mirror of
https://github.com/nomi-sec/PoC-in-GitHub.git
synced 2025-01-26 01:24:10 +01:00
Auto Update 2024/12/13 00:32:02
This commit is contained in:
parent
145ce69511
commit
b53a2bb950
20 changed files with 137 additions and 65 deletions
|
@ -46,7 +46,7 @@
|
|||
"fork": false,
|
||||
"created_at": "2023-03-30T06:39:25Z",
|
||||
"updated_at": "2023-11-15T05:13:25Z",
|
||||
"pushed_at": "2024-11-21T18:34:33Z",
|
||||
"pushed_at": "2024-12-12T23:55:36Z",
|
||||
"stargazers_count": 0,
|
||||
"watchers_count": 0,
|
||||
"has_discussions": false,
|
||||
|
|
|
@ -76,10 +76,10 @@
|
|||
"description": "Unsigned driver loader using CVE-2018-19320",
|
||||
"fork": false,
|
||||
"created_at": "2022-11-12T05:48:13Z",
|
||||
"updated_at": "2024-12-12T12:16:18Z",
|
||||
"updated_at": "2024-12-12T20:58:15Z",
|
||||
"pushed_at": "2023-04-09T13:50:29Z",
|
||||
"stargazers_count": 211,
|
||||
"watchers_count": 211,
|
||||
"stargazers_count": 212,
|
||||
"watchers_count": 212,
|
||||
"has_discussions": false,
|
||||
"forks_count": 57,
|
||||
"allow_forking": true,
|
||||
|
@ -88,7 +88,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 57,
|
||||
"watchers": 211,
|
||||
"watchers": 212,
|
||||
"score": 0,
|
||||
"subscribers_count": 9
|
||||
}
|
||||
|
|
|
@ -324,8 +324,8 @@
|
|||
"description": "This repo contains both the exploit and the explaination of how this vulnerability is exploited",
|
||||
"fork": false,
|
||||
"created_at": "2024-12-11T13:33:42Z",
|
||||
"updated_at": "2024-12-12T16:25:42Z",
|
||||
"pushed_at": "2024-12-12T16:25:38Z",
|
||||
"updated_at": "2024-12-12T20:40:34Z",
|
||||
"pushed_at": "2024-12-12T20:40:30Z",
|
||||
"stargazers_count": 0,
|
||||
"watchers_count": 0,
|
||||
"has_discussions": false,
|
||||
|
@ -338,6 +338,6 @@
|
|||
"forks": 0,
|
||||
"watchers": 0,
|
||||
"score": 0,
|
||||
"subscribers_count": 0
|
||||
"subscribers_count": 1
|
||||
}
|
||||
]
|
|
@ -107,10 +107,10 @@
|
|||
"description": "PoC for Zerologon - all research credits go to Tom Tervoort of Secura",
|
||||
"fork": false,
|
||||
"created_at": "2020-09-14T16:56:51Z",
|
||||
"updated_at": "2024-12-11T16:14:44Z",
|
||||
"updated_at": "2024-12-12T21:54:29Z",
|
||||
"pushed_at": "2020-11-03T09:45:24Z",
|
||||
"stargazers_count": 1198,
|
||||
"watchers_count": 1198,
|
||||
"stargazers_count": 1199,
|
||||
"watchers_count": 1199,
|
||||
"has_discussions": false,
|
||||
"forks_count": 288,
|
||||
"allow_forking": true,
|
||||
|
@ -119,7 +119,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 288,
|
||||
"watchers": 1198,
|
||||
"watchers": 1199,
|
||||
"score": 0,
|
||||
"subscribers_count": 34
|
||||
},
|
||||
|
|
|
@ -45,10 +45,10 @@
|
|||
"description": "CVE-2021-1732 Microsoft Windows 10 本地提权漏 研究及Poc\/Exploit开发",
|
||||
"fork": false,
|
||||
"created_at": "2021-03-08T05:07:15Z",
|
||||
"updated_at": "2024-11-22T03:14:35Z",
|
||||
"updated_at": "2024-12-12T23:39:03Z",
|
||||
"pushed_at": "2021-03-08T11:41:19Z",
|
||||
"stargazers_count": 80,
|
||||
"watchers_count": 80,
|
||||
"stargazers_count": 81,
|
||||
"watchers_count": 81,
|
||||
"has_discussions": false,
|
||||
"forks_count": 27,
|
||||
"allow_forking": true,
|
||||
|
@ -57,7 +57,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 27,
|
||||
"watchers": 80,
|
||||
"watchers": 81,
|
||||
"score": 0,
|
||||
"subscribers_count": 2
|
||||
},
|
||||
|
|
|
@ -3749,10 +3749,10 @@
|
|||
"description": "A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 ",
|
||||
"fork": false,
|
||||
"created_at": "2021-12-13T03:57:50Z",
|
||||
"updated_at": "2024-12-11T22:08:09Z",
|
||||
"updated_at": "2024-12-12T21:22:23Z",
|
||||
"pushed_at": "2022-11-23T18:23:24Z",
|
||||
"stargazers_count": 3405,
|
||||
"watchers_count": 3405,
|
||||
"stargazers_count": 3404,
|
||||
"watchers_count": 3404,
|
||||
"has_discussions": true,
|
||||
"forks_count": 740,
|
||||
"allow_forking": true,
|
||||
|
@ -3761,7 +3761,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 740,
|
||||
"watchers": 3405,
|
||||
"watchers": 3404,
|
||||
"score": 0,
|
||||
"subscribers_count": 55
|
||||
},
|
||||
|
|
|
@ -14,10 +14,10 @@
|
|||
"description": "CVE-2022-27499",
|
||||
"fork": false,
|
||||
"created_at": "2022-01-07T03:45:41Z",
|
||||
"updated_at": "2024-04-09T14:45:26Z",
|
||||
"updated_at": "2024-12-12T20:41:30Z",
|
||||
"pushed_at": "2023-01-16T14:30:40Z",
|
||||
"stargazers_count": 1,
|
||||
"watchers_count": 1,
|
||||
"stargazers_count": 2,
|
||||
"watchers_count": 2,
|
||||
"has_discussions": false,
|
||||
"forks_count": 1,
|
||||
"allow_forking": true,
|
||||
|
@ -32,7 +32,7 @@
|
|||
],
|
||||
"visibility": "public",
|
||||
"forks": 1,
|
||||
"watchers": 1,
|
||||
"watchers": 2,
|
||||
"score": 0,
|
||||
"subscribers_count": 3
|
||||
}
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
"fork": false,
|
||||
"created_at": "2024-11-15T22:21:16Z",
|
||||
"updated_at": "2024-11-15T22:24:28Z",
|
||||
"pushed_at": "2024-11-22T21:38:50Z",
|
||||
"pushed_at": "2024-12-12T21:02:01Z",
|
||||
"stargazers_count": 0,
|
||||
"watchers_count": 0,
|
||||
"has_discussions": false,
|
||||
|
|
|
@ -76,10 +76,10 @@
|
|||
"description": "Reverse Shell POC exploit for Dolibarr <= 17.0.0 (CVE-2023-30253), PHP Code Injection",
|
||||
"fork": false,
|
||||
"created_at": "2024-05-27T15:10:12Z",
|
||||
"updated_at": "2024-12-06T04:48:34Z",
|
||||
"updated_at": "2024-12-12T20:32:55Z",
|
||||
"pushed_at": "2024-05-28T15:10:20Z",
|
||||
"stargazers_count": 37,
|
||||
"watchers_count": 37,
|
||||
"stargazers_count": 36,
|
||||
"watchers_count": 36,
|
||||
"has_discussions": false,
|
||||
"forks_count": 5,
|
||||
"allow_forking": true,
|
||||
|
@ -88,7 +88,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 5,
|
||||
"watchers": 37,
|
||||
"watchers": 36,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
},
|
||||
|
|
|
@ -60,5 +60,36 @@
|
|||
"watchers": 0,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
},
|
||||
{
|
||||
"id": 902533209,
|
||||
"name": "Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028",
|
||||
"full_name": "0xDTC\/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028",
|
||||
"owner": {
|
||||
"login": "0xDTC",
|
||||
"id": 95960398,
|
||||
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4",
|
||||
"html_url": "https:\/\/github.com\/0xDTC",
|
||||
"user_view_type": "public"
|
||||
},
|
||||
"html_url": "https:\/\/github.com\/0xDTC\/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028",
|
||||
"description": "CVE-2023-40028 affects Ghost, an open source content management system, where versions prior to 5.59.1 allow authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system.",
|
||||
"fork": false,
|
||||
"created_at": "2024-12-12T18:50:58Z",
|
||||
"updated_at": "2024-12-12T19:30:34Z",
|
||||
"pushed_at": "2024-12-12T19:30:30Z",
|
||||
"stargazers_count": 0,
|
||||
"watchers_count": 0,
|
||||
"has_discussions": false,
|
||||
"forks_count": 0,
|
||||
"allow_forking": true,
|
||||
"is_template": false,
|
||||
"web_commit_signoff_required": false,
|
||||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 0,
|
||||
"watchers": 0,
|
||||
"score": 0,
|
||||
"subscribers_count": 0
|
||||
}
|
||||
]
|
|
@ -14,10 +14,10 @@
|
|||
"description": "For V8CTF M122",
|
||||
"fork": false,
|
||||
"created_at": "2024-08-25T12:08:54Z",
|
||||
"updated_at": "2024-11-18T10:55:45Z",
|
||||
"updated_at": "2024-12-12T23:59:01Z",
|
||||
"pushed_at": "2024-08-25T12:42:14Z",
|
||||
"stargazers_count": 10,
|
||||
"watchers_count": 10,
|
||||
"stargazers_count": 11,
|
||||
"watchers_count": 11,
|
||||
"has_discussions": false,
|
||||
"forks_count": 2,
|
||||
"allow_forking": true,
|
||||
|
@ -26,7 +26,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 2,
|
||||
"watchers": 10,
|
||||
"watchers": 11,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
}
|
||||
|
|
|
@ -45,10 +45,10 @@
|
|||
"description": "Windows LPE",
|
||||
"fork": false,
|
||||
"created_at": "2024-06-11T08:03:29Z",
|
||||
"updated_at": "2024-12-04T12:14:02Z",
|
||||
"updated_at": "2024-12-12T23:45:20Z",
|
||||
"pushed_at": "2024-06-11T20:41:59Z",
|
||||
"stargazers_count": 108,
|
||||
"watchers_count": 108,
|
||||
"stargazers_count": 109,
|
||||
"watchers_count": 109,
|
||||
"has_discussions": false,
|
||||
"forks_count": 23,
|
||||
"allow_forking": true,
|
||||
|
@ -57,7 +57,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 23,
|
||||
"watchers": 108,
|
||||
"watchers": 109,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
},
|
||||
|
|
33
2024/CVE-2024-38998.json
Normal file
33
2024/CVE-2024-38998.json
Normal file
|
@ -0,0 +1,33 @@
|
|||
[
|
||||
{
|
||||
"id": 902615056,
|
||||
"name": "PP_CVE-2024-38998",
|
||||
"full_name": "AlbedoPrime\/PP_CVE-2024-38998",
|
||||
"owner": {
|
||||
"login": "AlbedoPrime",
|
||||
"id": 128452420,
|
||||
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128452420?v=4",
|
||||
"html_url": "https:\/\/github.com\/AlbedoPrime",
|
||||
"user_view_type": "public"
|
||||
},
|
||||
"html_url": "https:\/\/github.com\/AlbedoPrime\/PP_CVE-2024-38998",
|
||||
"description": "Uma vulnerabilidade (CVE-2024-38998) foi identificada na versão 2.3.6 do módulo JavaScript requirejs. Ela explora prototype pollution na função config, permitindo que invasores modifiquem Object.prototype com entradas maliciosas. Isso pode causar DoS, execução remota de código (RCE) ou XSS. A gravidade é crítica (CVSS 9.8). ",
|
||||
"fork": false,
|
||||
"created_at": "2024-12-12T23:19:44Z",
|
||||
"updated_at": "2024-12-12T23:21:00Z",
|
||||
"pushed_at": "2024-12-12T23:20:56Z",
|
||||
"stargazers_count": 0,
|
||||
"watchers_count": 0,
|
||||
"has_discussions": false,
|
||||
"forks_count": 0,
|
||||
"allow_forking": true,
|
||||
"is_template": false,
|
||||
"web_commit_signoff_required": false,
|
||||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 0,
|
||||
"watchers": 0,
|
||||
"score": 0,
|
||||
"subscribers_count": 0
|
||||
}
|
||||
]
|
|
@ -50,13 +50,13 @@
|
|||
"stargazers_count": 33,
|
||||
"watchers_count": 33,
|
||||
"has_discussions": false,
|
||||
"forks_count": 5,
|
||||
"forks_count": 6,
|
||||
"allow_forking": true,
|
||||
"is_template": false,
|
||||
"web_commit_signoff_required": false,
|
||||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 5,
|
||||
"forks": 6,
|
||||
"watchers": 33,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
|
|
|
@ -107,10 +107,10 @@
|
|||
"description": "POC for CVE-2024-42327, an authenticated SQL Injection in Zabbix through the user.get API Method",
|
||||
"fork": false,
|
||||
"created_at": "2024-12-07T21:25:40Z",
|
||||
"updated_at": "2024-12-11T00:48:46Z",
|
||||
"updated_at": "2024-12-12T22:27:55Z",
|
||||
"pushed_at": "2024-12-08T12:27:53Z",
|
||||
"stargazers_count": 1,
|
||||
"watchers_count": 1,
|
||||
"stargazers_count": 2,
|
||||
"watchers_count": 2,
|
||||
"has_discussions": false,
|
||||
"forks_count": 0,
|
||||
"allow_forking": true,
|
||||
|
@ -119,7 +119,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 0,
|
||||
"watchers": 1,
|
||||
"watchers": 2,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
},
|
||||
|
@ -169,8 +169,8 @@
|
|||
"description": "writeup cve-2024-42327",
|
||||
"fork": false,
|
||||
"created_at": "2024-12-12T01:32:26Z",
|
||||
"updated_at": "2024-12-12T18:15:09Z",
|
||||
"pushed_at": "2024-12-12T18:15:05Z",
|
||||
"updated_at": "2024-12-12T19:21:47Z",
|
||||
"pushed_at": "2024-12-12T19:21:44Z",
|
||||
"stargazers_count": 0,
|
||||
"watchers_count": 0,
|
||||
"has_discussions": false,
|
||||
|
|
|
@ -55,10 +55,10 @@
|
|||
"description": "based on [EQSTLab](https:\/\/github.com\/EQSTLab)",
|
||||
"fork": false,
|
||||
"created_at": "2024-12-04T15:51:40Z",
|
||||
"updated_at": "2024-12-11T16:49:18Z",
|
||||
"updated_at": "2024-12-12T23:58:51Z",
|
||||
"pushed_at": "2024-12-04T16:00:45Z",
|
||||
"stargazers_count": 2,
|
||||
"watchers_count": 2,
|
||||
"stargazers_count": 3,
|
||||
"watchers_count": 3,
|
||||
"has_discussions": false,
|
||||
"forks_count": 0,
|
||||
"allow_forking": true,
|
||||
|
@ -67,7 +67,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 0,
|
||||
"watchers": 2,
|
||||
"watchers": 3,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
}
|
||||
|
|
|
@ -14,19 +14,19 @@
|
|||
"description": "PoC for CVE-2024-48990",
|
||||
"fork": false,
|
||||
"created_at": "2024-11-20T18:41:25Z",
|
||||
"updated_at": "2024-12-12T13:17:01Z",
|
||||
"updated_at": "2024-12-12T20:25:15Z",
|
||||
"pushed_at": "2024-11-20T18:49:33Z",
|
||||
"stargazers_count": 89,
|
||||
"watchers_count": 89,
|
||||
"stargazers_count": 90,
|
||||
"watchers_count": 90,
|
||||
"has_discussions": false,
|
||||
"forks_count": 15,
|
||||
"forks_count": 16,
|
||||
"allow_forking": true,
|
||||
"is_template": false,
|
||||
"web_commit_signoff_required": false,
|
||||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 15,
|
||||
"watchers": 89,
|
||||
"forks": 16,
|
||||
"watchers": 90,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
},
|
||||
|
|
|
@ -14,19 +14,19 @@
|
|||
"description": "Cleo Unrestricted file upload and download PoC (CVE-2024-50623)",
|
||||
"fork": false,
|
||||
"created_at": "2024-12-11T14:19:55Z",
|
||||
"updated_at": "2024-12-12T15:14:47Z",
|
||||
"updated_at": "2024-12-12T19:41:32Z",
|
||||
"pushed_at": "2024-12-11T14:23:19Z",
|
||||
"stargazers_count": 11,
|
||||
"watchers_count": 11,
|
||||
"stargazers_count": 12,
|
||||
"watchers_count": 12,
|
||||
"has_discussions": false,
|
||||
"forks_count": 2,
|
||||
"forks_count": 3,
|
||||
"allow_forking": true,
|
||||
"is_template": false,
|
||||
"web_commit_signoff_required": false,
|
||||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 2,
|
||||
"watchers": 11,
|
||||
"forks": 3,
|
||||
"watchers": 12,
|
||||
"score": 0,
|
||||
"subscribers_count": 0
|
||||
}
|
||||
|
|
|
@ -14,10 +14,10 @@
|
|||
"description": "WP Popup Builder – Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_Add",
|
||||
"fork": false,
|
||||
"created_at": "2024-10-16T07:57:48Z",
|
||||
"updated_at": "2024-10-18T17:57:08Z",
|
||||
"updated_at": "2024-12-12T19:21:27Z",
|
||||
"pushed_at": "2024-10-16T07:59:43Z",
|
||||
"stargazers_count": 1,
|
||||
"watchers_count": 1,
|
||||
"stargazers_count": 2,
|
||||
"watchers_count": 2,
|
||||
"has_discussions": false,
|
||||
"forks_count": 0,
|
||||
"allow_forking": true,
|
||||
|
@ -26,7 +26,7 @@
|
|||
"topics": [],
|
||||
"visibility": "public",
|
||||
"forks": 0,
|
||||
"watchers": 1,
|
||||
"watchers": 2,
|
||||
"score": 0,
|
||||
"subscribers_count": 1
|
||||
}
|
||||
|
|
|
@ -5715,6 +5715,13 @@
|
|||
- [BBD-YZZ/CVE-2024-38856-RCE](https://github.com/BBD-YZZ/CVE-2024-38856-RCE)
|
||||
- [XiaomingX/cve-2024-38856-poc](https://github.com/XiaomingX/cve-2024-38856-poc)
|
||||
|
||||
### CVE-2024-38998 (2024-07-01)
|
||||
|
||||
<code>jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function config. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
|
||||
</code>
|
||||
|
||||
- [AlbedoPrime/PP_CVE-2024-38998](https://github.com/AlbedoPrime/PP_CVE-2024-38998)
|
||||
|
||||
### CVE-2024-39031 (2024-07-09)
|
||||
|
||||
<code>In Silverpeas Core <= 6.3.5, in Mes Agendas, a user can create new events and add them to their calendar. Additionally, users can invite others from the same domain, including administrators, to these events. A standard user can inject an XSS payload into the "Titre" and "Description" fields when creating an event and then add the administrator or any user to the event. When the invited user (victim) views their own profile, the payload will be executed on their side, even if they do not click on the event.
|
||||
|
@ -13248,6 +13255,7 @@
|
|||
|
||||
- [0xyassine/CVE-2023-40028](https://github.com/0xyassine/CVE-2023-40028)
|
||||
- [BBSynapse/CVE-2023-40028](https://github.com/BBSynapse/CVE-2023-40028)
|
||||
- [0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028](https://github.com/0xDTC/Ghost-5.58-Arbitrary-File-Read-CVE-2023-40028)
|
||||
|
||||
### CVE-2023-40031 (2023-08-25)
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue