mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/12/14 12:32:03

Browse source
This commit is contained in:
motikan2010-bot 2024-12-14 21:32:03 +09:00
parent 4ec203285f
commit 866607cc27
29 changed files with 156 additions and 112 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2017/CVE-2017-5638.json
View file

@ -429,10 +429,10 @@
"description": "An exploit for Apache Struts CVE-2017-5638",
"fork": false,
"created_at": "2017-03-12T02:02:25Z",
"updated_at": "2024-11-20T11:10:17Z",
"updated_at": "2024-12-14T08:39:19Z",
"pushed_at": "2018-05-21T18:33:26Z",
"stargazers_count": 426,
"watchers_count": 426,
"stargazers_count": 427,
"watchers_count": 427,
"has_discussions": false,
"forks_count": 135,
"allow_forking": true,
@ -447,7 +447,7 @@
],
"visibility": "public",
"forks": 135,
"watchers": 426,
"watchers": 427,
"score": 0,
"subscribers_count": 22
},

8
2017/CVE-2017-9822.json
View file

@ -14,10 +14,10 @@
"description": "[CVE-2017-9822] DotNetNuke Cookie Deserialization Remote Code Execution (RCE)",
"fork": false,
"created_at": "2020-08-28T12:45:44Z",
"updated_at": "2024-11-18T05:51:27Z",
"updated_at": "2024-12-14T07:45:59Z",
"pushed_at": "2020-08-30T00:27:40Z",
"stargazers_count": 13,
"watchers_count": 13,
"stargazers_count": 14,
"watchers_count": 14,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 13,
"watchers": 14,
"score": 0,
"subscribers_count": 1
}

4
2018/CVE-2018-14847.json
View file

@ -272,13 +272,13 @@
"stargazers_count": 48,
"watchers_count": 48,
"has_discussions": false,
"forks_count": 22,
"forks_count": 21,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 22,
"forks": 21,
"watchers": 48,
"score": 0,
"subscribers_count": 3

31
2018/CVE-2018-9995.json
View file

@ -557,37 +557,6 @@
"score": 0,
"subscribers_count": 1
},
{
"id": 478772554,
"name": "CVE-2018-9995",
"full_name": "hoaan1995\/CVE-2018-9995",
"owner": {
"login": "hoaan1995",
"id": 91445089,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/91445089?v=4",
"html_url": "https:\/\/github.com\/hoaan1995",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/hoaan1995\/CVE-2018-9995",
"description": null,
"fork": false,
"created_at": "2022-04-07T00:37:26Z",
"updated_at": "2024-08-12T20:22:12Z",
"pushed_at": "2022-04-07T06:53:18Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 586982605,
"name": "DVRFaultNET",

8
2021/CVE-2021-22205.json
View file

@ -458,10 +458,10 @@
"description": "GitLab CE\/EE Preauth RCE using ExifTool",
"fork": false,
"created_at": "2021-11-11T04:34:07Z",
"updated_at": "2024-11-08T02:44:04Z",
"updated_at": "2024-12-14T11:47:23Z",
"pushed_at": "2022-01-16T15:54:14Z",
"stargazers_count": 220,
"watchers_count": 220,
"stargazers_count": 221,
"watchers_count": 221,
"has_discussions": false,
"forks_count": 39,
"allow_forking": true,
@ -477,7 +477,7 @@
],
"visibility": "public",
"forks": 39,
"watchers": 220,
"watchers": 221,
"score": 0,
"subscribers_count": 2
},

2
2021/CVE-2021-23017.json
View file

@ -45,7 +45,7 @@
"description": "PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017",
"fork": false,
"created_at": "2022-06-30T04:39:58Z",
"updated_at": "2024-11-09T09:01:23Z",
"updated_at": "2024-12-14T07:21:02Z",
"pushed_at": "2023-11-12T16:29:03Z",
"stargazers_count": 99,
"watchers_count": 99,

4
2021/CVE-2021-36934.json
View file

@ -148,13 +148,13 @@
"stargazers_count": 34,
"watchers_count": 34,
"has_discussions": false,
"forks_count": 16,
"forks_count": 17,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 16,
"forks": 17,
"watchers": 34,
"score": 0,
"subscribers_count": 2

8
2021/CVE-2021-4034.json
View file

@ -967,10 +967,10 @@
"description": "Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation",
"fork": false,
"created_at": "2022-01-26T14:26:10Z",
"updated_at": "2024-12-13T11:37:03Z",
"updated_at": "2024-12-14T08:39:40Z",
"pushed_at": "2022-06-21T14:52:05Z",
"stargazers_count": 1090,
"watchers_count": 1090,
"stargazers_count": 1091,
"watchers_count": 1091,
"has_discussions": false,
"forks_count": 190,
"allow_forking": true,
@ -981,7 +981,7 @@
],
"visibility": "public",
"forks": 190,
"watchers": 1090,
"watchers": 1091,
"score": 0,
"subscribers_count": 13
},

4
2022/CVE-2022-22963.json
View file

@ -883,13 +883,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 1

4
2022/CVE-2022-26488.json
View file

@ -19,13 +19,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 2

8
2022/CVE-2022-46689.json
View file

@ -107,10 +107,10 @@
"description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.",
"fork": false,
"created_at": "2022-12-26T06:56:35Z",
"updated_at": "2024-12-10T05:41:58Z",
"updated_at": "2024-12-14T08:59:23Z",
"pushed_at": "2023-08-02T09:35:14Z",
"stargazers_count": 883,
"watchers_count": 883,
"stargazers_count": 884,
"watchers_count": 884,
"has_discussions": false,
"forks_count": 73,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 73,
"watchers": 883,
"watchers": 884,
"score": 0,
"subscribers_count": 25
},

4
2023/CVE-2023-22515.json
View file

@ -799,8 +799,8 @@
"description": "CVE 2023-22515",
"fork": false,
"created_at": "2024-07-21T17:19:36Z",
"updated_at": "2024-07-24T15:04:55Z",
"pushed_at": "2024-07-24T15:04:52Z",
"updated_at": "2024-12-14T09:44:02Z",
"pushed_at": "2024-12-14T09:43:59Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2023/CVE-2023-32784.json
View file

@ -14,10 +14,10 @@
"description": "Original PoC for CVE-2023-32784",
"fork": false,
"created_at": "2023-05-01T17:08:55Z",
"updated_at": "2024-12-10T12:02:34Z",
"updated_at": "2024-12-14T08:13:04Z",
"pushed_at": "2023-08-17T19:26:55Z",
"stargazers_count": 629,
"watchers_count": 629,
"stargazers_count": 630,
"watchers_count": 630,
"has_discussions": false,
"forks_count": 57,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 57,
"watchers": 629,
"watchers": 630,
"score": 0,
"subscribers_count": 11
},

12
2023/CVE-2023-38709.json
View file

@ -14,12 +14,12 @@
"description": "Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709",
"fork": false,
"created_at": "2024-10-05T20:32:45Z",
"updated_at": "2024-12-13T17:07:21Z",
"updated_at": "2024-12-14T09:18:53Z",
"pushed_at": "2024-10-05T20:37:02Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -36,8 +36,8 @@
"cve-2024-39573"
],
"visibility": "public",
"forks": 5,
"watchers": 15,
"forks": 6,
"watchers": 17,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-38831.json
View file

@ -1010,10 +1010,10 @@
"description": "WinRAR cve-2023-38831-poc-generator",
"fork": false,
"created_at": "2023-11-07T04:14:04Z",
"updated_at": "2023-11-07T04:21:41Z",
"updated_at": "2024-12-14T11:06:26Z",
"pushed_at": "2023-11-07T05:24:44Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1022,7 +1022,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-4863.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2023-09-21T05:22:51Z",
"updated_at": "2024-11-01T16:02:36Z",
"updated_at": "2024-12-14T11:31:32Z",
"pushed_at": "2023-12-18T04:25:00Z",
"stargazers_count": 315,
"watchers_count": 315,
"stargazers_count": 314,
"watchers_count": 314,
"has_discussions": false,
"forks_count": 48,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 48,
"watchers": 315,
"watchers": 314,
"score": 0,
"subscribers_count": 15
},

8
2023/CVE-2023-4966.json
View file

@ -123,10 +123,10 @@
"description": "Proof Of Concept for te NetScaler Vuln",
"fork": false,
"created_at": "2023-10-25T12:37:56Z",
"updated_at": "2024-03-25T08:59:25Z",
"updated_at": "2024-12-14T08:11:39Z",
"pushed_at": "2023-10-25T08:29:35Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -135,7 +135,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 0
},

8
2023/CVE-2023-6319.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2023-6319 proof of concept",
"fork": false,
"created_at": "2024-04-11T18:58:17Z",
"updated_at": "2024-11-23T12:46:38Z",
"updated_at": "2024-12-14T07:45:13Z",
"pushed_at": "2024-10-17T11:18:46Z",
"stargazers_count": 36,
"watchers_count": 36,
"stargazers_count": 37,
"watchers_count": 37,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -31,7 +31,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 36,
"watchers": 37,
"score": 0,
"subscribers_count": 5
}

6
2024/CVE-2024-10124.json
View file

@ -19,15 +19,15 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-10220.json
View file

@ -121,6 +121,6 @@
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2024/CVE-2024-26229.json
View file

@ -59,7 +59,7 @@
"forks": 23,
"watchers": 109,
"score": 0,
"subscribers_count": 1
"subscribers_count": 2
},
{
"id": 814637832,

8
2024/CVE-2024-38063.json
View file

@ -451,10 +451,10 @@
"description": "This is a C language program designed to test the Windows TCP\/IP Remote Code Execution Vulnerability (CVE-2024-38063). It sends specially crafted IPv6 packets with embedded shellcode to exploit the vulnerability.",
"fork": false,
"created_at": "2024-09-01T09:20:02Z",
"updated_at": "2024-11-23T08:17:09Z",
"updated_at": "2024-12-14T11:26:03Z",
"pushed_at": "2024-09-08T07:12:26Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -463,7 +463,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 6,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},

12
2024/CVE-2024-38472.json
View file

@ -45,12 +45,12 @@
"description": "Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-38475 , CVE-2024-38474 , CVE-2024-38473 , CVE-2023-38709",
"fork": false,
"created_at": "2024-10-05T20:32:45Z",
"updated_at": "2024-12-13T17:07:21Z",
"updated_at": "2024-12-14T09:18:53Z",
"pushed_at": "2024-10-05T20:37:02Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -67,8 +67,8 @@
"cve-2024-39573"
],
"visibility": "public",
"forks": 5,
"watchers": 15,
"forks": 6,
"watchers": 17,
"score": 0,
"subscribers_count": 1
}

33
2024/CVE-2024-38819.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 903312018,
"name": "CVE-2024-38819-POC",
"full_name": "masa42\/CVE-2024-38819-POC",
"owner": {
"login": "masa42",
"id": 46730934,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/46730934?v=4",
"html_url": "https:\/\/github.com\/masa42",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/masa42\/CVE-2024-38819-POC",
"description": null,
"fork": false,
"created_at": "2024-12-14T09:22:33Z",
"updated_at": "2024-12-14T10:14:53Z",
"pushed_at": "2024-12-14T10:13:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2024/CVE-2024-4577.json
View file

@ -515,7 +515,7 @@
"stargazers_count": 24,
"watchers_count": 24,
"has_discussions": false,
"forks_count": 9,
"forks_count": 10,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -528,7 +528,7 @@
"redteam"
],
"visibility": "public",
"forks": 9,
"forks": 10,
"watchers": 24,
"score": 0,
"subscribers_count": 1

33
2024/CVE-2024-46982.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 903309507,
"name": "next_js_poisoning",
"full_name": "CodePontiff\/next_js_poisoning",
"owner": {
"login": "CodePontiff",
"id": 45843121,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45843121?v=4",
"html_url": "https:\/\/github.com\/CodePontiff",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/CodePontiff\/next_js_poisoning",
"description": " The CVE-2024-46982 is cache poisoning of next_js some site have API to load their image",
"fork": false,
"created_at": "2024-12-14T09:14:01Z",
"updated_at": "2024-12-14T09:43:01Z",
"pushed_at": "2024-12-14T09:42:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

6
2024/CVE-2024-53677.json
View file

@ -50,15 +50,15 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

6
2024/CVE-2024-55875.json
View file

@ -19,15 +19,15 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

11
README.md
View file

@ -5709,6 +5709,9 @@
- [Galaxy-system/cve-2024-38816](https://github.com/Galaxy-system/cve-2024-38816)
- [Anthony1078/App-vulnerable](https://github.com/Anthony1078/App-vulnerable)
### CVE-2024-38819
- [masa42/CVE-2024-38819-POC](https://github.com/masa42/CVE-2024-38819-POC)
### CVE-2024-38821 (2024-10-28)
<code>Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances.\n\nFor this to impact an application, all of the following must be true:\n\n * It must be a WebFlux application\n * It must be using Spring's static resources support\n * It must have a non-permitAll authorization rule applied to the static resources support
@ -6691,6 +6694,13 @@
- [devhaozi/CVE-2024-46901](https://github.com/devhaozi/CVE-2024-46901)
### CVE-2024-46982 (2024-09-17)
<code>Next.js is a React framework for building full-stack web applications. By sending a crafted HTTP request, it is possible to poison the cache of a non-dynamic server-side rendered route in the pages router (this does not affect the app router). When this crafted request is sent it could coerce Next.js to cache a route that is meant to not be cached and send a `Cache-Control: s-maxage=1, stale-while-revalidate` header which some upstream CDNs may cache as well. To be potentially affected all of the following must apply: 1. Next.js between 13.5.1 and 14.2.9, 2. Using pages router, &amp; 3. Using non-dynamic server-side rendered routes e.g. `pages/dashboard.tsx` not `pages/blog/[slug].tsx`. This vulnerability was resolved in Next.js v13.5.7, v14.2.10, and later. We recommend upgrading regardless of whether you can reproduce the issue or not. There are no official or recommended workarounds for this issue, we recommend that users patch to a safe version.
</code>
- [CodePontiff/next_js_poisoning](https://github.com/CodePontiff/next_js_poisoning)
### CVE-2024-46986 (2024-09-18)
<code>Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authenticated users to write arbitrary files to any location on the web server Camaleon CMS is running on (depending on the permissions of the underlying filesystem). E.g. This can lead to a delayed remote code execution in case an attacker is able to write a Ruby file into the config/initializers/ subfolder of the Ruby on Rails application. This issue has been addressed in release version 2.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
@ -40583,7 +40593,6 @@
- [kienquoc102/CVE-2018-9995-2](https://github.com/kienquoc102/CVE-2018-9995-2)
- [dearpan/cve-2018-9995](https://github.com/dearpan/cve-2018-9995)
- [LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995](https://github.com/LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995)
- [hoaan1995/CVE-2018-9995](https://github.com/hoaan1995/CVE-2018-9995)
- [ST0PL/DVRFaultNET](https://github.com/ST0PL/DVRFaultNET)
- [K3ysTr0K3R/CVE-2018-9995-EXPLOIT](https://github.com/K3ysTr0K3R/CVE-2018-9995-EXPLOIT)
- [Pab450/CVE-2018-9995](https://github.com/Pab450/CVE-2018-9995)