mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2021/02/14 00:10:10

Browse source
This commit is contained in:
motikan2010-bot 2021-02-14 00:10:10 +09:00
parent 9af7012130
commit a7394d7b01
13 changed files with 87 additions and 72 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2016/CVE-2016-1000027.json
View file

@ -13,7 +13,7 @@
"description": "PoC for CVE-2016-1000027",
"fork": false,
"created_at": "2021-02-01T19:46:51Z",
"updated_at": "2021-02-01T22:32:30Z",
"updated_at": "2021-02-13T09:17:36Z",
"pushed_at": "2021-02-01T22:30:53Z",
"stargazers_count": 0,
"watchers_count": 0,

8
2018/CVE-2018-5955.json
View file

@ -36,13 +36,13 @@
"description": "一款功能强大的漏洞扫描器子域名爆破使用aioDNSasyncio异步快速扫描覆盖目标全方位资产进行批量漏洞扫描中间件信息收集自动收集ip代理探测Waf信息时自动使用来保护本机真实Ip在本机Ip被Waf杀死后自动切换代理Ip进行扫描Waf信息收集(国内外100+款waf信息)包括安全狗云锁阿里云云盾腾讯云等提供部分已知waf bypass 方案,中间件漏洞检测(Thinkphp,weblogic等 CVE-2018-5955,CVE-2018-12613,CVE-2018-11759等)支持SQL注入, XSS, 命令执行,文件包含, ssrf 漏洞扫描, 支持自定义漏洞邮箱推送功能",
"fork": false,
"created_at": "2019-12-21T22:45:55Z",
"updated_at": "2021-02-13T08:07:33Z",
"updated_at": "2021-02-13T10:40:17Z",
"pushed_at": "2020-01-05T21:46:25Z",
"stargazers_count": 367,
"watchers_count": 367,
"stargazers_count": 366,
"watchers_count": 366,
"forks_count": 84,
"forks": 84,
"watchers": 367,
"watchers": 366,
"score": 0
}
]

25
2019/CVE-2019-15802.json
View file

@ -1,25 +0,0 @@
[
{
"id": 205449007,
"name": "CVE-2019-15802",
"full_name": "jasperla\/CVE-2019-15802",
"owner": {
"login": "jasperla",
"id": 637504,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/637504?v=4",
"html_url": "https:\/\/github.com\/jasperla"
},
"html_url": "https:\/\/github.com\/jasperla\/CVE-2019-15802",
"description": null,
"fork": false,
"created_at": "2019-08-30T20:00:06Z",
"updated_at": "2020-02-13T22:11:03Z",
"pushed_at": "2019-09-01T08:56:00Z",
"stargazers_count": 1,
"watchers_count": 1,
"forks_count": 1,
"forks": 1,
"watchers": 1,
"score": 0
}
]

8
2019/CVE-2019-17558.json
View file

@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2021-02-10T06:40:42Z",
"updated_at": "2021-02-13T14:09:16Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2332,
"watchers_count": 2332,
"stargazers_count": 2334,
"watchers_count": 2334,
"forks_count": 656,
"forks": 656,
"watchers": 2332,
"watchers": 2334,
"score": 0
},
{

8
2019/CVE-2019-5782.json
View file

@ -13,13 +13,13 @@
"description": "Full chain Chrome 71.0.3578.98 exploit",
"fork": false,
"created_at": "2020-12-18T21:57:26Z",
"updated_at": "2021-02-13T08:23:12Z",
"updated_at": "2021-02-13T11:43:08Z",
"pushed_at": "2020-12-18T22:12:57Z",
"stargazers_count": 6,
"watchers_count": 6,
"stargazers_count": 7,
"watchers_count": 7,
"forks_count": 0,
"forks": 0,
"watchers": 6,
"watchers": 7,
"score": 0
}
]

23
2019/CVE-2019-6340.json
View file

@ -1,4 +1,27 @@
[
{
"id": 172429144,
"name": "CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass",
"full_name": "DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass",
"owner": {
"login": "DevDungeon",
"id": 16630634,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16630634?v=4",
"html_url": "https:\/\/github.com\/DevDungeon"
},
"html_url": "https:\/\/github.com\/DevDungeon\/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass",
"description": "CVE-2019-6340 Drupal 8.6.9 REST Auth Bypass examples",
"fork": false,
"created_at": "2019-02-25T03:38:47Z",
"updated_at": "2020-05-30T04:32:25Z",
"pushed_at": "2019-02-25T03:47:37Z",
"stargazers_count": 3,
"watchers_count": 3,
"forks_count": 7,
"forks": 7,
"watchers": 3,
"score": 0
},
{
"id": 172458734,
"name": "CVE-2019-6340",

4
2020/CVE-2020-10148.json
View file

@ -63,8 +63,8 @@
"pushed_at": "2021-01-05T13:56:11Z",
"stargazers_count": 9,
"watchers_count": 9,
"forks_count": 2,
"forks": 2,
"forks_count": 3,
"forks": 3,
"watchers": 9,
"score": 0
}

8
2020/CVE-2020-14882.json
View file

@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2021-02-10T06:40:42Z",
"updated_at": "2021-02-13T14:09:16Z",
"pushed_at": "2020-11-07T05:55:00Z",
"stargazers_count": 2332,
"watchers_count": 2332,
"stargazers_count": 2334,
"watchers_count": 2334,
"forks_count": 656,
"forks": 656,
"watchers": 2332,
"watchers": 2334,
"score": 0
},
{

8
2021/CVE-2021-1782.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2021-02-10T14:38:05Z",
"updated_at": "2021-02-12T03:11:16Z",
"updated_at": "2021-02-13T11:55:38Z",
"pushed_at": "2021-02-10T14:39:04Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 10,
"watchers_count": 10,
"forks_count": 1,
"forks": 1,
"watchers": 9,
"watchers": 10,
"score": 0
}
]

23
2021/CVE-2021-25646.json
View file

@ -67,5 +67,28 @@
"forks": 0,
"watchers": 0,
"score": 0
},
{
"id": 338562736,
"name": "Apache-Druid-CVE-2021-25646",
"full_name": "Vulnmachines\/Apache-Druid-CVE-2021-25646",
"owner": {
"login": "Vulnmachines",
"id": 79006904,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79006904?v=4",
"html_url": "https:\/\/github.com\/Vulnmachines"
},
"html_url": "https:\/\/github.com\/Vulnmachines\/Apache-Druid-CVE-2021-25646",
"description": null,
"fork": false,
"created_at": "2021-02-13T11:48:35Z",
"updated_at": "2021-02-13T11:57:52Z",
"pushed_at": "2021-02-13T11:57:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"score": 0
}
]

8
2021/CVE-2021-26121.json
View file

@ -13,13 +13,13 @@
"description": null,
"fork": false,
"created_at": "2021-02-12T18:53:37Z",
"updated_at": "2021-02-12T19:27:37Z",
"updated_at": "2021-02-13T11:44:37Z",
"pushed_at": "2021-02-12T19:27:35Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 2,
"watchers_count": 2,
"forks_count": 0,
"forks": 0,
"watchers": 0,
"watchers": 2,
"score": 0
}
]

24
2021/CVE-2021-3156.json
View file

@ -335,13 +335,13 @@
"description": "PoC for CVE-2021-3156 (sudo heap overflow)",
"fork": false,
"created_at": "2021-01-30T03:22:04Z",
"updated_at": "2021-02-13T03:40:38Z",
"updated_at": "2021-02-13T14:25:02Z",
"pushed_at": "2021-02-08T03:42:50Z",
"stargazers_count": 322,
"watchers_count": 322,
"stargazers_count": 325,
"watchers_count": 325,
"forks_count": 89,
"forks": 89,
"watchers": 322,
"watchers": 325,
"score": 0
},
{
@ -726,13 +726,13 @@
"description": "Exploit for Sudo heap overflow (CVE-2021-3156) on Debain 10",
"fork": false,
"created_at": "2021-02-08T18:21:58Z",
"updated_at": "2021-02-12T04:27:05Z",
"updated_at": "2021-02-13T09:17:04Z",
"pushed_at": "2021-02-10T10:15:53Z",
"stargazers_count": 4,
"watchers_count": 4,
"stargazers_count": 5,
"watchers_count": 5,
"forks_count": 0,
"forks": 0,
"watchers": 4,
"watchers": 5,
"score": 0
},
{
@ -795,13 +795,13 @@
"description": "CVE-2021-3156非交互式执行命令",
"fork": false,
"created_at": "2021-02-09T19:25:18Z",
"updated_at": "2021-02-13T07:58:49Z",
"updated_at": "2021-02-13T15:13:29Z",
"pushed_at": "2021-02-09T19:31:33Z",
"stargazers_count": 84,
"watchers_count": 84,
"stargazers_count": 88,
"watchers_count": 88,
"forks_count": 9,
"forks": 9,
"watchers": 84,
"watchers": 88,
"score": 0
},
{

10
README.md
View file

@ -189,6 +189,7 @@ Apache Druid includes the ability to execute user-provided JavaScript code embed
- [yaunsky/cve-2021-25646](https://github.com/yaunsky/cve-2021-25646)
- [lp008/CVE-2021-25646](https://github.com/lp008/CVE-2021-25646)
- [AirEvan/CVE-2021-25646-GUI](https://github.com/AirEvan/CVE-2021-25646-GUI)
- [Vulnmachines/Apache-Druid-CVE-2021-25646](https://github.com/Vulnmachines/Apache-Druid-CVE-2021-25646)
### CVE-2021-26121
- [sourceincite/CVE-2021-26121](https://github.com/sourceincite/CVE-2021-26121)
@ -5045,6 +5046,7 @@ HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege a
Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)
</code>
- [DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass](https://github.com/DevDungeon/CVE-2019-6340-Drupal-8.6.9-REST-Auth-Bypass)
- [oways/CVE-2019-6340](https://github.com/oways/CVE-2019-6340)
- [cved-sources/cve-2019-6340](https://github.com/cved-sources/cve-2019-6340)
- [d1vious/cve-2019-6340-bits](https://github.com/d1vious/cve-2019-6340-bits)
@ -6763,14 +6765,6 @@ rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a
- [jas502n/CVE-2019-15642](https://github.com/jas502n/CVE-2019-15642)
### CVE-2019-15802 (2019-11-14)
<code>
An issue was discovered on Zyxel GS1900 devices with firmware before 2.50(AAHH.0)C0. The firmware hashes and encrypts passwords using a hardcoded cryptographic key in sal_util_str_encrypt() in libsal.so.0.0. The parameters (salt, IV, and key data) are used to encrypt and decrypt all passwords using AES256 in CBC mode. With the parameters known, all previously encrypted passwords can be decrypted. This includes the passwords that are part of configuration backups or otherwise embedded as part of the firmware.
</code>
- [jasperla/CVE-2019-15802](https://github.com/jasperla/CVE-2019-15802)
### CVE-2019-15813 (2019-09-04)
<code>