mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/08/07 18:32:11

Browse source
This commit is contained in:
motikan2010-bot 2023-08-08 03:32:11 +09:00
parent e0081af79f
commit a4780a2d3d
24 changed files with 230 additions and 59 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2002/CVE-2002-20001.json
View file

@ -13,10 +13,10 @@
"description": "D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.",
"fork": false,
"created_at": "2021-08-31T09:51:12Z",
"updated_at": "2023-07-25T18:09:59Z",
"updated_at": "2023-08-07T13:53:13Z",
"pushed_at": "2023-05-07T11:39:29Z",
"stargazers_count": 151,
"watchers_count": 151,
"stargazers_count": 152,
"watchers_count": 152,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 19,
"watchers": 151,
"watchers": 152,
"score": 0,
"subscribers_count": 7
}

2
2010/CVE-2010-2075.json
View file

@ -147,6 +147,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

30
2012/CVE-2012-5613.json
View file

@ -1,4 +1,34 @@
[
{
"id": 8106302,
"name": "MySQL-Fu.rb",
"full_name": "Hood3dRob1n\/MySQL-Fu.rb",
"owner": {
"login": "Hood3dRob1n",
"id": 1881344,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/1881344?v=4",
"html_url": "https:\/\/github.com\/Hood3dRob1n"
},
"html_url": "https:\/\/github.com\/Hood3dRob1n\/MySQL-Fu.rb",
"description": "MySQL-Fu is a Ruby based MySQL Client Script I wrote. It does most of the stuff a normal MySQL client might do: SQL Shell, Update\/Delete\/Drop Database\/Table, Add\/Delete Users, Dump Database(s)\/Table w\/ option for gzip...... Plus a few extra options to make life a little easier for pentests. Includes Several builtin PHP Command Shell options as well as Pentestmonkey's PHP Reverse Shell, in addition to multiple options for file writing and reading (all files read logged locally for offline analysis later), also includes Ruby port of Kingcope's CVE-2012-5613 Linux MySQL Privilege Escalation Exploit.",
"fork": false,
"created_at": "2013-02-09T04:59:43Z",
"updated_at": "2023-06-21T15:30:06Z",
"pushed_at": "2013-02-09T05:02:50Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 3
},
{
"id": 137385853,
"name": "UDFPwn-CVE-2012-5613",

32
2012/CVE-2012-5664.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 7420891,
"name": "rails-cve-2012-5664-test",
"full_name": "phusion\/rails-cve-2012-5664-test",
"owner": {
"login": "phusion",
"id": 830588,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/830588?v=4",
"html_url": "https:\/\/github.com\/phusion"
},
"html_url": "https:\/\/github.com\/phusion\/rails-cve-2012-5664-test",
"description": "Demo app showing how the Rails CVE-2013-5664 vulnerability works.",
"fork": false,
"created_at": "2013-01-03T10:07:27Z",
"updated_at": "2018-03-12T19:42:18Z",
"pushed_at": "2013-01-03T13:15:30Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 5
}
]

30
2013/CVE-2013-2028.json
View file

@ -29,6 +29,36 @@
"score": 0,
"subscribers_count": 4
},
{
"id": 54551843,
"name": "nginxpwn",
"full_name": "kitctf\/nginxpwn",
"owner": {
"login": "kitctf",
"id": 8018062,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8018062?v=4",
"html_url": "https:\/\/github.com\/kitctf"
},
"html_url": "https:\/\/github.com\/kitctf\/nginxpwn",
"description": "Exploitation Training -- CVE-2013-2028: Nginx Stack Based Buffer Overflow",
"fork": false,
"created_at": "2016-03-23T10:41:00Z",
"updated_at": "2023-07-27T08:57:59Z",
"pushed_at": "2016-03-23T12:05:38Z",
"stargazers_count": 54,
"watchers_count": 54,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 54,
"score": 0,
"subscribers_count": 6
},
{
"id": 200347068,
"name": "CVE-2013-2028-x64-bypass-ssp-and-pie-PoC",

