mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-28 18:44:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2023/11/28 12:34:31

Browse source
This commit is contained in:
motikan2010-bot 2023-11-28 21:34:31 +09:00
parent 6996d24e74
commit b654a48d57
43 changed files with 292 additions and 319 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
2011/CVE-2011-2523.json
View file

@ -374,5 +374,42 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 724568768,
"name": "CVE-2011-2523-poc",
"full_name": "4m3rr0r\/CVE-2011-2523-poc",
"owner": {
"login": "4m3rr0r",
"id": 90191914,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/90191914?v=4",
"html_url": "https:\/\/github.com\/4m3rr0r"
},
"html_url": "https:\/\/github.com\/4m3rr0r\/CVE-2011-2523-poc",
"description": "Python exploit for CVE-2011-2523 (VSFTPD 2.3.4 Backdoor Command Execution)",
"fork": false,
"created_at": "2023-11-28T10:52:33Z",
"updated_at": "2023-11-28T11:03:46Z",
"pushed_at": "2023-11-28T10:55:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2011-2523",
"exploit",
"python",
"security",
"vsftpd-exploit"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2018/CVE-2018-9206.json
View file

@ -43,10 +43,10 @@
"description": "A weaponized version of CVE-2018-9206",
"fork": false,
"created_at": "2018-10-24T20:24:20Z",
"updated_at": "2023-09-04T10:29:44Z",
"updated_at": "2023-11-28T09:02:06Z",
"pushed_at": "2018-10-30T01:48:42Z",
"stargazers_count": 61,
"watchers_count": 61,
"stargazers_count": 62,
"watchers_count": 62,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 61,
"watchers": 62,
"score": 0,
"subscribers_count": 9
},

8
2019/CVE-2019-12725.json
View file

@ -43,10 +43,10 @@
"description": "漏洞POC、EXP合集持续更新。Apache Druid-任意文件读取CVE-2021-36749、ConfluenceRCECVE-2021-26084、ZeroShell防火墙RCECVE-2019-12725、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露",
"fork": false,
"created_at": "2021-05-22T05:06:33Z",
"updated_at": "2023-10-17T07:58:11Z",
"updated_at": "2023-11-28T11:29:19Z",
"pushed_at": "2021-11-21T10:34:06Z",
"stargazers_count": 149,
"watchers_count": 149,
"stargazers_count": 150,
"watchers_count": 150,
"has_discussions": false,
"forks_count": 34,
"allow_forking": true,
@ -59,7 +59,7 @@
],
"visibility": "public",
"forks": 34,
"watchers": 149,
"watchers": 150,
"score": 0,
"subscribers_count": 4
},

8
2019/CVE-2019-17558.json
View file

@ -43,10 +43,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2023-11-28T02:43:57Z",
"updated_at": "2023-11-28T11:55:46Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 3932,
"watchers_count": 3932,
"stargazers_count": 3933,
"watchers_count": 3933,
"has_discussions": false,
"forks_count": 1096,
"allow_forking": true,
@ -75,7 +75,7 @@
],
"visibility": "public",
"forks": 1096,
"watchers": 3932,
"watchers": 3933,
"score": 0,
"subscribers_count": 155
},

30
2019/CVE-2019-3462.json
View file

@ -1,34 +1,4 @@
[
{
"id": 167275161,
"name": "check_CVE-2019-3462",
"full_name": "tonejito\/check_CVE-2019-3462",
"owner": {
"login": "tonejito",
"id": 618588,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/618588?v=4",
"html_url": "https:\/\/github.com\/tonejito"
},
"html_url": "https:\/\/github.com\/tonejito\/check_CVE-2019-3462",
"description": "Check @Debian and @Ubuntu #GNU \/ #Linux for CVE-2019-3462 in APT",
"fork": false,
"created_at": "2019-01-24T00:30:15Z",
"updated_at": "2023-09-28T10:57:49Z",
"pushed_at": "2019-01-26T01:21:36Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 3,
"score": 0,
"subscribers_count": 3
},
{
"id": 170573944,
"name": "update-apt-package",

32
2019/CVE-2019-6263.json
View file

@ -1,32 +0,0 @@
[
{
"id": 166368513,
"name": "CVE-2019-6263-Joomla-POC",
"full_name": "praveensutar\/CVE-2019-6263-Joomla-POC",
"owner": {
"login": "praveensutar",
"id": 12555214,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12555214?v=4",
"html_url": "https:\/\/github.com\/praveensutar"
},
"html_url": "https:\/\/github.com\/praveensutar\/CVE-2019-6263-Joomla-POC",
"description": null,
"fork": false,
"created_at": "2019-01-18T08:10:11Z",
"updated_at": "2023-01-10T03:19:58Z",
"pushed_at": "2019-01-19T04:29:22Z",
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}
]

32
2019/CVE-2019-6487.json
View file

@ -1,32 +0,0 @@
[
{
"id": 166241615,
"name": "TP-Link-WDR-Router-Command-injection_POC",
"full_name": "afang5472\/TP-Link-WDR-Router-Command-injection_POC",
"owner": {
"login": "afang5472",
"id": 18503100,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18503100?v=4",
"html_url": "https:\/\/github.com\/afang5472"
},
"html_url": "https:\/\/github.com\/afang5472\/TP-Link-WDR-Router-Command-injection_POC",
"description": "CVE-2019-6487. A command injection vulnerability in TP-Link WDR5620 Series up to verion 3.",
"fork": false,
"created_at": "2019-01-17T14:44:12Z",
"updated_at": "2023-11-09T03:28:09Z",
"pushed_at": "2019-01-19T10:49:21Z",
"stargazers_count": 37,
"watchers_count": 37,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 17,
"watchers": 37,
"score": 0,
"subscribers_count": 2
}
]

8
2020/CVE-2020-0041.json
View file

@ -13,10 +13,10 @@
"description": "Exploits for Android Binder bug CVE-2020-0041",
"fork": false,
"created_at": "2020-03-31T17:53:57Z",
"updated_at": "2023-11-22T13:21:41Z",
"updated_at": "2023-11-28T08:31:03Z",
"pushed_at": "2020-04-08T08:55:30Z",
"stargazers_count": 208,
"watchers_count": 208,
"stargazers_count": 209,
"watchers_count": 209,
"has_discussions": false,
"forks_count": 70,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 70,
"watchers": 208,
"watchers": 209,
"score": 0,
"subscribers_count": 11
},

8
2020/CVE-2020-14882.json
View file

@ -13,10 +13,10 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
"updated_at": "2023-11-28T02:43:57Z",
"updated_at": "2023-11-28T11:55:46Z",
"pushed_at": "2021-04-04T09:13:57Z",
"stargazers_count": 3932,
"watchers_count": 3932,
"stargazers_count": 3933,
"watchers_count": 3933,
"has_discussions": false,
"forks_count": 1096,
"allow_forking": true,
@ -45,7 +45,7 @@
],
"visibility": "public",
"forks": 1096,
"watchers": 3932,
"watchers": 3933,
"score": 0,
"subscribers_count": 155
},

8
2021/CVE-2021-22205.json
View file

@ -133,10 +133,10 @@
"description": "CVE-2021-22205& GitLab CE\/EE RCE",
"fork": false,
"created_at": "2021-10-29T04:30:45Z",
"updated_at": "2023-11-27T02:25:58Z",
"updated_at": "2023-11-28T07:39:05Z",
"pushed_at": "2022-11-16T08:14:33Z",
"stargazers_count": 244,
"watchers_count": 244,
"stargazers_count": 245,
"watchers_count": 245,
"has_discussions": false,
"forks_count": 101,
"allow_forking": true,
@ -147,7 +147,7 @@
],
"visibility": "public",
"forks": 101,
"watchers": 244,
"watchers": 245,
"score": 0,
"subscribers_count": 3
},

8
2021/CVE-2021-23017.json
View file

@ -43,10 +43,10 @@
"description": "PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017",
"fork": false,
"created_at": "2022-06-30T04:39:58Z",
"updated_at": "2023-11-26T16:46:00Z",
"updated_at": "2023-11-28T06:29:50Z",
"pushed_at": "2023-11-12T16:29:03Z",
"stargazers_count": 65,
"watchers_count": 65,
"stargazers_count": 66,
"watchers_count": 66,
"has_discussions": false,
"forks_count": 17,
"allow_forking": true,
@ -58,7 +58,7 @@
],
"visibility": "public",
"forks": 17,
"watchers": 65,
"watchers": 66,
"score": 0,
"subscribers_count": 1
},

16
2021/CVE-2021-3493.json
View file

@ -13,10 +13,10 @@
"description": "Ubuntu OverlayFS Local Privesc",
"fork": false,
"created_at": "2021-04-19T20:07:01Z",
"updated_at": "2023-11-24T10:37:42Z",
"updated_at": "2023-11-28T07:57:22Z",
"pushed_at": "2021-09-28T04:08:43Z",
"stargazers_count": 379,
"watchers_count": 379,
"stargazers_count": 380,
"watchers_count": 380,
"has_discussions": false,
"forks_count": 130,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 130,
"watchers": 379,
"watchers": 380,
"score": 0,
"subscribers_count": 4
},
@ -133,10 +133,10 @@
"description": "CVE-2021-3493 Ubuntu OverlayFS Local Privesc (Interactive Bash Shell & Execute Command Entered)",
"fork": false,
"created_at": "2021-07-07T06:16:48Z",
"updated_at": "2023-11-27T02:30:49Z",
"updated_at": "2023-11-28T11:35:41Z",
"pushed_at": "2021-07-07T07:19:03Z",
"stargazers_count": 32,
"watchers_count": 32,
"stargazers_count": 33,
"watchers_count": 33,
"has_discussions": false,
"forks_count": 8,
"allow_forking": true,
@ -151,7 +151,7 @@
],
"visibility": "public",
"forks": 8,
"watchers": 32,
"watchers": 33,
"score": 0,
"subscribers_count": 1
},

8
2021/CVE-2021-36749.json
View file

@ -13,10 +13,10 @@
"description": "漏洞POC、EXP合集持续更新。Apache Druid-任意文件读取CVE-2021-36749、ConfluenceRCECVE-2021-26084、ZeroShell防火墙RCECVE-2019-12725、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露",
"fork": false,
"created_at": "2021-05-22T05:06:33Z",
"updated_at": "2023-10-17T07:58:11Z",
"updated_at": "2023-11-28T11:29:19Z",
"pushed_at": "2021-11-21T10:34:06Z",
"stargazers_count": 149,
"watchers_count": 149,
"stargazers_count": 150,
"watchers_count": 150,
"has_discussions": false,
"forks_count": 34,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 34,
"watchers": 149,
"watchers": 150,
"score": 0,
"subscribers_count": 4
},

8
2022/CVE-2022-1040.json
View file

@ -82,10 +82,10 @@
"description": "CVE-2022-1040",
"fork": false,
"created_at": "2022-09-25T15:15:01Z",
"updated_at": "2023-11-18T03:11:19Z",
"updated_at": "2023-11-28T07:20:18Z",
"pushed_at": "2022-09-25T15:15:44Z",
"stargazers_count": 15,
"watchers_count": 15,
"stargazers_count": 16,
"watchers_count": 16,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -94,7 +94,7 @@
"topics": [],
"visibility": "public",
"forks": 5,
"watchers": 15,
"watchers": 16,
"score": 0,
"subscribers_count": 1
},

2
2022/CVE-2022-20452.json
View file

@ -13,7 +13,7 @@
"description": "Exploit for CVE-2022-20452, privilege escalation on Android from installed app to system app (or another app) via LazyValue using Parcel after recycle()",
"fork": false,
"created_at": "2023-01-10T16:24:51Z",
"updated_at": "2023-11-22T16:08:35Z",
"updated_at": "2023-11-28T10:50:47Z",
"pushed_at": "2023-04-12T17:28:49Z",
"stargazers_count": 240,
"watchers_count": 240,

8
2022/CVE-2022-21882.json
View file

@ -73,10 +73,10 @@
"description": null,
"fork": false,
"created_at": "2022-02-03T11:25:14Z",
"updated_at": "2023-11-24T14:56:18Z",
"updated_at": "2023-11-28T06:54:41Z",
"pushed_at": "2022-02-04T02:20:47Z",
"stargazers_count": 193,
"watchers_count": 193,
"stargazers_count": 192,
"watchers_count": 192,
"has_discussions": false,
"forks_count": 52,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 52,
"watchers": 193,
"watchers": 192,
"score": 0,
"subscribers_count": 5
},

8
2022/CVE-2022-23648.json
View file

@ -13,10 +13,10 @@
"description": "POC for CVE-2022-23648",
"fork": false,
"created_at": "2022-03-25T19:43:59Z",
"updated_at": "2023-09-28T11:37:22Z",
"updated_at": "2023-11-28T06:53:28Z",
"pushed_at": "2022-03-29T09:55:15Z",
"stargazers_count": 36,
"watchers_count": 36,
"stargazers_count": 37,
"watchers_count": 37,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 36,
"watchers": 37,
"score": 0,
"subscribers_count": 3
}

4
2022/CVE-2022-2588.json
View file

@ -48,13 +48,13 @@
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 3,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"forks": 4,
"watchers": 1,
"score": 0,
"subscribers_count": 0

14
2022/CVE-2022-30190.json
View file

@ -2519,19 +2519,19 @@
"description": "An automated attack chain based on CVE-2022-30190, 163 email backdoor, and image steganography.",
"fork": false,
"created_at": "2023-11-28T03:47:32Z",
"updated_at": "2023-11-28T03:49:03Z",
"pushed_at": "2023-11-28T03:48:58Z",
"stargazers_count": 0,
"watchers_count": 0,
"updated_at": "2023-11-28T07:49:28Z",
"pushed_at": "2023-11-28T10:16:25Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"forks": 2,
"watchers": 1,
"score": 0,
"subscribers_count": 0
}

2
2022/CVE-2022-42889.json
View file

@ -93,7 +93,7 @@
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"web_commit_signoff_required": true,
"topics": [],
"visibility": "public",
"forks": 0,

12
2022/CVE-2022-44268.json
View file

@ -290,12 +290,12 @@
"description": "CVE-2022-44268 ImageMagick Arbitrary File Read - Proof of Concept exploit",
"fork": false,
"created_at": "2023-02-13T02:00:51Z",
"updated_at": "2023-11-19T09:51:38Z",
"updated_at": "2023-11-28T09:45:40Z",
"pushed_at": "2023-03-27T15:18:49Z",
"stargazers_count": 16,
"watchers_count": 16,
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -314,8 +314,8 @@
"webapplicationhacking"
],
"visibility": "public",
"forks": 5,
"watchers": 16,
"forks": 6,
"watchers": 17,
"score": 0,
"subscribers_count": 1
},

12
2022/CVE-2022-4510.json
View file

@ -43,19 +43,19 @@
"description": "A Python script for generating exploits targeting CVE-2022-4510 RCE Binwalk. It supports SSH, command execution, and reverse shell options. Exploits are saved in PNG format. Ideal for testing and demonstrations.",
"fork": false,
"created_at": "2023-06-27T02:20:13Z",
"updated_at": "2023-11-19T14:00:33Z",
"updated_at": "2023-11-28T11:42:38Z",
"pushed_at": "2023-06-27T02:29:26Z",
"stargazers_count": 10,
"watchers_count": 10,
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 2,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 10,
"forks": 3,
"watchers": 12,
"score": 0,
"subscribers_count": 1
},

24
2022/CVE-2022-46689.json
View file

@ -13,10 +13,10 @@
"description": "Get root on macOS 13.0.1 with CVE-2022-46689 (macOS equivalent of the Dirty Cow bug), using the testcase extracted from Apple's XNU source.",
"fork": false,
"created_at": "2022-12-17T16:45:24Z",
"updated_at": "2023-11-26T18:30:26Z",
"updated_at": "2023-11-28T07:08:37Z",
"pushed_at": "2022-12-21T17:53:19Z",
"stargazers_count": 369,
"watchers_count": 369,
"stargazers_count": 370,
"watchers_count": 370,
"has_discussions": false,
"forks_count": 32,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 32,
"watchers": 369,
"watchers": 370,
"score": 0,
"subscribers_count": 11
},
@ -73,10 +73,10 @@
"description": "Proof-of-concept app to overwrite fonts on iOS using CVE-2022-46689.",
"fork": false,
"created_at": "2022-12-26T06:56:35Z",
"updated_at": "2023-11-18T10:10:48Z",
"updated_at": "2023-11-28T08:59:04Z",
"pushed_at": "2023-08-02T09:35:14Z",
"stargazers_count": 852,
"watchers_count": 852,
"stargazers_count": 853,
"watchers_count": 853,
"has_discussions": false,
"forks_count": 71,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 71,
"watchers": 852,
"watchers": 853,
"score": 0,
"subscribers_count": 25
},
@ -133,10 +133,10 @@
"description": "CVE-2022-46689",
"fork": false,
"created_at": "2023-01-03T21:46:37Z",
"updated_at": "2023-10-14T07:59:09Z",
"updated_at": "2023-11-28T07:48:09Z",
"pushed_at": "2023-01-19T08:04:02Z",
"stargazers_count": 58,
"watchers_count": 58,
"stargazers_count": 60,
"watchers_count": 60,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -145,7 +145,7 @@
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 58,
"watchers": 60,
"score": 0,
"subscribers_count": 3
},

8
2023/CVE-2023-1671.json
View file

@ -43,10 +43,10 @@
"description": "CVE-2023-1671-POC, based on dnslog platform",
"fork": false,
"created_at": "2023-04-24T15:53:42Z",
"updated_at": "2023-11-22T01:52:47Z",
"updated_at": "2023-11-28T07:20:02Z",
"pushed_at": "2023-04-26T02:40:41Z",
"stargazers_count": 18,
"watchers_count": 18,
"stargazers_count": 19,
"watchers_count": 19,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
@ -57,7 +57,7 @@
],
"visibility": "public",
"forks": 4,
"watchers": 18,
"watchers": 19,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-25136.json
View file

@ -73,10 +73,10 @@
"description": "OpenSSH 9.1 vulnerability mass scan and exploit",
"fork": false,
"created_at": "2023-02-22T19:44:08Z",
"updated_at": "2023-11-24T20:32:06Z",
"updated_at": "2023-11-28T09:25:36Z",
"pushed_at": "2023-03-07T10:43:36Z",
"stargazers_count": 101,
"watchers_count": 101,
"stargazers_count": 102,
"watchers_count": 102,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -85,7 +85,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 101,
"watchers": 102,
"score": 0,
"subscribers_count": 2
},

47
2023/CVE-2023-25157.json
View file

@ -184,5 +184,52 @@
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 724490342,
"name": "Geoserver-CVE-2023-25157",
"full_name": "dr-cable-tv\/Geoserver-CVE-2023-25157",
"owner": {
"login": "dr-cable-tv",
"id": 152005084,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/152005084?v=4",
"html_url": "https:\/\/github.com\/dr-cable-tv"
},
"html_url": "https:\/\/github.com\/dr-cable-tv\/Geoserver-CVE-2023-25157",
"description": "Geoserver SQL Injection Exploit",
"fork": false,
"created_at": "2023-11-28T07:23:00Z",
"updated_at": "2023-11-28T10:06:33Z",
"pushed_at": "2023-11-28T10:07:24Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cql",
"cve-2023-25157",
"exploit",
"geoserver",
"geotools",
"posgresql",
"postgres",
"python",
"python3",
"rce",
"rce-exploit",
"sql",
"sqli",
"vulner",
"vulnerability-detection",
"vulnerability-scanners"
],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2023/CVE-2023-2640.json
View file

@ -13,10 +13,10 @@
"description": "CVE-2023-2640 CVE-2023-32629",
"fork": false,
"created_at": "2023-08-15T19:07:02Z",
"updated_at": "2023-10-22T20:41:10Z",
"updated_at": "2023-11-28T10:29:27Z",
"pushed_at": "2023-08-15T19:49:07Z",
"stargazers_count": 7,
"watchers_count": 7,
"stargazers_count": 8,
"watchers_count": 8,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 7,
"watchers": 8,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-27524.json
View file

@ -13,10 +13,10 @@
"description": "Basic PoC for CVE-2023-27524: Insecure Default Configuration in Apache Superset",
"fork": false,
"created_at": "2023-04-25T04:59:05Z",
"updated_at": "2023-11-28T05:44:48Z",
"updated_at": "2023-11-28T07:48:30Z",
"pushed_at": "2023-09-09T01:20:49Z",
"stargazers_count": 81,
"watchers_count": 81,
"stargazers_count": 82,
"watchers_count": 82,
"has_discussions": false,
"forks_count": 27,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 27,
"watchers": 81,
"watchers": 82,
"score": 0,
"subscribers_count": 6
},

8
2023/CVE-2023-2928.json
View file

@ -13,10 +13,10 @@
"description": "DedeCMS文件包含漏洞导致后台getshell(CVE-2023-2928)复现",
"fork": false,
"created_at": "2023-10-10T08:46:17Z",
"updated_at": "2023-10-10T08:46:18Z",
"updated_at": "2023-11-28T06:56:45Z",
"pushed_at": "2023-10-10T08:46:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

38
2023/CVE-2023-29336.json
View file

@ -18,49 +18,15 @@
"stargazers_count": 14,
"watchers_count": 14,
"has_discussions": false,
"forks_count": 11,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 11,
"forks": 12,
"watchers": 14,
"score": 0,
"subscribers_count": 1
},
{
"id": 671598522,
"name": "p0ropc",
"full_name": "ayhan-dev\/p0ropc",
"owner": {
"login": "ayhan-dev",
"id": 82941858,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82941858?v=4",
"html_url": "https:\/\/github.com\/ayhan-dev"
},
"html_url": "https:\/\/github.com\/ayhan-dev\/p0ropc",
"description": "CVE-2023-29336",
"fork": false,
"created_at": "2023-07-27T17:28:41Z",
"updated_at": "2023-11-25T14:59:50Z",
"pushed_at": "2023-09-23T14:30:41Z",
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"ayhan",
"cpp",
"windows"
],
"visibility": "public",
"forks": 2,
"watchers": 5,
"score": 0,
"subscribers_count": 1
}
]

8
2023/CVE-2023-3452.json
View file

@ -13,10 +13,10 @@
"description": "Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)",
"fork": false,
"created_at": "2023-11-05T16:33:32Z",
"updated_at": "2023-11-26T12:24:31Z",
"updated_at": "2023-11-28T07:09:55Z",
"pushed_at": "2023-11-24T12:55:00Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}

30
2023/CVE-2023-36025.json
View file

@ -28,5 +28,35 @@
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 724561877,
"name": "test_CVE-2023-36025",
"full_name": "J466Y\/test_CVE-2023-36025",
"owner": {
"login": "J466Y",
"id": 61787998,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/61787998?v=4",
"html_url": "https:\/\/github.com\/J466Y"
},
"html_url": "https:\/\/github.com\/J466Y\/test_CVE-2023-36025",
"description": "test repo for CVE-2023-36025",
"fork": false,
"created_at": "2023-11-28T10:34:50Z",
"updated_at": "2023-11-28T10:35:35Z",
"pushed_at": "2023-11-28T11:44:25Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2023/CVE-2023-36427.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 76,
"watchers_count": 76,
"has_discussions": false,
"forks_count": 13,
"forks_count": 14,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 13,
"forks": 14,
"watchers": 76,
"score": 0,
"subscribers_count": 3

8
2023/CVE-2023-36802.json
View file

@ -13,10 +13,10 @@
"description": "LPE exploit for CVE-2023-36802",
"fork": false,
"created_at": "2023-10-09T17:32:15Z",
"updated_at": "2023-11-24T09:13:57Z",
"updated_at": "2023-11-28T08:31:58Z",
"pushed_at": "2023-10-10T17:44:17Z",
"stargazers_count": 135,
"watchers_count": 135,
"stargazers_count": 136,
"watchers_count": 136,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 38,
"watchers": 135,
"watchers": 136,
"score": 0,
"subscribers_count": 5
},

32
2023/CVE-2023-391.json
View file

@ -1,32 +0,0 @@
[
{
"id": 711261762,
"name": "CVE-2023-391",
"full_name": "ayhan-dev\/CVE-2023-391",
"owner": {
"login": "ayhan-dev",
"id": 82941858,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82941858?v=4",
"html_url": "https:\/\/github.com\/ayhan-dev"
},
"html_url": "https:\/\/github.com\/ayhan-dev\/CVE-2023-391",
"description": null,
"fork": false,
"created_at": "2023-10-28T17:39:36Z",
"updated_at": "2023-10-28T17:45:41Z",
"pushed_at": "2023-10-29T16:58:06Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}
]

4
2023/CVE-2023-41991.json
View file

@ -18,13 +18,13 @@
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"forks": 1,
"watchers": 0,
"score": 0,
"subscribers_count": 0

16
2023/CVE-2023-4357.json
View file

@ -13,10 +13,10 @@
"description": "全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞 EXP, 实现对访客者本地文件窃取. Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors.",
"fork": false,
"created_at": "2023-11-17T10:32:31Z",
"updated_at": "2023-11-28T03:54:03Z",
"updated_at": "2023-11-28T11:50:16Z",
"pushed_at": "2023-11-21T10:45:58Z",
"stargazers_count": 134,
"watchers_count": 134,
"stargazers_count": 139,
"watchers_count": 139,
"has_discussions": false,
"forks_count": 24,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 24,
"watchers": 134,
"watchers": 139,
"score": 0,
"subscribers_count": 2
},
@ -43,10 +43,10 @@
"description": "Apt style exploitation of Chrome 0day CVE-2023-4357",
"fork": false,
"created_at": "2023-11-19T22:20:10Z",
"updated_at": "2023-11-25T05:45:02Z",
"updated_at": "2023-11-28T08:27:55Z",
"pushed_at": "2023-11-20T01:02:44Z",
"stargazers_count": 30,
"watchers_count": 30,
"stargazers_count": 31,
"watchers_count": 31,
"has_discussions": false,
"forks_count": 19,
"allow_forking": true,
@ -55,7 +55,7 @@
"topics": [],
"visibility": "public",
"forks": 19,
"watchers": 30,
"watchers": 31,
"score": 0,
"subscribers_count": 3
},

8
2023/CVE-2023-44487.json
View file

@ -13,10 +13,10 @@
"description": "Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487",
"fork": false,
"created_at": "2023-10-10T14:20:42Z",
"updated_at": "2023-11-27T13:22:26Z",
"updated_at": "2023-11-28T07:45:52Z",
"pushed_at": "2023-10-14T16:43:31Z",
"stargazers_count": 193,
"watchers_count": 193,
"stargazers_count": 194,
"watchers_count": 194,
"has_discussions": false,
"forks_count": 41,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 41,
"watchers": 193,
"watchers": 194,
"score": 0,
"subscribers_count": 6
},

4
2023/CVE-2023-46604.json
View file

@ -230,13 +230,13 @@
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"forks": 2,
"watchers": 2,
"score": 0,
"subscribers_count": 1

8
2023/CVE-2023-49103.json
View file

@ -13,10 +13,10 @@
"description": "PoC for the CVE-2023-49103",
"fork": false,
"created_at": "2023-11-22T17:00:23Z",
"updated_at": "2023-11-27T06:54:47Z",
"updated_at": "2023-11-28T10:48:24Z",
"pushed_at": "2023-11-22T17:04:34Z",
"stargazers_count": 14,
"watchers_count": 14,
"stargazers_count": 15,
"watchers_count": 15,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
@ -25,7 +25,7 @@
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 14,
"watchers": 15,
"score": 0,
"subscribers_count": 1
}

2
2023/CVE-2023-49313.json
View file

@ -14,7 +14,7 @@
"fork": false,
"created_at": "2023-11-27T23:59:35Z",
"updated_at": "2023-11-27T23:59:35Z",
"pushed_at": "2023-11-27T23:59:35Z",
"pushed_at": "2023-11-28T10:35:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

32
2023/CVE-2023-49314.json Normal file
View file

@ -0,0 +1,32 @@
[
{
"id": 724563642,
"name": "CVE-2023-49314",
"full_name": "louiselalanne\/CVE-2023-49314",
"owner": {
"login": "louiselalanne",
"id": 100588945,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100588945?v=4",
"html_url": "https:\/\/github.com\/louiselalanne"
},
"html_url": "https:\/\/github.com\/louiselalanne\/CVE-2023-49314",
"description": "Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and enableNodeCliInspectArguments, and thus r3ggi\/electroniz3r can be used to perform an attack.",
"fork": false,
"created_at": "2023-11-28T10:39:19Z",
"updated_at": "2023-11-28T10:39:20Z",
"pushed_at": "2023-11-28T11:48:48Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

25
README.md
View file

@ -146,9 +146,6 @@
- [seifallahhomrani1/CVE-2023-0861-POC](https://github.com/seifallahhomrani1/CVE-2023-0861-POC)
### CVE-2023-391
- [ayhan-dev/CVE-2023-391](https://github.com/ayhan-dev/CVE-2023-391)
### CVE-2023-1112 (2023-03-01)
<code>Es wurde eine kritische Schwachstelle in Drag and Drop Multiple File Upload Contact Form 7 5.0.6.1 für WordPress ausgemacht. Es geht dabei um eine nicht klar definierte Funktion der Datei admin-ajax.php. Durch Manipulation des Arguments upload_name mit unbekannten Daten kann eine relative path traversal-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung.
@ -1774,6 +1771,7 @@
- [murataydemir/CVE-2023-25157-and-CVE-2023-25158](https://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158)
- [7imbitz/CVE-2023-25157-checker](https://github.com/7imbitz/CVE-2023-25157-checker)
- [Rubikcuv5/CVE-2023-25157](https://github.com/Rubikcuv5/CVE-2023-25157)
- [dr-cable-tv/Geoserver-CVE-2023-25157](https://github.com/dr-cable-tv/Geoserver-CVE-2023-25157)
### CVE-2023-25194 (2023-02-07)
@ -2324,7 +2322,6 @@
</code>
- [m-cetin/CVE-2023-29336](https://github.com/m-cetin/CVE-2023-29336)
- [ayhan-dev/p0ropc](https://github.com/ayhan-dev/p0ropc)
### CVE-2023-29343 (2023-05-09)
@ -3594,6 +3591,7 @@
</code>
- [ka7ana/CVE-2023-36025](https://github.com/ka7ana/CVE-2023-36025)
- [J466Y/test_CVE-2023-36025](https://github.com/J466Y/test_CVE-2023-36025)
### CVE-2023-36076 (2023-09-01)
@ -5477,6 +5475,9 @@
### CVE-2023-49313
- [louiselalanne/CVE-2023-49313](https://github.com/louiselalanne/CVE-2023-49313)
### CVE-2023-49314
- [louiselalanne/CVE-2023-49314](https://github.com/louiselalanne/CVE-2023-49314)
### CVE-2023-51504
- [Sybelle03/CVE-2023-51504](https://github.com/Sybelle03/CVE-2023-51504)
@ -24176,7 +24177,6 @@
<code>Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
</code>
- [tonejito/check_CVE-2019-3462](https://github.com/tonejito/check_CVE-2019-3462)
- [atilacastro/update-apt-package](https://github.com/atilacastro/update-apt-package)
### CVE-2019-3663 (2019-11-13)
@ -24492,13 +24492,6 @@
- [nikitapbst/cve-2019-6260](https://github.com/nikitapbst/cve-2019-6260)
### CVE-2019-6263 (2019-01-16)
<code>An issue was discovered in Joomla! before 3.9.2. Inadequate checks of the Global Configuration Text Filter settings allowed stored XSS.
</code>
- [praveensutar/CVE-2019-6263-Joomla-POC](https://github.com/praveensutar/CVE-2019-6263-Joomla-POC)
### CVE-2019-6329 (2019-06-25)
<code>HP Support Assistant 8.7.50 and earlier allows a user to gain system privilege and allows unauthorized modification of directories or files. Note: A different vulnerability than CVE-2019-6328.
@ -24575,13 +24568,6 @@
- [knqyf263/CVE-2019-6467](https://github.com/knqyf263/CVE-2019-6467)
### CVE-2019-6487 (2019-01-18)
<code>TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3.0) are affected by command injection (after login) leading to remote code execution, because shell metacharacters can be included in the weather get_weather_observe citycode field.
</code>
- [afang5472/TP-Link-WDR-Router-Command-injection_POC](https://github.com/afang5472/TP-Link-WDR-Router-Command-injection_POC)
### CVE-2019-6690 (2019-03-17)
<code>python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended. To perform the attack, the passphrase to gnupg must be controlled by the adversary and the ciphertext should be trusted. Related to a &quot;CWE-20: Improper Input Validation&quot; issue affecting the affect functionality component.
@ -36701,6 +36687,7 @@
- [Lynk4/CVE-2011-2523](https://github.com/Lynk4/CVE-2011-2523)
- [vaishnavucv/CVE-2011-2523](https://github.com/vaishnavucv/CVE-2011-2523)
- [chleba124/vsftpd-exploit](https://github.com/chleba124/vsftpd-exploit)
- [4m3rr0r/CVE-2011-2523-poc](https://github.com/4m3rr0r/CVE-2011-2523-poc)
### CVE-2011-2894 (2011-10-04)