mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/12/26 00:31:44

Browse source
This commit is contained in:
motikan2010-bot 2024-12-26 09:31:44 +09:00
parent 348ae24698
commit a4fea4b262
14 changed files with 205 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

31
2011/CVE-2011-2523.json
View file

@ -648,5 +648,36 @@
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 908317555,
"name": "CVE-2011-2523",
"full_name": "NullBrunk\/CVE-2011-2523",
"owner": {
"login": "NullBrunk",
"id": 125673909,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/125673909?v=4",
"html_url": "https:\/\/github.com\/NullBrunk",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/NullBrunk\/CVE-2011-2523",
"description": "VsFTPd 2.3.4 Backdoor Command Execution",
"fork": false,
"created_at": "2024-12-25T18:04:10Z",
"updated_at": "2024-12-25T21:52:47Z",
"pushed_at": "2024-12-25T21:52:43Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

8
2021/CVE-2021-1675.json
View file

@ -178,10 +178,10 @@
"description": "Local Privilege Escalation Edition for CVE-2021-1675\/CVE-2021-34527",
"fork": false,
"created_at": "2021-07-01T09:47:13Z",
"updated_at": "2024-12-06T06:42:42Z",
"updated_at": "2024-12-25T21:21:44Z",
"pushed_at": "2021-07-05T06:46:12Z",
"stargazers_count": 331,
"watchers_count": 331,
"stargazers_count": 332,
"watchers_count": 332,
"has_discussions": false,
"forks_count": 79,
"allow_forking": true,
@ -199,7 +199,7 @@
],
"visibility": "public",
"forks": 79,
"watchers": 331,
"watchers": 332,
"score": 0,
"subscribers_count": 13
},

8
2021/CVE-2021-20323.json
View file

@ -14,10 +14,10 @@
"description": null,
"fork": false,
"created_at": "2022-12-07T21:15:23Z",
"updated_at": "2024-12-13T16:13:51Z",
"updated_at": "2024-12-25T21:52:30Z",
"pushed_at": "2022-12-07T21:26:44Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-46805.json
View file

@ -173,10 +173,10 @@
"description": "Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research",
"fork": false,
"created_at": "2024-01-19T02:23:13Z",
"updated_at": "2024-07-09T21:51:46Z",
"updated_at": "2024-12-25T19:19:03Z",
"pushed_at": "2024-01-19T03:17:13Z",
"stargazers_count": 11,
"watchers_count": 11,
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
@ -185,7 +185,7 @@
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 11,
"watchers": 12,
"score": 0,
"subscribers_count": 2
},

33
2024/CVE-2024-11281.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 908326183,
"name": "CVE-2024-11281",
"full_name": "McTavishSue\/CVE-2024-11281",
"owner": {
"login": "McTavishSue",
"id": 186207823,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186207823?v=4",
"html_url": "https:\/\/github.com\/McTavishSue",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/McTavishSue\/CVE-2024-11281",
"description": "Missing Authorization (CWE-862)",
"fork": false,
"created_at": "2024-12-25T18:38:46Z",
"updated_at": "2024-12-25T18:52:39Z",
"pushed_at": "2024-12-25T18:49:41Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
}
]

2
2024/CVE-2024-12209.json
View file

@ -45,7 +45,7 @@
"description": "Unauthenticated Local File Inclusion",
"fork": false,
"created_at": "2024-12-24T03:59:15Z",
"updated_at": "2024-12-24T04:20:00Z",
"updated_at": "2024-12-25T23:36:11Z",
"pushed_at": "2024-12-24T04:19:57Z",
"stargazers_count": 0,
"watchers_count": 0,