8
2016/CVE-2016-5195.json
View file

@ -447,10 +447,10 @@
"description": "Dirty Cow exploit - CVE-2016-5195",
"fork": false,
"created_at": "2016-11-25T21:08:01Z",
"updated_at": "2023-08-07T08:43:28Z",
"updated_at": "2023-08-07T15:19:05Z",
"pushed_at": "2021-04-08T11:35:12Z",
"stargazers_count": 759,
"watchers_count": 759,
"stargazers_count": 760,
"watchers_count": 760,
"has_discussions": false,
"forks_count": 435,
"allow_forking": true,
@ -463,7 +463,7 @@
],
"visibility": "public",
"forks": 435,
"watchers": 759,
"watchers": 760,
"score": 0,
"subscribers_count": 11
},

8
2017/CVE-2017-0199.json
View file

@ -73,10 +73,10 @@
"description": "Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF\/PPSX file and deliver metasploit \/ meterpreter \/ other payload to victim without any complex configuration.",
"fork": false,
"created_at": "2017-04-17T08:10:07Z",
"updated_at": "2023-08-03T15:52:38Z",
"updated_at": "2023-08-07T16:18:27Z",
"pushed_at": "2017-11-19T11:01:16Z",
"stargazers_count": 704,
"watchers_count": 704,
"stargazers_count": 705,
"watchers_count": 705,
"has_discussions": false,
"forks_count": 290,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 290,
"watchers": 704,
"watchers": 705,
"score": 0,
"subscribers_count": 48
},

8
2017/CVE-2017-11882.json
View file

@ -133,10 +133,10 @@
"description": "CVE-2017-11882 Exploit accepts over 17k bytes long command\/code in maximum.",
"fork": false,
"created_at": "2017-11-21T15:22:41Z",
"updated_at": "2023-08-04T05:19:55Z",
"updated_at": "2023-08-07T16:22:17Z",
"pushed_at": "2017-12-06T12:47:31Z",
"stargazers_count": 311,
"watchers_count": 311,
"stargazers_count": 312,
"watchers_count": 312,
"has_discussions": false,
"forks_count": 99,
"allow_forking": true,
@ -150,7 +150,7 @@
],
"visibility": "public",
"forks": 99,
"watchers": 311,
"watchers": 312,
"score": 0,
"subscribers_count": 18
},

4
2018/CVE-2018-4087.json
View file

@ -18,7 +18,7 @@
"stargazers_count": 59,
"watchers_count": 59,
"has_discussions": false,
"forks_count": 25,
"forks_count": 26,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -26,7 +26,7 @@
"poc"
],
"visibility": "public",
"forks": 25,
"forks": 26,
"watchers": 59,
"score": 0,
"subscribers_count": 7

2
2018/CVE-2018-4416.json
View file

@ -27,6 +27,6 @@
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
"subscribers_count": 1
}
]

2
2019/CVE-2019-16097.json
View file

@ -147,7 +147,7 @@
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 2
"subscribers_count": 3
},
{
"id": 221669111,

2
2019/CVE-2019-16759.json
View file

@ -134,7 +134,7 @@
"forks": 4,
"watchers": 21,
"score": 0,
"subscribers_count": 3
"subscribers_count": 4
},
{
"id": 214698783,

8
2019/CVE-2019-6340.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2019-6340-Drupal SA-CORE-2019-003",
"fork": false,
"created_at": "2019-02-22T16:03:40Z",
"updated_at": "2022-07-22T10:51:14Z",
"updated_at": "2023-08-07T15:38:15Z",
"pushed_at": "2019-02-24T18:43:05Z",
"stargazers_count": 31,
"watchers_count": 31,
"stargazers_count": 32,
"watchers_count": 32,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 31,
"watchers": 32,
"score": 0,
"subscribers_count": 5
},

2
2020/CVE-2020-10560.json
View file

@ -44,7 +44,7 @@
"fork": false,
"created_at": "2020-03-28T22:09:39Z",
"updated_at": "2023-03-17T18:10:16Z",
"pushed_at": "2023-08-02T15:14:26Z",
"pushed_at": "2023-08-07T14:37:43Z",
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,

