mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Auto Update 2024/11/17 18:30:57

Browse source
This commit is contained in:
motikan2010-bot 2024-11-18 03:30:57 +09:00
parent 6f1accdd25
commit dda0c2872a
26 changed files with 189 additions and 101 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
2018/CVE-2018-1000531.json
View file

@ -14,10 +14,10 @@
"description": "Jwt Bruteforcer with CVE-2018-1000531 Test",
"fork": false,
"created_at": "2024-11-15T21:00:24Z",
"updated_at": "2024-11-15T21:05:48Z",
"updated_at": "2024-11-17T13:52:56Z",
"pushed_at": "2024-11-15T21:05:45Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

4
2021/CVE-2021-1675.json
View file

@ -1009,7 +1009,7 @@
"stargazers_count": 181,
"watchers_count": 181,
"has_discussions": false,
"forks_count": 29,
"forks_count": 30,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -1018,7 +1018,7 @@
"cve-2021-34527"
],
"visibility": "public",
"forks": 29,
"forks": 30,
"watchers": 181,
"score": 0,
"subscribers_count": 6

33
2021/CVE-2021-34081.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 889983489,
"name": "CVEX-Record",
"full_name": "jason-rodrigues\/CVEX-Record",
"owner": {
"login": "jason-rodrigues",
"id": 97640916,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97640916?v=4",
"html_url": "https:\/\/github.com\/jason-rodrigues",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/jason-rodrigues\/CVEX-Record",
"description": "CVE-2021-34081",
"fork": false,
"created_at": "2024-11-17T18:17:01Z",
"updated_at": "2024-11-17T18:18:11Z",
"pushed_at": "2024-11-17T18:17:01Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

4
2021/CVE-2021-42278.json
View file

@ -55,13 +55,13 @@
"stargazers_count": 802,
"watchers_count": 802,
"has_discussions": false,
"forks_count": 122,
"forks_count": 123,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 122,
"forks": 123,
"watchers": 802,
"score": 0,
"subscribers_count": 13

31
2021/CVE-2021-43798.json
View file

@ -699,37 +699,6 @@
"score": 0,
"subscribers_count": 2
},
{
"id": 445007761,
"name": "CVE-2021-43798",
"full_name": "light-Life\/CVE-2021-43798",
"owner": {
"login": "light-Life",
"id": 53685855,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53685855?v=4",
"html_url": "https:\/\/github.com\/light-Life",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/light-Life\/CVE-2021-43798",
"description": "运用golang写的grafana批量验证脚本内置48个验证",
"fork": false,
"created_at": "2022-01-06T01:54:26Z",
"updated_at": "2022-08-15T15:41:35Z",
"pushed_at": "2022-01-11T08:12:09Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 449447091,
"name": "CVE-2021-43798_exploit",

8
2022/CVE-2022-25845.json
View file

@ -107,10 +107,10 @@
"description": "CVE-2022-25845(fastjson1.2.80) exploit in Spring Env!",
"fork": false,
"created_at": "2024-11-07T13:06:44Z",
"updated_at": "2024-11-15T01:27:32Z",
"updated_at": "2024-11-17T13:31:01Z",
"pushed_at": "2024-11-07T13:38:18Z",
"stargazers_count": 63,
"watchers_count": 63,
"stargazers_count": 64,
"watchers_count": 64,
"has_discussions": false,
"forks_count": 9,
"allow_forking": true,
@ -119,7 +119,7 @@
"topics": [],
"visibility": "public",
"forks": 9,
"watchers": 63,
"watchers": 64,
"score": 0,
"subscribers_count": 3
}

4
2022/CVE-2022-30190.json
View file

@ -405,7 +405,7 @@
"stargazers_count": 18,
"watchers_count": 18,
"has_discussions": false,
"forks_count": 5,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
@ -417,7 +417,7 @@
"ms-msdt"
],
"visibility": "public",
"forks": 5,
"forks": 6,
"watchers": 18,
"score": 0,
"subscribers_count": 3

8
2022/CVE-2022-32947.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2022-32947 walkthough and demo",
"fork": false,
"created_at": "2023-09-17T08:21:47Z",
"updated_at": "2024-11-08T14:39:16Z",
"updated_at": "2024-11-17T15:51:27Z",
"pushed_at": "2023-09-18T03:04:48Z",
"stargazers_count": 152,
"watchers_count": 152,
"stargazers_count": 153,
"watchers_count": 153,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 152,
"watchers": 153,
"score": 0,
"subscribers_count": 5
}

4
2022/CVE-2022-3368.json
View file

@ -42,10 +42,10 @@
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/byt3n33dl3\/CrackAVFee",
"description": "it's a CVE-2022-3368 ( patched ), but feel free to use it for check any outdated software or reseach",
"description": "it's a CVE-2022-3368 (Patched), but feel free to use it for check any outdated software or reseach",
"fork": false,
"created_at": "2024-03-05T18:31:29Z",
"updated_at": "2024-11-15T06:31:07Z",
"updated_at": "2024-11-17T16:50:59Z",
"pushed_at": "2024-07-08T16:18:51Z",
"stargazers_count": 7,
"watchers_count": 7,

8
2023/CVE-2023-22894.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2023-22894",
"fork": false,
"created_at": "2023-04-24T23:26:13Z",
"updated_at": "2024-07-08T04:47:57Z",
"updated_at": "2024-11-17T16:05:28Z",
"pushed_at": "2023-04-24T23:38:15Z",
"stargazers_count": 8,
"watchers_count": 8,
"stargazers_count": 9,
"watchers_count": 9,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 8,
"watchers": 9,
"score": 0,
"subscribers_count": 1
}

8
2023/CVE-2023-2640.json
View file

@ -76,10 +76,10 @@
"description": "GameOver(lay) Ubuntu Privilege Escalation",
"fork": false,
"created_at": "2023-10-09T22:02:42Z",
"updated_at": "2024-11-06T11:38:43Z",
"updated_at": "2024-11-17T18:13:18Z",
"pushed_at": "2023-10-09T22:44:21Z",
"stargazers_count": 117,
"watchers_count": 117,
"stargazers_count": 118,
"watchers_count": 118,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
@ -88,7 +88,7 @@
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 117,
"watchers": 118,
"score": 0,
"subscribers_count": 1
},

4
2023/CVE-2023-28229.json
View file

@ -42,10 +42,10 @@
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/byt3n33dl3\/CrackKeyIso",
"description": "it's a CVE-2023-28229 ( patched ), but feel free to use it for check any outdated software or reseach",
"description": "it's a CVE-2023-28229 (Patched), but feel free to use it for check any outdated software or reseach",
"fork": false,
"created_at": "2024-03-27T20:57:46Z",
"updated_at": "2024-09-20T08:39:15Z",
"updated_at": "2024-11-17T16:51:16Z",
"pushed_at": "2024-07-08T16:04:59Z",
"stargazers_count": 6,
"watchers_count": 6,

4
2023/CVE-2023-28252.json
View file

@ -166,10 +166,10 @@
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/byt3n33dl3\/CLFS",
"description": "it's a CVE-2023-28252 ( patched ), but feel free to use it for check any outdated software or reseach",
"description": "it's a CVE-2023-28252 (Patched), but feel free to use it for check any outdated software or reseach",
"fork": false,
"created_at": "2024-03-21T16:16:52Z",
"updated_at": "2024-09-20T08:39:09Z",
"updated_at": "2024-11-17T16:50:38Z",
"pushed_at": "2024-07-09T03:43:41Z",
"stargazers_count": 7,
"watchers_count": 7,

8
2023/CVE-2023-38646.json
View file

@ -514,10 +514,10 @@
"description": "This is a script written in Python that allows the exploitation of the Metabase's software security flaw described in CVE-2023-38646.",
"fork": false,
"created_at": "2023-10-09T00:26:38Z",
"updated_at": "2024-11-11T11:31:19Z",
"updated_at": "2024-11-17T18:13:36Z",
"pushed_at": "2024-07-07T17:44:16Z",
"stargazers_count": 25,
"watchers_count": 25,
"stargazers_count": 26,
"watchers_count": 26,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
@ -532,7 +532,7 @@
],
"visibility": "public",
"forks": 5,
"watchers": 25,
"watchers": 26,
"score": 0,
"subscribers_count": 1
},

8
2023/CVE-2023-44487.json
View file

@ -146,10 +146,10 @@
"description": "Tool for testing mitigations and exposure to Rapid Reset DDoS (CVE-2023-44487)",
"fork": false,
"created_at": "2023-10-13T23:55:32Z",
"updated_at": "2024-11-16T19:52:05Z",
"updated_at": "2024-11-17T12:51:41Z",
"pushed_at": "2023-10-30T20:22:37Z",
"stargazers_count": 60,
"watchers_count": 60,
"stargazers_count": 61,
"watchers_count": 61,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
@ -158,7 +158,7 @@
"topics": [],
"visibility": "public",
"forks": 16,
"watchers": 60,
"watchers": 61,
"score": 0,
"subscribers_count": 4
},

2
2023/CVE-2023-46604.json
View file

@ -138,7 +138,7 @@
"description": null,
"fork": false,
"created_at": "2023-11-04T11:58:21Z",
"updated_at": "2024-11-06T15:48:25Z",
"updated_at": "2024-11-17T13:12:16Z",
"pushed_at": "2023-11-06T07:26:30Z",
"stargazers_count": 27,
"watchers_count": 27,

33
2024/CVE-2024-10245.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 889946220,
"name": "CVE-2024-10245",
"full_name": "RandomRobbieBF\/CVE-2024-10245",
"owner": {
"login": "RandomRobbieBF",
"id": 51722811,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/51722811?v=4",
"html_url": "https:\/\/github.com\/RandomRobbieBF",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/RandomRobbieBF\/CVE-2024-10245",
"description": "Relais 2FA <= 1.0 - Authentication Bypass",
"fork": false,
"created_at": "2024-11-17T16:34:28Z",
"updated_at": "2024-11-17T16:35:09Z",
"pushed_at": "2024-11-17T16:35:05Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

33
2024/CVE-2024-10793.json Normal file
View file

@ -0,0 +1,33 @@
[
{
"id": 889986626,
"name": "CVE-2024-10793",
"full_name": "windz3r0day\/CVE-2024-10793",
"owner": {
"login": "windz3r0day",
"id": 179751303,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/179751303?v=4",
"html_url": "https:\/\/github.com\/windz3r0day",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/windz3r0day\/CVE-2024-10793",
"description": "CVE-2024-10793 poc exploit",
"fork": false,
"created_at": "2024-11-17T18:25:35Z",
"updated_at": "2024-11-17T18:29:25Z",
"pushed_at": "2024-11-17T18:29:21Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]

8
2024/CVE-2024-10914.json
View file

@ -146,10 +146,10 @@
"description": "CVE-2024-10914 is a critical command injection vulnerability affecting several legacy D-Link Network Attached Storage (NAS) devices.",
"fork": false,
"created_at": "2024-11-16T16:32:05Z",
"updated_at": "2024-11-16T17:42:57Z",
"updated_at": "2024-11-17T13:51:10Z",
"pushed_at": "2024-11-16T16:38:10Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -158,7 +158,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-26229.json
View file

@ -45,10 +45,10 @@
"description": "Windows LPE",
"fork": false,
"created_at": "2024-06-11T08:03:29Z",
"updated_at": "2024-11-17T11:19:39Z",
"updated_at": "2024-11-17T13:18:50Z",
"pushed_at": "2024-06-11T20:41:59Z",
"stargazers_count": 103,
"watchers_count": 103,
"stargazers_count": 104,
"watchers_count": 104,
"has_discussions": false,
"forks_count": 23,
"allow_forking": true,
@ -57,7 +57,7 @@
"topics": [],
"visibility": "public",
"forks": 23,
"watchers": 103,
"watchers": 104,
"score": 0,
"subscribers_count": 1
},

8
2024/CVE-2024-2876.json
View file

@ -138,10 +138,10 @@
"description": "WP-SQL-Injection CVE-2024-2876 AND 2024-CVE-2024-3495",
"fork": false,
"created_at": "2024-11-15T22:39:48Z",
"updated_at": "2024-11-15T22:51:46Z",
"updated_at": "2024-11-17T13:51:56Z",
"pushed_at": "2024-11-15T22:50:43Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -150,7 +150,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-3094.json
View file

@ -952,10 +952,10 @@
"description": "notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)",
"fork": false,
"created_at": "2024-04-01T14:28:09Z",
"updated_at": "2024-11-16T19:47:51Z",
"updated_at": "2024-11-17T18:12:20Z",
"pushed_at": "2024-04-03T04:58:50Z",
"stargazers_count": 3495,
"watchers_count": 3495,
"stargazers_count": 3496,
"watchers_count": 3496,
"has_discussions": false,
"forks_count": 239,
"allow_forking": true,
@ -964,7 +964,7 @@
"topics": [],
"visibility": "public",
"forks": 239,
"watchers": 3495,
"watchers": 3496,
"score": 0,
"subscribers_count": 38
},

8
2024/CVE-2024-44625.json
View file

@ -14,10 +14,10 @@
"description": "Symbolic link path traversal vulnerability in Gogs",
"fork": false,
"created_at": "2024-11-13T16:16:31Z",
"updated_at": "2024-11-16T03:52:06Z",
"updated_at": "2024-11-17T14:07:54Z",
"pushed_at": "2024-11-14T02:54:13Z",
"stargazers_count": 1,
"watchers_count": 1,
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}

8
2024/CVE-2024-47575.json
View file

@ -14,10 +14,10 @@
"description": "Fortinet Fortimanager Unauthenticated Remote Code Execution AKA FortiJump CVE-2024-47575",
"fork": false,
"created_at": "2024-11-07T21:03:30Z",
"updated_at": "2024-11-16T18:49:23Z",
"updated_at": "2024-11-17T14:25:31Z",
"pushed_at": "2024-11-14T16:25:52Z",
"stargazers_count": 44,
"watchers_count": 44,
"stargazers_count": 45,
"watchers_count": 45,
"has_discussions": false,
"forks_count": 20,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 20,
"watchers": 44,
"watchers": 45,
"score": 0,
"subscribers_count": 0
},

8
2024/CVE-2024-49379.json
View file

@ -14,10 +14,10 @@
"description": "CVE-2024-49379 PoC",
"fork": false,
"created_at": "2024-11-16T19:05:28Z",
"updated_at": "2024-11-16T19:31:54Z",
"updated_at": "2024-11-17T13:46:42Z",
"pushed_at": "2024-11-16T19:31:50Z",
"stargazers_count": 0,
"watchers_count": 0,
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
@ -26,7 +26,7 @@
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
}

22
README.md
View file

@ -1906,6 +1906,13 @@
- [holypryx/CVE-2024-10140](https://github.com/holypryx/CVE-2024-10140)
### CVE-2024-10245 (2024-11-12)
<code>The Relais 2FA plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0. This is due to incorrect authentication and capability checking in the 'rl_do_ajax' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, if they have access to the email.
</code>
- [RandomRobbieBF/CVE-2024-10245](https://github.com/RandomRobbieBF/CVE-2024-10245)
### CVE-2024-10354 (2024-10-25)
<code>In SourceCodester Petrol Pump Management Software 1.0 wurde eine kritische Schwachstelle entdeckt. Das betrifft eine unbekannte Funktionalität der Datei /admin/print.php. Mit der Manipulation des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung.
@ -1990,6 +1997,13 @@
- [RandomRobbieBF/CVE-2024-10728](https://github.com/RandomRobbieBF/CVE-2024-10728)
### CVE-2024-10793 (2024-11-15)
<code>The WP Activity Log plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including, 5.2.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever an administrative user accesses an injected page.
</code>
- [windz3r0day/CVE-2024-10793](https://github.com/windz3r0day/CVE-2024-10793)
### CVE-2024-10914 (2024-11-06)
<code>In D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L bis 20241028 wurde eine kritische Schwachstelle ausgemacht. Hierbei betrifft es die Funktion cgi_user_add der Datei /cgi-bin/account_mgr.cgi?cmd=cgi_user_add. Durch Manipulation des Arguments name mit unbekannten Daten kann eine os command injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Die Komplexität eines Angriffs ist eher hoch. Sie gilt als schwierig ausnutzbar. Der Exploit steht zur öffentlichen Verfügung.
@ -25457,6 +25471,13 @@
- [Al1ex/CVE-2021-34045](https://github.com/Al1ex/CVE-2021-34045)
- [kenuosec/CVE-2021-34045](https://github.com/kenuosec/CVE-2021-34045)
### CVE-2021-34081 (2022-06-01)
<code>OS Command Injection vulnerability in bbultman gitsome through 0.2.3 allows attackers to execute arbitrary commands via a crafted tag name of the target git repository.
</code>
- [jason-rodrigues/CVEX-Record](https://github.com/jason-rodrigues/CVEX-Record)
### CVE-2021-34371 (2021-08-05)
<code>Neo4j through 3.4.18 (with the shell server enabled) exposes an RMI service that arbitrarily deserializes Java objects, e.g., through setSessionVariable. An attacker can abuse this for remote code execution because there are dependencies with exploitable gadget chains.
@ -27502,7 +27523,6 @@
- [k3rwin/CVE-2021-43798-Grafana](https://github.com/k3rwin/CVE-2021-43798-Grafana)
- [gps1949/CVE-2021-43798](https://github.com/gps1949/CVE-2021-43798)
- [halencarjunior/grafana-CVE-2021-43798](https://github.com/halencarjunior/grafana-CVE-2021-43798)
- [light-Life/CVE-2021-43798](https://github.com/light-Life/CVE-2021-43798)
- [aymenbouferroum/CVE-2021-43798_exploit](https://github.com/aymenbouferroum/CVE-2021-43798_exploit)
- [Jroo1053/GrafanaDirInclusion](https://github.com/Jroo1053/GrafanaDirInclusion)
- [yasindce1998/grafana-cve-2021-43798](https://github.com/yasindce1998/grafana-cve-2021-43798)