mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/12/29 18:31:31

Browse source
This commit is contained in:
motikan2010-bot 2024-12-30 03:31:31 +09:00
parent 00584df127
commit d77673b55e
26 changed files with 132 additions and 92 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
2018/CVE-2018-6789.json
View file

@ -90,7 +90,7 @@
"forks": 6,
"watchers": 9,
"score": 0,
"subscribers_count": 4
"subscribers_count": 5
},
{
"id": 244424491,

8
2019/CVE-2019-12725.json
View file

@ -45,10 +45,10 @@
"description": "漏洞POC、EXP合集持续更新。Apache Druid-任意文件读取CVE-2021-36749、ConfluenceRCECVE-2021-26084、ZeroShell防火墙RCECVE-2019-12725、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露",
"fork": false,
"created_at": "2021-05-22T05:06:33Z",
"updated_at": "2024-12-25T09:28:14Z",
"updated_at": "2024-12-29T13:52:13Z",
"pushed_at": "2021-11-21T10:34:06Z",
"stargazers_count": 170,
"watchers_count": 170,
"stargazers_count": 169,
"watchers_count": 169,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -61,7 +61,7 @@
],
"visibility": "public",
"forks": 38,
"watchers": 170,
"watchers": 169,
"score": 0,
"subscribers_count": 5
},

8
2020/CVE-2020-0796.json
View file

@ -2331,15 +2331,15 @@
{
"id": 646702161,
"name": "CVE-2020-0796",
"full_name": "Ajomix\/CVE-2020-0796",
"full_name": "dungnm24\/CVE-2020-0796",
"owner": {
"login": "Ajomix",
"login": "dungnm24",
"id": 57254763,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57254763?v=4",
"html_url": "https:\/\/github.com\/Ajomix",
"html_url": "https:\/\/github.com\/dungnm24",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Ajomix\/CVE-2020-0796",
"html_url": "https:\/\/github.com\/dungnm24\/CVE-2020-0796",
"description": "WindowsProtocolTestSuites is to trigger BSoD, and full exploit poc.",
"fork": false,
"created_at": "2023-05-29T06:31:51Z",

8
2021/CVE-2021-21985.json
View file

@ -145,10 +145,10 @@
"description": "cve-2021-21985 exploit",
"fork": false,
"created_at": "2021-06-03T12:17:06Z",
"updated_at": "2024-11-21T01:00:36Z",
"updated_at": "2024-12-29T12:18:20Z",
"pushed_at": "2022-01-10T07:01:58Z",
"stargazers_count": 113,
"watchers_count": 113,
"stargazers_count": 114,
"watchers_count": 114,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -157,7 +157,7 @@
"topics": [],
"visibility": "public",
"forks": 38,
"watchers": 113,
"watchers": 114,
"score": 0,
"subscribers_count": 4
},

8
2021/CVE-2021-36749.json
View file

@ -14,10 +14,10 @@
"description": "漏洞POC、EXP合集持续更新。Apache Druid-任意文件读取CVE-2021-36749、ConfluenceRCECVE-2021-26084、ZeroShell防火墙RCECVE-2019-12725、ApacheSolr任意文件读取、蓝凌OA任意文件读取、phpStudyRCE、ShowDoc任意文件上传、原创先锋后台未授权、Kyan账号密码泄露、TerraMasterTos任意文件读取、TamronOS-IPTV系统RCE、Wayos防火墙账号密码泄露",
"fork": false,
"created_at": "2021-05-22T05:06:33Z",
"updated_at": "2024-12-25T09:28:14Z",
"updated_at": "2024-12-29T13:52:13Z",
"pushed_at": "2021-11-21T10:34:06Z",
"stargazers_count": 170,
"watchers_count": 170,
"stargazers_count": 169,
"watchers_count": 169,
"has_discussions": false,
"forks_count": 38,
"allow_forking": true,
@ -30,7 +30,7 @@
],
"visibility": "public",
"forks": 38,
"watchers": 170,
"watchers": 169,
"score": 0,
"subscribers_count": 5
},

8
2021/CVE-2021-4045.json
View file

@ -14,10 +14,10 @@
"description": "Exploit for command injection vulnerability found in uhttpd binary from TP-Link Tapo c200 IP camera",
"fork": false,
"created_at": "2021-11-15T14:48:14Z",
"updated_at": "2024-12-28T14:19:05Z",
"updated_at": "2024-12-29T14:55:04Z",
"pushed_at": "2024-10-31T18:50:48Z",
"stargazers_count": 74,
"watchers_count": 74,
"stargazers_count": 76,
"watchers_count": 76,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 9,
"watchers": 74,
"watchers": 76,
"score": 0,
"subscribers_count": 2
},

2
2021/CVE-2021-44077.json
View file

@ -14,7 +14,7 @@
"description": "Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077",
"fork": false,
"created_at": "2021-12-08T20:24:38Z",
"updated_at": "2024-11-03T19:39:05Z",
"updated_at": "2024-12-29T12:58:41Z",
"pushed_at": "2021-12-08T21:43:16Z",
"stargazers_count": 31,
"watchers_count": 31,

16
2021/CVE-2021-44228.json
View file

@ -935,10 +935,10 @@
"description": "A Proof-Of-Concept for the CVE-2021-44228 vulnerability. ",
"fork": false,
"created_at": "2021-12-10T23:19:28Z",
"updated_at": "2024-12-23T21:14:48Z",
"updated_at": "2024-12-29T13:50:48Z",
"pushed_at": "2024-02-12T22:37:25Z",
"stargazers_count": 1812,
"watchers_count": 1812,
"stargazers_count": 1811,
"watchers_count": 1811,
"has_discussions": false,
"forks_count": 530,
"allow_forking": true,
@ -952,7 +952,7 @@
],
"visibility": "public",
"forks": 530,
"watchers": 1812,
"watchers": 1811,
"score": 0,
"subscribers_count": 26
},
@ -5634,10 +5634,10 @@
"description": "A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.",
"fork": false,
"created_at": "2021-12-14T06:37:59Z",
"updated_at": "2024-11-16T19:51:31Z",
"updated_at": "2024-12-29T15:06:36Z",
"pushed_at": "2024-12-11T23:04:50Z",
"stargazers_count": 386,
"watchers_count": 386,
"stargazers_count": 387,
"watchers_count": 387,
"has_discussions": false,
"forks_count": 53,
"allow_forking": true,
@ -5652,7 +5652,7 @@
],
"visibility": "public",
"forks": 53,
"watchers": 386,
"watchers": 387,
"score": 0,
"subscribers_count": 12
},

8
2022/CVE-2022-0847.json
View file

@ -1163,10 +1163,10 @@
"description": "A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability.",
"fork": false,
"created_at": "2022-03-12T20:57:24Z",
"updated_at": "2024-12-27T04:25:28Z",
"updated_at": "2024-12-29T15:43:33Z",
"pushed_at": "2023-05-20T05:55:45Z",
"stargazers_count": 563,
"watchers_count": 563,
"stargazers_count": 564,
"watchers_count": 564,
"has_discussions": false,
"forks_count": 143,
"allow_forking": true,
@ -1175,7 +1175,7 @@
"topics": [],
"visibility": "public",
"forks": 143,
"watchers": 563,
"watchers": 564,
"score": 0,
"subscribers_count": 15
},

8
2022/CVE-2022-26134.json
View file

@ -14,10 +14,10 @@
"description": "【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。",
"fork": false,
"created_at": "2022-05-31T07:44:01Z",
"updated_at": "2024-12-27T02:16:47Z",
"updated_at": "2024-12-29T13:47:53Z",
"pushed_at": "2023-02-26T14:06:05Z",
"stargazers_count": 1173,
"watchers_count": 1173,
"stargazers_count": 1172,
"watchers_count": 1172,
"has_discussions": true,
"forks_count": 188,
"allow_forking": true,
@ -46,7 +46,7 @@
],
"visibility": "public",
"forks": 188,
"watchers": 1173,
"watchers": 1172,
"score": 0,
"subscribers_count": 19
},

8
2022/CVE-2022-38691.json
View file

@ -14,10 +14,10 @@
"description": "Let's control Secure Boot Chain ourselves.",
"fork": false,
"created_at": "2023-12-01T07:32:18Z",
"updated_at": "2024-12-20T22:49:27Z",
"updated_at": "2024-12-29T14:24:58Z",
"pushed_at": "2024-02-20T09:05:59Z",
"stargazers_count": 45,
"watchers_count": 45,
"stargazers_count": 46,
"watchers_count": 46,
"has_discussions": false,
"forks_count": 10,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 10,
"watchers": 45,
"watchers": 46,
"score": 0,
"subscribers_count": 5
}

8
2022/CVE-2022-38694.json
View file

@ -14,10 +14,10 @@
"description": "This is a one-time signature verification bypass. For persistent signature verification bypass, check https:\/\/github.com\/TomKing062\/CVE-2022-38691_38692",
"fork": false,
"created_at": "2023-06-10T08:31:26Z",
"updated_at": "2024-12-28T04:24:02Z",
"updated_at": "2024-12-29T14:24:48Z",
"pushed_at": "2024-08-01T15:09:15Z",
"stargazers_count": 312,
"watchers_count": 312,
"stargazers_count": 313,
"watchers_count": 313,
"has_discussions": true,
"forks_count": 46,
"allow_forking": true,
@ -29,7 +29,7 @@
],
"visibility": "public",
"forks": 46,
"watchers": 312,
"watchers": 313,
"score": 0,
"subscribers_count": 8
},

8
2023/CVE-2023-42793.json
View file

@ -205,10 +205,10 @@
"description": "JetBrains TeamCity 2023.05.3 - Remote Code Execution (RCE), CVE-2023-42793",
"fork": false,
"created_at": "2024-04-24T16:33:20Z",
"updated_at": "2024-11-06T08:40:37Z",
"updated_at": "2024-12-29T12:40:08Z",
"pushed_at": "2024-04-24T23:10:27Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
@ -227,7 +227,7 @@
],
"visibility": "public",
"forks": 1,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 2
},

8
2023/CVE-2023-45866.json
View file

@ -200,10 +200,10 @@
"description": "Exploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)",
"fork": false,
"created_at": "2024-12-15T03:00:47Z",
"updated_at": "2024-12-17T11:43:05Z",
"updated_at": "2024-12-29T12:44:04Z",
"pushed_at": "2024-12-15T06:41:13Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -212,7 +212,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 1
},

33
2024/CVE-2024-21182.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 909726022,
"name": "CVE-2024-21182",
"full_name": "k4it0k1d\/CVE-2024-21182",
"owner": {
"login": "k4it0k1d",
"id": 186562469,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/186562469?v=4",
"html_url": "https:\/\/github.com\/k4it0k1d",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/k4it0k1d\/CVE-2024-21182",
"description": "PoC for CVE-2024-21182",
"fork": false,
"created_at": "2024-12-29T15:48:03Z",
"updated_at": "2024-12-29T15:59:09Z",
"pushed_at": "2024-12-29T15:56:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-21306.json
View file

@ -76,10 +76,10 @@
"description": "Exploit basado en vulnerabilidades criticas Bluetooth (CVE-2023-45866, CVE-2024-21306)",
"fork": false,
"created_at": "2024-12-15T03:00:47Z",
"updated_at": "2024-12-17T11:43:05Z",
"updated_at": "2024-12-29T12:44:04Z",
"pushed_at": "2024-12-15T06:41:13Z",
"stargazers_count": 5,
"watchers_count": 5,
"stargazers_count": 6,
"watchers_count": 6,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"watchers": 6,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-23334.json
View file

@ -200,10 +200,10 @@
"description": "A proof of concept of the LFI vulnerability on aiohttp 3.9.1",
"fork": false,
"created_at": "2024-09-08T10:37:29Z",
"updated_at": "2024-11-18T19:28:54Z",
"updated_at": "2024-12-29T17:16:18Z",
"pushed_at": "2024-09-08T10:49:44Z",
"stargazers_count": 3,
"watchers_count": 3,
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -215,7 +215,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 3,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-23346.json
View file

@ -14,10 +14,10 @@
"description": "This repository contains a Crystallographic Information File (CIF) intended for use on the \"Chemistry\" machine on Hack The Box (HTB).",
"fork": false,
"created_at": "2024-11-05T14:27:06Z",
"updated_at": "2024-11-22T07:59:38Z",
"updated_at": "2024-12-29T12:54:35Z",
"pushed_at": "2024-11-05T14:32:57Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-30090.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-30090 - LPE PoC",
"fork": false,
"created_at": "2024-10-17T08:38:47Z",
"updated_at": "2024-12-19T03:10:07Z",
"updated_at": "2024-12-29T15:35:38Z",
"pushed_at": "2024-10-17T09:53:33Z",
"stargazers_count": 102,
"watchers_count": 102,
"stargazers_count": 103,
"watchers_count": 103,
"has_discussions": false,
"forks_count": 22,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 22,
"watchers": 102,
"watchers": 103,
"score": 0,
"subscribers_count": 3
}

2
2024/CVE-2024-38063.json
View file

@ -265,7 +265,7 @@
"description": "poc for CVE-2024-38063 (RCE in tcpip.sys)",
"fork": false,
"created_at": "2024-08-24T18:25:46Z",
"updated_at": "2024-12-26T02:57:45Z",
"updated_at": "2024-12-29T14:44:31Z",
"pushed_at": "2024-08-27T12:22:39Z",
"stargazers_count": 642,
"watchers_count": 642,

8
2024/CVE-2024-41662.json
View file

@ -14,10 +14,10 @@
"description": "Markdown XSS leads to RCE in VNote version <=3.18.1",
"fork": false,
"created_at": "2024-07-23T17:21:12Z",
"updated_at": "2024-07-24T18:39:25Z",
"updated_at": "2024-12-29T16:45:04Z",
"pushed_at": "2024-07-24T18:39:22Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

4
2024/CVE-2024-45440.json
View file

@ -14,8 +14,8 @@
"description": "Drupal CVE-2024-45440",
"fork": false,
"created_at": "2024-12-26T13:35:42Z",
"updated_at": "2024-12-29T12:02:42Z",
"pushed_at": "2024-12-29T12:02:40Z",
"updated_at": "2024-12-29T13:56:26Z",
"pushed_at": "2024-12-29T13:56:23Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,

8
2024/CVE-2024-4577.json
View file

@ -1594,10 +1594,10 @@
"description": "A Bash script designed to scan multiple domains for the CVE-2024-4577 vulnerability in PHP-CGI.",
"fork": false,
"created_at": "2024-10-04T13:10:19Z",
"updated_at": "2024-12-29T12:26:27Z",
"updated_at": "2024-12-29T13:06:17Z",
"pushed_at": "2024-11-13T14:37:33Z",
"stargazers_count": 2,
"watchers_count": 2,
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -1613,7 +1613,7 @@
],
"visibility": "public",
"forks": 0,
"watchers": 2,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},

12
2024/CVE-2024-50379.json
View file

@ -169,19 +169,19 @@
"description": "RCE through a race condition in Apache Tomcat",
"fork": false,
"created_at": "2024-12-21T05:54:29Z",
"updated_at": "2024-12-29T12:00:08Z",
"updated_at": "2024-12-29T18:22:50Z",
"pushed_at": "2024-12-21T08:56:44Z",
"stargazers_count": 12,
"watchers_count": 12,
"stargazers_count": 28,
"watchers_count": 28,
"has_discussions": false,
"forks_count": 1,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 12,
"forks": 2,
"watchers": 28,
"score": 0,
"subscribers_count": 2
},

8
2024/CVE-2024-8069.json
View file

@ -14,10 +14,10 @@
"description": "Citrix Virtual Apps and Desktops (XEN) Unauthenticated RCE",
"fork": false,
"created_at": "2024-11-13T02:50:56Z",
"updated_at": "2024-12-29T06:33:07Z",
"updated_at": "2024-12-29T18:12:46Z",
"pushed_at": "2024-11-29T03:02:09Z",
"stargazers_count": 9,
"watchers_count": 9,
"stargazers_count": 11,
"watchers_count": 11,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -32,7 +32,7 @@
],
"visibility": "public",
"forks": 2,
"watchers": 9,
"watchers": 11,
"score": 0,
"subscribers_count": 0
}

9
README.md
View file

@ -2565,6 +2565,13 @@
- [10cks/CVE-2024-21111-del](https://github.com/10cks/CVE-2024-21111-del)
- [x0rsys/CVE-2024-21111](https://github.com/x0rsys/CVE-2024-21111)
### CVE-2024-21182 (2024-07-16)
<code>Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
</code>
- [k4it0k1d/CVE-2024-21182](https://github.com/k4it0k1d/CVE-2024-21182)
### CVE-2024-21305 (2024-01-09)
<code>Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
@ -30430,7 +30437,7 @@
- [TweatherQ/CVE-2020-0796](https://github.com/TweatherQ/CVE-2020-0796)
- [krizzz07/CVE-2020-0796](https://github.com/krizzz07/CVE-2020-0796)
- [OldDream666/cve-2020-0796](https://github.com/OldDream666/cve-2020-0796)
- [Ajomix/CVE-2020-0796](https://github.com/Ajomix/CVE-2020-0796)
- [dungnm24/CVE-2020-0796](https://github.com/dungnm24/CVE-2020-0796)
- [hungdnvp/POC-CVE-2020-0796](https://github.com/hungdnvp/POC-CVE-2020-0796)
- [AdamSonov/smbGhostCVE-2020-0796](https://github.com/AdamSonov/smbGhostCVE-2020-0796)
- [z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities](https://github.com/z3ena/Exploiting-and-Mitigating-CVE-2020-0796-SMBGhost-and-Print-Spooler-Vulnerabilities)