32
2022/CVE-2022-0952.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 675703857,
"name": "CVE-2022-0952",
"full_name": "RandomRobbieBF\/CVE-2022-0952",
"owner": {
"login": "RandomRobbieBF",
"id": 51722811,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4",
"html_url": "https:\/\/github.com\/RandomRobbieBF"
},
"html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2022-0952",
"description": "Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update",
"fork": false,
"created_at": "2023-08-07T14:28:11Z",
"updated_at": "2023-08-07T14:30:29Z",
"pushed_at": "2023-08-07T14:30:26Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2022/CVE-2022-22965.json
View file

@ -133,13 +133,13 @@
"stargazers_count": 303,
"watchers_count": 303,
"has_discussions": false,
"forks_count": 226,
"forks_count": 225,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 226,
"forks": 225,
"watchers": 303,
"score": 0,
"subscribers_count": 9

2
2022/CVE-2022-46689.json
View file

@ -398,7 +398,7 @@
"fork": false,
"created_at": "2023-04-16T03:33:38Z",
"updated_at": "2023-08-07T08:51:07Z",
"pushed_at": "2023-08-07T10:09:16Z",
"pushed_at": "2023-08-07T15:45:58Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,

8
2023/CVE-2023-20593.json
View file

@ -13,10 +13,10 @@
"description": "PowerShell script to apply Zenbleed (CVE-2023-20593) MSR workaround on Windows",
"fork": false,
"created_at": "2023-07-26T20:03:11Z",
"updated_at": "2023-08-04T17:20:05Z",
"updated_at": "2023-08-07T17:01:28Z",
"pushed_at": "2023-07-31T09:21:45Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0,
"subscribers_count": 4
},

8
2023/CVE-2023-23397.json
View file

@ -173,10 +173,10 @@
"description": null,
"fork": false,
"created_at": "2023-03-16T19:43:39Z",
"updated_at": "2023-08-06T22:47:42Z",
"updated_at": "2023-08-07T17:04:36Z",
"pushed_at": "2023-03-17T07:47:40Z",
"stargazers_count": 335,
"watchers_count": 335,
"stargazers_count": 336,
"watchers_count": 336,
"has_discussions": false,
"forks_count": 62,
"allow_forking": true,
@ -185,7 +185,7 @@
"topics": [],
"visibility": "public",
"forks": 62,
"watchers": 335,
"watchers": 336,
"score": 0,
"subscribers_count": 5
},

8
2023/CVE-2023-3269.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-3269: Linux kernel privilege escalation vulnerability",
"fork": false,
"created_at": "2023-06-28T13:22:26Z",
"updated_at": "2023-08-07T13:14:02Z",
"updated_at": "2023-08-07T15:32:47Z",
"pushed_at": "2023-07-28T13:20:45Z",
"stargazers_count": 374,
"watchers_count": 374,
"stargazers_count": 377,
"watchers_count": 377,
"has_discussions": false,
"forks_count": 36,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 36,
"watchers": 374,
"watchers": 377,
"score": 0,
"subscribers_count": 16
}

8
2023/CVE-2023-35078.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC",
"fork": false,
"created_at": "2023-07-29T05:06:27Z",
"updated_at": "2023-08-07T08:53:57Z",
"updated_at": "2023-08-07T14:42:31Z",
"pushed_at": "2023-07-29T16:58:16Z",
"stargazers_count": 88,
"watchers_count": 88,
"stargazers_count": 89,
"watchers_count": 89,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 88,
"watchers": 89,
"score": 0,
"subscribers_count": 4
},

26
2023/CVE-2023-3519.json
View file

@ -172,19 +172,19 @@
"description": "RCE exploit for CVE-2023-3519",
"fork": false,
"created_at": "2023-07-21T20:17:43Z",
"updated_at": "2023-08-07T13:53:20Z",
"updated_at": "2023-08-07T15:32:44Z",
"pushed_at": "2023-08-04T22:36:02Z",
"stargazers_count": 105,
"watchers_count": 105,
"stargazers_count": 108,
"watchers_count": 108,
"has_discussions": false,
"forks_count": 13,
"forks_count": 14,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 105,
"forks": 14,
"watchers": 108,
"score": 0,
"subscribers_count": 0
},
@ -292,19 +292,19 @@
"description": null,
"fork": false,
"created_at": "2023-08-06T23:17:18Z",
"updated_at": "2023-08-06T23:19:13Z",
"pushed_at": "2023-08-06T23:19:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"updated_at": "2023-08-07T15:16:41Z",
"pushed_at": "2023-08-07T15:09:12Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

32
2023/CVE-2023-39115.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 675741997,
"name": "CVE-2023-39115",
"full_name": "Raj789-sec\/CVE-2023-39115",
"owner": {
"login": "Raj789-sec",
"id": 60341862,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60341862?v=4",
"html_url": "https:\/\/github.com\/Raj789-sec"
},
"html_url": "https:\/\/github.com\/Raj789-sec\/CVE-2023-39115",
"description": "Campcodes Online Matrimonial Website System 3.3 Cross Site Scripting",
"fork": false,
"created_at": "2023-08-07T16:04:49Z",
"updated_at": "2023-08-07T16:04:49Z",
"pushed_at": "2023-08-07T16:27:57Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

15
README.md
View file

@ -2601,6 +2601,9 @@
### CVE-2023-38822
- [TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822](https://github.com/TraiLeR2/Corsair---DLL-Planting-CVE-2023-38822)
### CVE-2023-39115
- [Raj789-sec/CVE-2023-39115](https://github.com/Raj789-sec/CVE-2023-39115)
### CVE-2023-39144 (2023-08-02)
<code>Element55 KnowMore appliances version 21 and older was discovered to store passwords in plaintext.
@ -2913,6 +2916,13 @@
- [NathanMulbrook/CVE-2022-0918](https://github.com/NathanMulbrook/CVE-2022-0918)
### CVE-2022-0952 (2022-05-02)
<code>The Sitemap by click5 WordPress plugin before 1.0.36 does not have authorisation and CSRF checks when updating options via a REST endpoint, and does not ensure that the option to be updated belongs to the plugin. As a result, unauthenticated attackers could change arbitrary blog options, such as the users_can_register and default_role, allowing them to create a new admin account and take over the blog.
</code>
- [RandomRobbieBF/CVE-2022-0952](https://github.com/RandomRobbieBF/CVE-2022-0952)
### CVE-2022-0995 (2022-03-25)
<code>An out-of-bounds (OOB) memory write flaw was found in the Linux kernels watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
@ -32234,6 +32244,7 @@
</code>
- [danghvu/nginx-1.4.0](https://github.com/danghvu/nginx-1.4.0)
- [kitctf/nginxpwn](https://github.com/kitctf/nginxpwn)
- [tachibana51/CVE-2013-2028-x64-bypass-ssp-and-pie-PoC](https://github.com/tachibana51/CVE-2013-2028-x64-bypass-ssp-and-pie-PoC)
- [m4drat/CVE-2013-2028-Exploit](https://github.com/m4drat/CVE-2013-2028-Exploit)
- [mambroziak/docker-cve-2013-2028](https://github.com/mambroziak/docker-cve-2013-2028)
@ -32774,8 +32785,12 @@
<code>** DISPUTED ** MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
</code>
- [Hood3dRob1n/MySQL-Fu.rb](https://github.com/Hood3dRob1n/MySQL-Fu.rb)
- [w4fz5uck5/UDFPwn-CVE-2012-5613](https://github.com/w4fz5uck5/UDFPwn-CVE-2012-5613)
### CVE-2012-5664
- [phusion/rails-cve-2012-5664-test](https://github.com/phusion/rails-cve-2012-5664-test)
### CVE-2012-5958 (2013-01-31)
<code>Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction.