或者以上版本。 支持weblogic xml反序列化漏洞 CVE-2017-10271\/CNVD-C-2019-48814\/CVE-2019-2725检查。",
"fork": false,
"created_at": "2018-09-13T09:44:18Z",
"updated_at": "2024-03-25T07:17:12Z",
"updated_at": "2024-03-26T13:53:49Z",
"pushed_at": "2020-10-01T20:20:41Z",
"stargazers_count": 419,
"watchers_count": 419,
"stargazers_count": 420,
"watchers_count": 420,
"has_discussions": false,
"forks_count": 166,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 166,
"watchers": 419,
"watchers": 420,
"score": 0,
"subscribers_count": 9
},

View file

@ -13,10 +13,10 @@
"description": "Programa ideal para robar toda la información de un dispositivo remotamente a través de la aplicación AirDroid. [CVE-2019-9599] (https:\/\/www.exploit-db.com\/exploits\/46337)",
"fork": false,
"created_at": "2019-02-09T02:18:37Z",
"updated_at": "2024-03-25T23:58:41Z",
"updated_at": "2024-03-26T15:25:33Z",
"pushed_at": "2019-11-03T17:29:56Z",
"stargazers_count": 45,
"watchers_count": 45,
"stargazers_count": 44,
"watchers_count": 44,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 45,
"watchers": 44,
"score": 0,
"subscribers_count": 2
}

View file

@ -13,10 +13,10 @@
"description": "Root your MediaTek device with CVE-2020-0069",
"fork": false,
"created_at": "2019-09-06T12:12:48Z",
"updated_at": "2024-02-25T10:38:44Z",
"updated_at": "2024-03-26T14:32:25Z",
"pushed_at": "2023-02-06T19:18:56Z",
"stargazers_count": 131,
"watchers_count": 131,
"stargazers_count": 132,
"watchers_count": 132,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 24,
"watchers": 131,
"watchers": 132,
"score": 0,
"subscribers_count": 10
},

View file

@ -103,10 +103,10 @@
"description": "Cnvd-2020-10487 \/ cve-2020-1938, scanner tool",
"fork": false,
"created_at": "2020-02-20T21:00:15Z",
"updated_at": "2024-03-13T06:56:40Z",
"updated_at": "2024-03-26T13:15:47Z",
"pushed_at": "2021-11-26T07:40:35Z",
"stargazers_count": 290,
"watchers_count": 290,
"stargazers_count": 291,
"watchers_count": 291,
"has_discussions": false,
"forks_count": 101,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 101,
"watchers": 290,
"watchers": 291,
"score": 0,
"subscribers_count": 8
},

View file

@ -13,10 +13,10 @@
"description": "weblogic 漏洞扫描工具。目前包含对以下漏洞的检测能力CVE-2014-4210、CVE-2016-0638、CVE-2016-3510、CVE-2017-3248、CVE-2017-3506、CVE-2017-10271、CVE-2018-2628、CVE-2018-2893、CVE-2018-2894、CVE-2018-3191、CVE-2018-3245、CVE-2018-3252、CVE-2019-2618、CVE-2019-2725、CVE-2019-2729、CVE-2019-2890、CVE-2020-2551、CVE-2020-14750、CVE-2020-14882、CVE-2020-14883",
"fork": false,
"created_at": "2020-01-15T04:26:29Z",
"updated_at": "2024-03-26T08:47:49Z",
"updated_at": "2024-03-26T16:28:13Z",
"pushed_at": "2023-11-24T09:21:56Z",
"stargazers_count": 1896,
"watchers_count": 1896,
"stargazers_count": 1897,
"watchers_count": 1897,
"has_discussions": true,
"forks_count": 331,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 331,
"watchers": 1896,
"watchers": 1897,
"score": 0,
"subscribers_count": 35
},

View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2020-12-24T09:10:17Z",
"updated_at": "2024-03-12T21:56:49Z",
"pushed_at": "2020-12-25T09:51:37Z",
"pushed_at": "2024-03-26T14:10:09Z",
"stargazers_count": 29,
"watchers_count": 29,
"has_discussions": false,

View file

@ -43,10 +43,10 @@
"description": "C# and Impacket implementation of PrintNightmare CVE-2021-1675\/CVE-2021-34527",
"fork": false,
"created_at": "2021-06-29T17:24:14Z",
"updated_at": "2024-03-25T17:40:08Z",
"updated_at": "2024-03-26T13:12:52Z",
"pushed_at": "2021-07-20T15:28:13Z",
"stargazers_count": 1783,
"watchers_count": 1783,
"stargazers_count": 1784,
"watchers_count": 1784,
"has_discussions": false,
"forks_count": 580,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 580,
"watchers": 1783,
"watchers": 1784,
"score": 0,
"subscribers_count": 44
},

View file

@ -470,10 +470,10 @@
"description": null,
"fork": false,
"created_at": "2021-01-30T20:39:58Z",
"updated_at": "2024-03-26T03:07:53Z",
"updated_at": "2024-03-26T13:05:38Z",
"pushed_at": "2021-02-02T17:07:09Z",
"stargazers_count": 915,
"watchers_count": 915,
"stargazers_count": 916,
"watchers_count": 916,
"has_discussions": false,
"forks_count": 235,
"allow_forking": true,
@ -482,7 +482,7 @@
"topics": [],
"visibility": "public",
"forks": 235,
"watchers": 915,
"watchers": 916,
"score": 0,
"subscribers_count": 27
},

View file

@ -79,10 +79,10 @@
"description": null,
"fork": false,
"created_at": "2021-07-02T12:10:49Z",
"updated_at": "2024-03-21T14:43:37Z",
"updated_at": "2024-03-26T14:06:54Z",
"pushed_at": "2021-07-02T12:17:50Z",
"stargazers_count": 226,
"watchers_count": 226,
"stargazers_count": 228,
"watchers_count": 228,
"has_discussions": false,
"forks_count": 61,
"allow_forking": true,
@ -91,7 +91,7 @@
"topics": [],
"visibility": "public",
"forks": 61,
"watchers": 226,
"watchers": 228,
"score": 0,
"subscribers_count": 9
},

View file

@ -201,10 +201,10 @@
"description": "A exploit tool for Grafana Unauthorized arbitrary file reading vulnerability (CVE-2021-43798), it can burst plugins \/ extract secret_key \/ decrypt data_source info automatic.",
"fork": false,
"created_at": "2021-12-07T15:11:34Z",
"updated_at": "2024-03-25T16:55:02Z",
"updated_at": "2024-03-26T13:58:11Z",
"pushed_at": "2023-11-07T02:48:51Z",
"stargazers_count": 235,
"watchers_count": 235,
"stargazers_count": 236,
"watchers_count": 236,
"has_discussions": false,
"forks_count": 36,
"allow_forking": true,
@ -217,7 +217,7 @@
],
"visibility": "public",
"forks": 36,
"watchers": 235,
"watchers": 236,
"score": 0,
"subscribers_count": 5
},

View file

@ -13,10 +13,10 @@
"description": "Environment with vulnerable kernel for exploitation of the TEE driver (CVE-2021-44733)",
"fork": false,
"created_at": "2021-12-23T17:45:35Z",
"updated_at": "2023-12-27T14:54:48Z",
"updated_at": "2024-03-26T16:50:22Z",
"pushed_at": "2021-12-28T07:57:13Z",
"stargazers_count": 72,
"watchers_count": 72,
"stargazers_count": 73,
"watchers_count": 73,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 72,
"watchers": 73,
"score": 0,
"subscribers_count": 3
}

View file

@ -103,10 +103,10 @@
"description": "CVE-2022-0847-DirtyPipe-Exploit CVE-2022-0847 是存在于 Linux内核 5.8 及之后版本中的本地提权漏洞。攻击者通过利用此漏洞,可覆盖重写任意可读文件中的数据,从而可将普通权限的用户提升到特权 root。 CVE-2022-0847 的漏洞原理类似于 CVE-2016-5195 脏牛漏洞Dirty Cow但它更容易被利用。漏洞作者将此漏洞命名为“Dirty Pipe”",
"fork": false,
"created_at": "2022-03-07T18:36:50Z",
"updated_at": "2024-03-26T11:21:34Z",
"updated_at": "2024-03-26T14:25:11Z",
"pushed_at": "2023-02-02T02:17:30Z",
"stargazers_count": 269,
"watchers_count": 269,
"stargazers_count": 270,
"watchers_count": 270,
"has_discussions": false,
"forks_count": 77,
"allow_forking": true,
@ -115,7 +115,7 @@
"topics": [],
"visibility": "public",
"forks": 77,
"watchers": 269,
"watchers": 270,
"score": 0,
"subscribers_count": 4
},

View file

@ -2004,5 +2004,35 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 777796929,
"name": "CVE-2022-26134-POC",
"full_name": "404fu\/CVE-2022-26134-POC",
"owner": {
"login": "404fu",
"id": 144592414,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144592414?v=4",
"html_url": "https:\/\/github.com\/404fu"
},
"html_url": "https:\/\/github.com\/404fu\/CVE-2022-26134-POC",
"description": null,
"fork": false,
"created_at": "2024-03-26T14:18:17Z",
"updated_at": "2024-03-26T14:43:14Z",
"pushed_at": "2024-03-26T14:34:11Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}
]

View file

@ -13,10 +13,10 @@
"description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692",
"fork": false,
"created_at": "2023-06-10T08:31:26Z",
"updated_at": "2024-03-24T19:12:01Z",
"updated_at": "2024-03-26T15:27:53Z",
"pushed_at": "2024-02-23T14:48:26Z",
"stargazers_count": 182,
"watchers_count": 182,
"stargazers_count": 183,
"watchers_count": 183,
"has_discussions": true,
"forks_count": 23,
"allow_forking": true,
@ -28,7 +28,7 @@
],
"visibility": "public",
"forks": 23,
"watchers": 182,
"watchers": 183,
"score": 0,
"subscribers_count": 7
}

View file

@ -255,10 +255,10 @@
"description": "iOS customization app powered by CVE-2022-46689",
"fork": false,
"created_at": "2023-01-12T14:31:30Z",
"updated_at": "2024-01-04T06:36:37Z",
"updated_at": "2024-03-26T12:30:23Z",
"pushed_at": "2023-02-12T01:37:16Z",
"stargazers_count": 18,
"watchers_count": 18,
"stargazers_count": 19,
"watchers_count": 19,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -277,7 +277,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 18,
"watchers": 19,
"score": 0,
"subscribers_count": 2
},

View file

@ -13,10 +13,10 @@
"description": "CVE-2022-46718: an app may be able to read sensitive location information.",
"fork": false,
"created_at": "2023-05-01T18:34:52Z",
"updated_at": "2024-03-26T08:20:37Z",
"updated_at": "2024-03-26T17:28:21Z",
"pushed_at": "2023-05-01T18:48:34Z",
"stargazers_count": 20,
"watchers_count": 20,
"stargazers_count": 21,
"watchers_count": 21,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 20,
"watchers": 21,
"score": 0,
"subscribers_count": 2
}

View file

@ -48,13 +48,13 @@
"stargazers_count": 118,
"watchers_count": 118,
"has_discussions": false,
"forks_count": 26,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 26,
"forks": 21,
"watchers": 118,
"score": 0,
"subscribers_count": 3

View file

@ -13,10 +13,10 @@
"description": "PoC Exploit for VM2 Sandbox Escape Vulnerability",
"fork": false,
"created_at": "2023-12-10T08:32:26Z",
"updated_at": "2024-02-08T08:55:40Z",
"updated_at": "2024-03-26T15:54:06Z",
"pushed_at": "2023-12-14T20:09:23Z",
"stargazers_count": 44,
"watchers_count": 44,
"stargazers_count": 45,
"watchers_count": 45,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 7,
"watchers": 44,
"watchers": 45,
"score": 0,
"subscribers_count": 1
},

View file

@ -13,10 +13,10 @@
"description": "Android App Pin Security Issue Allowing Unauthorized Payments via Google Wallet",
"fork": false,
"created_at": "2023-09-01T20:16:28Z",
"updated_at": "2024-02-28T07:12:01Z",
"updated_at": "2024-03-26T13:28:00Z",
"pushed_at": "2024-02-12T03:18:54Z",
"stargazers_count": 71,
"watchers_count": 71,
"stargazers_count": 72,
"watchers_count": 72,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 71,
"watchers": 72,
"score": 0,
"subscribers_count": 2
}

View file

@ -13,10 +13,10 @@
"description": "Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation",
"fork": false,
"created_at": "2024-03-21T21:39:24Z",
"updated_at": "2024-03-26T12:05:46Z",
"updated_at": "2024-03-26T17:03:05Z",
"pushed_at": "2024-03-22T06:45:43Z",
"stargazers_count": 71,
"watchers_count": 71,
"stargazers_count": 72,
"watchers_count": 72,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 71,
"watchers": 72,
"score": 0,
"subscribers_count": 1
}

View file

@ -13,7 +13,7 @@
"description": "Simple PoC causing overflow",
"fork": false,
"created_at": "2023-10-11T08:11:56Z",
"updated_at": "2023-10-16T14:24:52Z",
"updated_at": "2024-03-26T14:38:16Z",
"pushed_at": "2023-10-11T08:17:06Z",
"stargazers_count": 16,
"watchers_count": 16,

View file

@ -13,10 +13,10 @@
"description": "ManageEngine ADManager Command Injection",
"fork": false,
"created_at": "2023-10-02T02:14:23Z",
"updated_at": "2023-10-20T00:51:59Z",
"updated_at": "2024-03-26T14:11:23Z",
"pushed_at": "2023-10-02T05:58:14Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 10,
"watchers": 11,
"score": 0,
"subscribers_count": 1
}

View file

@ -48,7 +48,7 @@
"stargazers_count": 759,
"watchers_count": 759,
"has_discussions": false,
"forks_count": 138,
"forks_count": 139,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -58,7 +58,7 @@
"exploit"
],
"visibility": "public",
"forks": 138,
"forks": 139,
"watchers": 759,
"score": 0,
"subscribers_count": 9

View file

@ -43,12 +43,12 @@
"description": "JumpServer 堡垒机未授权综合漏洞利用, Exploit for CVE-2023-42442 \/ CVE-2023-42820 \/ RCE 2021",
"fork": false,
"created_at": "2023-10-14T09:35:07Z",
"updated_at": "2024-03-25T16:06:20Z",
"updated_at": "2024-03-26T14:46:46Z",
"pushed_at": "2024-02-20T09:03:22Z",
"stargazers_count": 134,
"watchers_count": 134,
"stargazers_count": 135,
"watchers_count": 135,
"has_discussions": false,
"forks_count": 10,
"forks_count": 11,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -58,8 +58,8 @@
"jumpserver"
],
"visibility": "public",
"forks": 10,
"watchers": 134,
"forks": 11,
"watchers": 135,
"score": 0,
"subscribers_count": 1
},

View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2024-03-26T11:01:54Z",
"updated_at": "2024-03-26T11:03:30Z",
"pushed_at": "2024-03-26T11:03:26Z",
"pushed_at": "2024-03-26T17:16:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

View file

@ -13,19 +13,19 @@
"description": "🚨 CVE-2023-45866 - BlueDucky Implementation (Using DuckyScript) 🔓 Unauthenticated Peering Leading to Code Execution (Using HID Keyboard)",
"fork": false,
"created_at": "2024-01-16T06:52:02Z",
"updated_at": "2024-03-26T11:39:20Z",
"updated_at": "2024-03-26T18:19:08Z",
"pushed_at": "2024-02-06T21:45:34Z",
"stargazers_count": 40,
"watchers_count": 40,
"stargazers_count": 55,
"watchers_count": 55,
"has_discussions": false,
"forks_count": 12,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 40,
"forks": 13,
"watchers": 55,
"score": 0,
"subscribers_count": 3
},

View file

@ -13,10 +13,10 @@
"description": "0day for Citrix Netscaler ADC and NetScaler Gateway latest versions",
"fork": false,
"created_at": "2024-03-04T08:57:27Z",
"updated_at": "2024-03-23T16:48:58Z",
"updated_at": "2024-03-26T15:23:22Z",
"pushed_at": "2024-03-04T09:36:29Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 7,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}

38
2024/CVE-2024-1086.json Normal file
View file

@ -0,0 +1,38 @@
[
{
"id": 775151369,
"name": "CVE-2024-1086",
"full_name": "Notselwyn\/CVE-2024-1086",
"owner": {
"login": "Notselwyn",
"id": 68616630,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/68616630?v=4",
"html_url": "https:\/\/github.com\/Notselwyn"
},
"html_url": "https:\/\/github.com\/Notselwyn\/CVE-2024-1086",
"description": "Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.",
"fork": false,
"created_at": "2024-03-20T21:16:41Z",
"updated_at": "2024-03-26T18:29:09Z",
"pushed_at": "2024-03-26T16:31:36Z",
"stargazers_count": 115,
"watchers_count": 115,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2024-1086",
"exploit",
"lpe",
"poc"
],
"visibility": "public",
"forks": 6,
"watchers": 115,
"score": 0,
"subscribers_count": 2
}
]

View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2024-03-25T07:01:59Z",
"updated_at": "2024-03-26T05:40:44Z",
"pushed_at": "2024-03-26T05:31:43Z",
"pushed_at": "2024-03-26T18:30:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

View file

@ -13,12 +13,12 @@
"description": "Exploit for CVE-2024-20767 - Adobe ColdFusion",
"fork": false,
"created_at": "2024-03-26T06:51:08Z",
"updated_at": "2024-03-26T11:11:21Z",
"pushed_at": "2024-03-26T07:00:44Z",
"stargazers_count": 3,
"watchers_count": 3,
"updated_at": "2024-03-26T14:05:01Z",
"pushed_at": "2024-03-26T15:52:49Z",
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -28,8 +28,8 @@
"cve-2024-20767"
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"forks": 2,
"watchers": 5,
"score": 0,
"subscribers_count": 0
},

View file

@ -193,10 +193,10 @@
"description": "Bu betik, Microsoft Outlook'ta keşfedilen ve CVSS değeri 9.8 olan önemli bir güvenlik açığı olan CVE-2024-21413 için bir kavram kanıtı (PoC) sunmaktadır. MonikerLink hatası olarak adlandırılan bu güvenlik açığı, yerel NTLM bilgilerinin potansiyel sızıntısı ve uzaktan kod çalıştırma olasılığı dahil olmak üzere geniş kapsamlı etkilere sahiptir.",
"fork": false,
"created_at": "2024-02-23T12:13:11Z",
"updated_at": "2024-03-01T06:27:29Z",
"updated_at": "2024-03-26T13:30:53Z",
"pushed_at": "2024-02-24T15:36:22Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -205,7 +205,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},

View file

@ -13,10 +13,10 @@
"description": null,
"fork": false,
"created_at": "2024-03-25T17:50:33Z",
"updated_at": "2024-03-25T18:24:17Z",
"pushed_at": "2024-03-25T18:27:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"updated_at": "2024-03-26T13:12:34Z",
"pushed_at": "2024-03-26T13:17:17Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

View file

@ -13,10 +13,10 @@
"description": "Unauthenticated Remote Code Execution Bricks <= 1.9.6",
"fork": false,
"created_at": "2024-02-20T20:16:09Z",
"updated_at": "2024-03-26T09:53:43Z",
"updated_at": "2024-03-26T17:43:49Z",
"pushed_at": "2024-02-25T21:50:09Z",
"stargazers_count": 110,
"watchers_count": 110,
"stargazers_count": 112,
"watchers_count": 112,
"has_discussions": false,
"forks_count": 25,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 25,
"watchers": 110,
"watchers": 112,
"score": 0,
"subscribers_count": 1
},

View file

@ -13,10 +13,10 @@
"description": "Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting (CVE-2024-29059)",
"fork": false,
"created_at": "2024-03-11T10:14:39Z",
"updated_at": "2024-03-26T12:13:48Z",
"updated_at": "2024-03-26T17:02:59Z",
"pushed_at": "2024-03-25T12:56:16Z",
"stargazers_count": 24,
"watchers_count": 24,
"stargazers_count": 29,
"watchers_count": 29,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 24,
"watchers": 29,
"score": 0,
"subscribers_count": 0
}

122
README.md
View file

@ -66,6 +66,13 @@
- [Matrexdz/CVE-2024-1071](https://github.com/Matrexdz/CVE-2024-1071)
- [Matrexdz/CVE-2024-1071-Docker](https://github.com/Matrexdz/CVE-2024-1071-Docker)
### CVE-2024-1086 (2024-01-31)
<code>A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.\n\nThe nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.\n\nWe recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.\n\n
</code>
- [Notselwyn/CVE-2024-1086](https://github.com/Notselwyn/CVE-2024-1086)
### CVE-2024-1208 (2024-02-05)
<code>The LearnDash LMS plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.10.2 via API. This makes it possible for unauthenticated attackers to obtain access to quiz questions.
@ -113,7 +120,7 @@
- [PeterGabaldon/CVE-2024-1346](https://github.com/PeterGabaldon/CVE-2024-1346)
### CVE-2024-1403 (-)
### CVE-2024-1403 (2024-02-27)
<code>In OpenEdge Authentication Gateway and AdminServer prior to 11.7.19, 12.2.14, 12.8.1 on all platforms supported by the OpenEdge product, an authentication bypass vulnerability has been identified.  The\nvulnerability is a bypass to authentication based on a failure to properly\nhandle username and password. Certain unexpected\ncontent passed into the credentials can lead to unauthorized access without proper\nauthentication.   \n\n\n\n\n\n\n
</code>
@ -151,14 +158,14 @@
- [Icycu123/CVE-2024-1781](https://github.com/Icycu123/CVE-2024-1781)
### CVE-2024-2054 (-)
### CVE-2024-2054 (2024-03-05)
<code>The Artica-Proxy administrative web application will deserialize arbitrary PHP objects supplied by unauthenticated users and subsequently enable code execution as the &quot;www-data&quot; user.
</code>
- [Madan301/CVE-2024-2054](https://github.com/Madan301/CVE-2024-2054)
### CVE-2024-2074 (-)
### CVE-2024-2074 (2024-03-01)
<code>Eine kritische Schwachstelle wurde in Mini-Tmall bis 20231017 gefunden. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei ?r=tmall/admin/user/1/1. Mit der Manipulation des Arguments orderBy mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung.
</code>
@ -177,7 +184,7 @@
### CVE-2024-12883
- [mhtsec/cve-2024-12883](https://github.com/mhtsec/cve-2024-12883)
### CVE-2024-20291 (-)
### CVE-2024-20291 (2024-02-28)
<code>A vulnerability in the access control list (ACL) programming for port channel subinterfaces of Cisco Nexus 3000 and 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, remote attacker to send traffic that should be blocked through an affected device.\r\n\r This vulnerability is due to incorrect hardware programming that occurs when configuration changes are made to port channel member ports. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to access network resources that should be protected by an ACL that was applied on port channel subinterfaces.
</code>
@ -371,7 +378,7 @@
- [Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution](https://github.com/Orange-418/AgentDVR-5.1.6.0-File-Upload-and-Remote-Code-Execution)
- [Orange-418/CVE-2024-22515-File-Upload-Vulnerability](https://github.com/Orange-418/CVE-2024-22515-File-Upload-Vulnerability)
### CVE-2024-22532 (-)
### CVE-2024-22532 (2024-02-28)
<code>Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file.
</code>
@ -381,7 +388,7 @@
### CVE-2024-22534
- [austino2000/CVE-2024-22534](https://github.com/austino2000/CVE-2024-22534)
### CVE-2024-22752 (-)
### CVE-2024-22752 (2024-03-07)
<code>Insecure permissions issue in EaseUS MobiMover 6.0.5 Build 21620 allows attackers to gain escalated privileges via use of crafted executable launched from the application installation directory.
</code>
@ -391,7 +398,7 @@
### CVE-2024-22867
- [brandon-t-elliott/CVE-2024-22867](https://github.com/brandon-t-elliott/CVE-2024-22867)
### CVE-2024-22889 (-)
### CVE-2024-22889 (2024-03-05)
<code>Due to incorrect access control in Plone version v6.0.9, remote attackers can view and list all files hosted on the website via sending a crafted request.
</code>
@ -432,7 +439,7 @@
- [NUDTTAN91/CVE-2024-22939](https://github.com/NUDTTAN91/CVE-2024-22939)
### CVE-2024-22983 (-)
### CVE-2024-22983 (2024-02-28)
<code>SQL injection vulnerability in Projectworlds Visitor Management System in PHP v.1.0 allows a remote attacker to escalate privileges via the name parameter in the myform.php endpoint.
</code>
@ -582,7 +589,7 @@
- [ELIZEUOPAIN/CVE-2024-24034](https://github.com/ELIZEUOPAIN/CVE-2024-24034)
### CVE-2024-24035 (-)
### CVE-2024-24035 (2024-03-07)
<code>Cross Site Scripting (XSS) vulnerability in Setor Informatica SIL 3.1 allows attackers to run arbitrary code via the hmessage parameter.
</code>
@ -706,7 +713,7 @@
- [minj-ae/CVE-2024-24488](https://github.com/minj-ae/CVE-2024-24488)
### CVE-2024-24520 (-)
### CVE-2024-24520 (2024-02-29)
<code>An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place.
</code>
@ -734,14 +741,14 @@
- [nettitude/CVE-2024-25153](https://github.com/nettitude/CVE-2024-25153)
- [rainbowhatrkn/CVE-2024-25153](https://github.com/rainbowhatrkn/CVE-2024-25153)
### CVE-2024-25169 (-)
### CVE-2024-25169 (2024-02-28)
<code>An issue in Mezzanine v6.0.0 allows attackers to bypass access control mechanisms in the admin panel via a crafted request.
</code>
- [shenhav12/CVE-2024-25169-Mezzanine-v6.0.0](https://github.com/shenhav12/CVE-2024-25169-Mezzanine-v6.0.0)
### CVE-2024-25170 (-)
### CVE-2024-25170 (2024-02-28)
<code>An issue in Mezzanine v6.0.0 allows attackers to bypass access controls via manipulating the Host header.
</code>
@ -751,7 +758,7 @@
### CVE-2024-25175
- [jet-pentest/CVE-2024-25175](https://github.com/jet-pentest/CVE-2024-25175)
### CVE-2024-25202 (-)
### CVE-2024-25202 (2024-02-28)
<code>Cross Site Scripting vulnerability in Phpgurukul User Registration &amp; Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar.
</code>
@ -815,7 +822,7 @@
- [hy011121/CVE-2024-25600-wordpress-Exploit-RCE](https://github.com/hy011121/CVE-2024-25600-wordpress-Exploit-RCE)
- [K3ysTr0K3R/CVE-2024-25600-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2024-25600-EXPLOIT)
### CVE-2024-25731 (-)
### CVE-2024-25731 (2024-03-04)
<code>The Elink Smart eSmartCam (com.cn.dq.ipc) application 2.1.5 for Android contains hardcoded AES encryption keys that can be extracted from a binary file. Thus, encryption can be defeated by an attacker who can observe packet data (e.g., over Wi-Fi).
</code>
@ -825,7 +832,7 @@
### CVE-2024-25809
- [sajaljat/CVE-2024-25809](https://github.com/sajaljat/CVE-2024-25809)
### CVE-2024-25832 (-)
### CVE-2024-25832 (2024-02-28)
<code>F-logic DataCube3 v1.0 is vulnerable to unrestricted file upload, which could allow an authenticated malicious actor to upload a file of dangerous type by manipulating the filename extension.
</code>
@ -850,7 +857,7 @@
### CVE-2024-26560
- [sajaljat/CVE-2024-26560](https://github.com/sajaljat/CVE-2024-26560)
### CVE-2024-27198 (-)
### CVE-2024-27198 (2024-03-04)
<code>In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible
</code>
@ -872,7 +879,7 @@
### CVE-2024-27697
- [SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697](https://github.com/SanjinDedic/FuguHub-8.4-Authenticated-RCE-CVE-2024-27697)
### CVE-2024-28088 (-)
### CVE-2024-28088 (2024-03-03)
<code>LangChain through 0.1.10 allows ../ directory traversal by an actor who is able to control the final part of the path parameter in a load_chain call. This bypasses the intended behavior of loading configurations only from the hwchase17/langchain-hub GitHub repository. The outcome can be disclosure of an API key for a large language model online service, or remote code execution.
</code>
@ -6455,7 +6462,7 @@
- [amjadali-110/CVE-2023-43317](https://github.com/amjadali-110/CVE-2023-43317)
### CVE-2023-43318 (-)
### CVE-2023-43318 (2024-03-05)
<code>TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests.
</code>
@ -7649,56 +7656,56 @@
### CVE-2023-49496
- [HuangYanQwQ/CVE-2023-49496](https://github.com/HuangYanQwQ/CVE-2023-49496)
### CVE-2023-49539 (-)
### CVE-2023-49539 (2024-03-01)
<code>Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/category. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the category parameter.
</code>
- [geraldoalcantara/CVE-2023-49539](https://github.com/geraldoalcantara/CVE-2023-49539)
### CVE-2023-49540 (-)
### CVE-2023-49540 (2024-03-01)
<code>Book Store Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in /bsms_ci/index.php/history. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the history parameter.
</code>
- [geraldoalcantara/CVE-2023-49540](https://github.com/geraldoalcantara/CVE-2023-49540)
### CVE-2023-49543 (-)
### CVE-2023-49543 (2024-03-01)
<code>Incorrect access control in Book Store Management System v1 allows attackers to access unauthorized pages and execute administrative functions without authenticating.
</code>
- [geraldoalcantara/CVE-2023-49543](https://github.com/geraldoalcantara/CVE-2023-49543)
### CVE-2023-49544 (-)
### CVE-2023-49544 (2024-03-01)
<code>A local file inclusion (LFI) in Customer Support System v1 allows attackers to include internal PHP files and gain unauthorized acces via manipulation of the page= parameter at /customer_support/index.php.
</code>
- [geraldoalcantara/CVE-2023-49544](https://github.com/geraldoalcantara/CVE-2023-49544)
### CVE-2023-49545 (-)
### CVE-2023-49545 (2024-03-01)
<code>A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization.
</code>
- [geraldoalcantara/CVE-2023-49545](https://github.com/geraldoalcantara/CVE-2023-49545)
### CVE-2023-49546 (-)
### CVE-2023-49546 (2024-03-04)
<code>Customer Support System v1 was discovered to contain a SQL injection vulnerability via the email parameter at /customer_support/ajax.php.
</code>
- [geraldoalcantara/CVE-2023-49546](https://github.com/geraldoalcantara/CVE-2023-49546)
### CVE-2023-49547 (-)
### CVE-2023-49547 (2024-03-04)
<code>Customer Support System v1 was discovered to contain a SQL injection vulnerability via the username parameter at /customer_support/ajax.php?action=login.
</code>
- [geraldoalcantara/CVE-2023-49547](https://github.com/geraldoalcantara/CVE-2023-49547)
### CVE-2023-49548 (-)
### CVE-2023-49548 (2024-03-04)
<code>Customer Support System v1 was discovered to contain a SQL injection vulnerability via the lastname parameter at /customer_support/ajax.php?action=save_user.
</code>
@ -7729,140 +7736,140 @@
### CVE-2023-49965
- [hackintoanetwork/SpaceX-Starlink-Router-Gen-2-XSS](https://github.com/hackintoanetwork/SpaceX-Starlink-Router-Gen-2-XSS)
### CVE-2023-49968 (-)
### CVE-2023-49968 (2024-03-04)
<code>Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/manage_department.php.
</code>
- [geraldoalcantara/CVE-2023-49968](https://github.com/geraldoalcantara/CVE-2023-49968)
### CVE-2023-49969 (-)
### CVE-2023-49969 (2024-03-04)
<code>Customer Support System v1 was discovered to contain a SQL injection vulnerability via the id parameter at /customer_support/index.php?page=edit_customer.
</code>
- [geraldoalcantara/CVE-2023-49969](https://github.com/geraldoalcantara/CVE-2023-49969)
### CVE-2023-49970 (-)
### CVE-2023-49970 (2024-03-04)
<code>Customer Support System v1 was discovered to contain a SQL injection vulnerability via the subject parameter at /customer_support/ajax.php?action=save_ticket.
</code>
- [geraldoalcantara/CVE-2023-49970](https://github.com/geraldoalcantara/CVE-2023-49970)
### CVE-2023-49971 (-)
### CVE-2023-49971 (2024-03-05)
<code>A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the firstname parameter at /customer_support/index.php?page=customer_list.
</code>
- [geraldoalcantara/CVE-2023-49971](https://github.com/geraldoalcantara/CVE-2023-49971)
### CVE-2023-49973 (-)
### CVE-2023-49973 (2024-03-05)
<code>A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email parameter at /customer_support/index.php?page=customer_list.
</code>
- [geraldoalcantara/CVE-2023-49973](https://github.com/geraldoalcantara/CVE-2023-49973)
### CVE-2023-49974 (-)
### CVE-2023-49974 (2024-03-05)
<code>A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the contact parameter at /customer_support/index.php?page=customer_list.
</code>
- [geraldoalcantara/CVE-2023-49974](https://github.com/geraldoalcantara/CVE-2023-49974)
### CVE-2023-49976 (-)
### CVE-2023-49976 (2024-03-05)
<code>A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the subject parameter at /customer_support/index.php?page=new_ticket.
</code>
- [geraldoalcantara/CVE-2023-49976](https://github.com/geraldoalcantara/CVE-2023-49976)
### CVE-2023-49977 (-)
### CVE-2023-49977 (2024-03-05)
<code>A cross-site scripting (XSS) vulnerability in Customer Support System v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the address parameter at /customer_support/index.php?page=new_customer.
</code>
- [geraldoalcantara/CVE-2023-49977](https://github.com/geraldoalcantara/CVE-2023-49977)
### CVE-2023-49978 (-)
### CVE-2023-49978 (2024-03-06)
<code>Incorrect access control in Customer Support System v1 allows non-administrator users to access administrative pages and execute actions reserved for administrators.
</code>
- [geraldoalcantara/CVE-2023-49978](https://github.com/geraldoalcantara/CVE-2023-49978)
### CVE-2023-49979 (-)
### CVE-2023-49979 (2024-03-06)
<code>A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization.
</code>
- [geraldoalcantara/CVE-2023-49979](https://github.com/geraldoalcantara/CVE-2023-49979)
### CVE-2023-49980 (-)
### CVE-2023-49980 (2024-03-06)
<code>A directory listing vulnerability in Best Student Result Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization.
</code>
- [geraldoalcantara/CVE-2023-49980](https://github.com/geraldoalcantara/CVE-2023-49980)
### CVE-2023-49981 (-)
### CVE-2023-49981 (2024-03-06)
<code>A directory listing vulnerability in School Fees Management System v1.0 allows attackers to list directories and sensitive files within the application without requiring authorization.
</code>
- [geraldoalcantara/CVE-2023-49981](https://github.com/geraldoalcantara/CVE-2023-49981)
### CVE-2023-49982 (-)
### CVE-2023-49982 (2024-03-06)
<code>Broken access control in the component /admin/management/users of School Fees Management System v1.0 allows attackers to escalate privileges and perform Administrative actions, including adding and deleting user accounts.
</code>
- [geraldoalcantara/CVE-2023-49982](https://github.com/geraldoalcantara/CVE-2023-49982)
### CVE-2023-49983 (-)
### CVE-2023-49983 (2024-03-06)
<code>A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
</code>
- [geraldoalcantara/CVE-2023-49983](https://github.com/geraldoalcantara/CVE-2023-49983)