8
2024/CVE-2024-36401.json
View file

@ -207,10 +207,10 @@
"description": "GeoServer Remote Code Execution",
"fork": false,
"created_at": "2024-07-30T18:43:40Z",
"updated_at": "2024-12-12T06:28:21Z",
"updated_at": "2024-12-25T19:00:32Z",
"pushed_at": "2024-08-02T14:57:26Z",
"stargazers_count": 75,
"watchers_count": 75,
"stargazers_count": 76,
"watchers_count": 76,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
@ -219,7 +219,7 @@
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 75,
"watchers": 76,
"score": 0,
"subscribers_count": 1
},

70
2024/CVE-2024-50379.json
View file

@ -200,10 +200,10 @@
"description": "tomcat CVE-2024-50379\/CVE-2024-56337 条件竞争文件上传exp",
"fork": false,
"created_at": "2024-12-23T07:20:47Z",
"updated_at": "2024-12-25T17:35:51Z",
"updated_at": "2024-12-25T21:53:18Z",
"pushed_at": "2024-12-23T07:30:27Z",
"stargazers_count": 33,
"watchers_count": 33,
"stargazers_count": 35,
"watchers_count": 35,
"has_discussions": false,
"forks_count": 11,
"allow_forking": true,
@ -212,7 +212,7 @@
"topics": [],
"visibility": "public",
"forks": 11,
"watchers": 33,
"watchers": 35,
"score": 0,
"subscribers_count": 2
},
@ -277,5 +277,67 @@
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 908327097,
"name": "CVE-2024-50379-POC",
"full_name": "dragonked2\/CVE-2024-50379-POC",
"owner": {
"login": "dragonked2",
"id": 66541902,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/66541902?v=4",
"html_url": "https:\/\/github.com\/dragonked2",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/dragonked2\/CVE-2024-50379-POC",
"description": "This repository contains a Python script designed to exploit CVE-2024-50379, a vulnerability that allows attackers to upload a JSP shell to a vulnerable server and execute arbitrary commands remotely. This exploit is particularly useful when the \/uploads directory is either unprotected or not present on the target server.",
"fork": false,
"created_at": "2024-12-25T18:42:29Z",
"updated_at": "2024-12-25T19:01:14Z",
"pushed_at": "2024-12-25T19:01:10Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 908364457,
"name": "CVE-2024-50379",
"full_name": "bigb0x\/CVE-2024-50379",
"owner": {
"login": "bigb0x",
"id": 13532434,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4",
"html_url": "https:\/\/github.com\/bigb0x",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-50379",
"description": "Testing the latset Apache Tomcat CVE-2024-50379 Vuln",
"fork": false,
"created_at": "2024-12-25T21:50:16Z",
"updated_at": "2024-12-25T21:51:40Z",
"pushed_at": "2024-12-25T21:51:37Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-56145.json
View file

@ -14,10 +14,10 @@
"description": "Unauthenticated RCE on CraftCMS when PHP `register_argc_argv` config setting is enabled",
"fork": false,
"created_at": "2024-12-20T03:34:01Z",
"updated_at": "2024-12-25T18:13:04Z",
"updated_at": "2024-12-25T18:57:11Z",
"pushed_at": "2024-12-23T12:51:54Z",
"stargazers_count": 28,
"watchers_count": 28,
"stargazers_count": 29,
"watchers_count": 29,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 8,
"watchers": 28,
"watchers": 29,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-7954.json
View file

@ -14,10 +14,10 @@
"description": "Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12",
"fork": false,
"created_at": "2024-08-10T20:15:41Z",
"updated_at": "2024-10-29T09:54:56Z",
"updated_at": "2024-12-25T19:00:23Z",
"pushed_at": "2024-08-12T13:46:06Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 10,
"watchers_count": 10,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 9,
"watchers": 10,
"score": 0,
"subscribers_count": 2
},

8
2024/CVE-2024-8517.json
View file

@ -14,10 +14,10 @@
"description": "SPIP BigUp Plugin Unauthenticated RCE",
"fork": false,
"created_at": "2024-09-06T18:17:18Z",
"updated_at": "2024-10-21T13:18:26Z",
"updated_at": "2024-12-25T19:00:10Z",
"pushed_at": "2024-09-07T00:12:51Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-9474.json
View file

@ -14,10 +14,10 @@
"description": "PAN-OS auth bypass + RCE",
"fork": false,
"created_at": "2024-11-19T17:26:27Z",
"updated_at": "2024-12-20T20:40:35Z",
"updated_at": "2024-12-25T18:56:41Z",
"pushed_at": "2024-11-19T17:38:29Z",
"stargazers_count": 39,
"watchers_count": 39,
"stargazers_count": 40,
"watchers_count": 40,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 39,
"watchers": 40,
"score": 0,
"subscribers_count": 1
},

31
2024/CVE-2024-9935.json
View file

@ -67,5 +67,36 @@
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 908375813,
"name": "CVE-2024-9935",
"full_name": "Nxploited\/CVE-2024-9935",
"owner": {
"login": "Nxploited",
"id": 188819918,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/188819918?v=4",
"html_url": "https:\/\/github.com\/Nxploited",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Nxploited\/CVE-2024-9935",
"description": null,
"fork": false,
"created_at": "2024-12-25T22:59:07Z",
"updated_at": "2024-12-25T23:04:49Z",
"pushed_at": "2024-12-25T23:04:46Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

11
README.md
View file

@ -2006,6 +2006,7 @@
- [RandomRobbieBF/CVE-2024-9935](https://github.com/RandomRobbieBF/CVE-2024-9935)
- [verylazytech/CVE-2024-9935](https://github.com/verylazytech/CVE-2024-9935)
- [Nxploited/CVE-2024-9935](https://github.com/Nxploited/CVE-2024-9935)
### CVE-2024-9955 (2024-10-15)
@ -2248,6 +2249,13 @@
- [reinh3rz/CVE-2024-11252-Sassy-Social-Share-XSS](https://github.com/reinh3rz/CVE-2024-11252-Sassy-Social-Share-XSS)
### CVE-2024-11281 (2024-12-25)
<code>The WooCommerce Point of Sale plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 6.1.0. This is due to insufficient validation on the 'logged_in_user_id' value when option values are empty and the ability for attackers to change the email of arbitrary user accounts. This makes it possible for unauthenticated attackers to change the email of arbitrary user accounts, including administrators, and reset their password to gain access to the account.
</code>
- [McTavishSue/CVE-2024-11281](https://github.com/McTavishSue/CVE-2024-11281)
### CVE-2024-11318 (2024-11-18)
<code>An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifier on the &quot;/cgi-bin/ocap/&quot; endpoint.
@ -7170,6 +7178,8 @@
- [SleepingBag945/CVE-2024-50379](https://github.com/SleepingBag945/CVE-2024-50379)
- [dear-cell/CVE-2024-50379](https://github.com/dear-cell/CVE-2024-50379)
- [lizhianyuguangming/CVE-2024-50379-exp](https://github.com/lizhianyuguangming/CVE-2024-50379-exp)
- [dragonked2/CVE-2024-50379-POC](https://github.com/dragonked2/CVE-2024-50379-POC)
- [bigb0x/CVE-2024-50379](https://github.com/bigb0x/CVE-2024-50379)
### CVE-2024-50395 (2024-11-22)
@ -48910,6 +48920,7 @@
- [AnugiArrawwala/CVE-Research](https://github.com/AnugiArrawwala/CVE-Research)
- [Gill-Singh-A/vsFTP-2.3.4-Remote-Root-Shell-Exploit](https://github.com/Gill-Singh-A/vsFTP-2.3.4-Remote-Root-Shell-Exploit)
- [everythingBlackkk/vsFTPd-Backdoor-Exploit-CVE-2011-2523-](https://github.com/everythingBlackkk/vsFTPd-Backdoor-Exploit-CVE-2011-2523-)
- [NullBrunk/CVE-2011-2523](https://github.com/NullBrunk/CVE-2011-2523)
### CVE-2011-2894 (2011-10-04)