### CVE-2023-49984 (-)
### CVE-2023-49984 (2024-03-06)
<code>A cross-site scripting (XSS) vulnerability in the component /management/settings of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
</code>
- [geraldoalcantara/CVE-2023-49984](https://github.com/geraldoalcantara/CVE-2023-49984)
### CVE-2023-49985 (-)
### CVE-2023-49985 (2024-03-06)
<code>A cross-site scripting (XSS) vulnerability in the component /management/class of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cname parameter.
</code>
- [geraldoalcantara/CVE-2023-49985](https://github.com/geraldoalcantara/CVE-2023-49985)
### CVE-2023-49986 (-)
### CVE-2023-49986 (2024-03-06)
<code>A cross-site scripting (XSS) vulnerability in the component /admin/parent of School Fees Management System 1.0 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.
</code>
- [geraldoalcantara/CVE-2023-49986](https://github.com/geraldoalcantara/CVE-2023-49986)
### CVE-2023-49987 (-)
### CVE-2023-49987 (2024-03-06)
<code>A cross-site scripting (XSS) vulnerability in the component /management/term of School Fees Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tname parameter.
</code>
- [geraldoalcantara/CVE-2023-49987](https://github.com/geraldoalcantara/CVE-2023-49987)
### CVE-2023-49988 (-)
### CVE-2023-49988 (2024-03-06)
<code>Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the npss parameter at rooms.php.
</code>
- [geraldoalcantara/CVE-2023-49988](https://github.com/geraldoalcantara/CVE-2023-49988)
### CVE-2023-49989 (-)
### CVE-2023-49989 (2024-03-06)
<code>Hotel Booking Management v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at update.php.
</code>
@ -7987,7 +7994,7 @@
### CVE-2023-51214
- [chandraprarikraj/CVE-2023-51214](https://github.com/chandraprarikraj/CVE-2023-51214)
### CVE-2023-51281 (-)
### CVE-2023-51281 (2024-03-06)
<code>Cross Site Scripting vulnerability in Customer Support System v.1.0 allows a remote attacker to escalate privileges via a crafted script firstname, &quot;lastname&quot;, &quot;middlename&quot;, &quot;contact&quot; and address parameters.
</code>
@ -8058,21 +8065,21 @@
- [d4op/CVE-2023-51764-POC](https://github.com/d4op/CVE-2023-51764-POC)
- [Double-q1015/CVE-2023-51764](https://github.com/Double-q1015/CVE-2023-51764)
### CVE-2023-51800 (-)
### CVE-2023-51800 (2024-02-28)
<code>Cross Site Scripting (XSS) vulnerability in School Fees Management System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the main_settings component in the phone, address, bank, acc_name, acc_number parameters, new_class and cname parameter, add_new_parent function in the name email parameters, new_term function in the tname parameter, and the edit_student function in the name parameter.
</code>
- [geraldoalcantara/CVE-2023-51800](https://github.com/geraldoalcantara/CVE-2023-51800)
### CVE-2023-51801 (-)
### CVE-2023-51801 (2024-02-28)
<code>SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the id parameter in the student_form.php and the class_form.php pages.
</code>
- [geraldoalcantara/CVE-2023-51801](https://github.com/geraldoalcantara/CVE-2023-51801)
### CVE-2023-51802 (-)
### CVE-2023-51802 (2024-02-28)
<code>Cross Site Scripting (XSS) vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the page or class_month parameter in the /php-attendance/attendance_report component.
</code>
@ -10911,6 +10918,7 @@
- [acfirthh/CVE-2022-26134](https://github.com/acfirthh/CVE-2022-26134)
- [yTxZx/CVE-2022-26134](https://github.com/yTxZx/CVE-2022-26134)
- [DARKSTUFF-LAB/-CVE-2022-26134](https://github.com/DARKSTUFF-LAB/-CVE-2022-26134)
- [404fu/CVE-2022-26134-POC](https://github.com/404fu/CVE-2022-26134-POC)
### CVE-2022-26135 (2022-06-30)
@ -28638,6 +28646,13 @@
- [tarantula-team/CVE-2019-12543](https://github.com/tarantula-team/CVE-2019-12543)
### CVE-2019-12550 (2019-06-17)
<code>WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded users and passwords that can be used to login via SSH and TELNET.
</code>
- [itwizardo/CVE-2019-12550](https://github.com/itwizardo/CVE-2019-12550)
### CVE-2019-12562 (2019-09-26)
<code>Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 allows remote attackers to store and embed the malicious script into the admin notification page. The exploit could be used to perfom any action with admin privileges such as managing content, adding users, uploading backdoors to the server, etc. Successful exploitation occurs when an admin user visits a notification page with stored cross-site scripting.
@ -39900,13 +39915,6 @@
- [hartwork/mpacktrafficripper](https://github.com/hartwork/mpacktrafficripper)
### CVE-2011-5325 (2017-08-07)
<code>Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current working directory via a symlink.
</code>
- [itwizardo/CVE-2011-5325](https://github.com/itwizardo/CVE-2011-5325)
### CVE-2011-5331 (2019-11-18)
<code>Distributed Ruby (aka DRuby) 1.8 mishandles instance_eval.