diff --git a/2005/CVE-2005-2428.json b/2005/CVE-2005-2428.json
new file mode 100644
index 0000000000..7c4515dae6
--- /dev/null
+++ b/2005/CVE-2005-2428.json
@@ -0,0 +1,25 @@
+[
+ {
+ "id": 178449456,
+ "name": "CVE-2005-2428-IBM-Lotus-Domino-R8-Password-Hash-Extraction-Exploit",
+ "full_name": "schwankner\/CVE-2005-2428-IBM-Lotus-Domino-R8-Password-Hash-Extraction-Exploit",
+ "owner": {
+ "login": "schwankner",
+ "id": 1496765,
+ "avatar_url": "https:\/\/avatars2.githubusercontent.com\/u\/1496765?v=4",
+ "html_url": "https:\/\/github.com\/schwankner"
+ },
+ "html_url": "https:\/\/github.com\/schwankner\/CVE-2005-2428-IBM-Lotus-Domino-R8-Password-Hash-Extraction-Exploit",
+ "description": "IBM Lotus Domino <= R8 Password Hash Extraction Exploit",
+ "fork": false,
+ "created_at": "2019-03-29T17:31:14Z",
+ "updated_at": "2019-08-26T16:40:59Z",
+ "pushed_at": "2019-03-29T17:31:55Z",
+ "stargazers_count": 2,
+ "watchers_count": 2,
+ "forks_count": 1,
+ "forks": 1,
+ "watchers": 2,
+ "score": 0
+ }
+]
\ No newline at end of file
diff --git a/2017/CVE-2017-0075.json b/2017/CVE-2017-0075.json
index 43b90c1c5d..b3168de8e2 100644
--- a/2017/CVE-2017-0075.json
+++ b/2017/CVE-2017-0075.json
@@ -13,13 +13,13 @@
"description": "PoC for CVE-2017-0075",
"fork": false,
"created_at": "2019-09-12T02:45:07Z",
- "updated_at": "2020-05-16T21:44:06Z",
+ "updated_at": "2020-06-08T02:24:29Z",
"pushed_at": "2019-09-12T03:02:13Z",
- "stargazers_count": 31,
- "watchers_count": 31,
+ "stargazers_count": 32,
+ "watchers_count": 32,
"forks_count": 12,
"forks": 12,
- "watchers": 31,
+ "watchers": 32,
"score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-17558.json b/2019/CVE-2019-17558.json
index f23932a108..4ea47df447 100644
--- a/2019/CVE-2019-17558.json
+++ b/2019/CVE-2019-17558.json
@@ -36,13 +36,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,优先更新高危且易利用的漏洞利用脚本,最新添加CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
- "updated_at": "2020-06-07T11:28:26Z",
+ "updated_at": "2020-06-08T02:55:30Z",
"pushed_at": "2020-06-01T02:34:27Z",
- "stargazers_count": 884,
- "watchers_count": 884,
+ "stargazers_count": 887,
+ "watchers_count": 887,
"forks_count": 212,
"forks": 212,
- "watchers": 884,
+ "watchers": 887,
"score": 0
}
]
\ No newline at end of file
diff --git a/2019/CVE-2019-2618.json b/2019/CVE-2019-2618.json
index 1eb34cbea5..b155443b6b 100644
--- a/2019/CVE-2019-2618.json
+++ b/2019/CVE-2019-2618.json
@@ -36,13 +36,13 @@
"description": "Weblogic Upload Vuln(Need username password)-CVE-2019-2618",
"fork": false,
"created_at": "2019-04-17T12:23:24Z",
- "updated_at": "2020-04-28T05:14:48Z",
+ "updated_at": "2020-06-08T02:15:35Z",
"pushed_at": "2019-04-17T15:05:09Z",
- "stargazers_count": 143,
- "watchers_count": 143,
+ "stargazers_count": 144,
+ "watchers_count": 144,
"forks_count": 51,
"forks": 51,
- "watchers": 143,
+ "watchers": 144,
"score": 0
},
{
diff --git a/2019/CVE-2019-5418.json b/2019/CVE-2019-5418.json
index 12a5f37f5e..47646df8ae 100644
--- a/2019/CVE-2019-5418.json
+++ b/2019/CVE-2019-5418.json
@@ -13,13 +13,13 @@
"description": "CVE-2019-5418 - File Content Disclosure on Ruby on Rails",
"fork": false,
"created_at": "2019-03-16T11:58:18Z",
- "updated_at": "2020-05-22T22:08:44Z",
+ "updated_at": "2020-06-08T00:55:34Z",
"pushed_at": "2019-03-25T07:19:58Z",
- "stargazers_count": 155,
- "watchers_count": 155,
+ "stargazers_count": 156,
+ "watchers_count": 156,
"forks_count": 16,
"forks": 16,
- "watchers": 155,
+ "watchers": 156,
"score": 0
},
{
@@ -82,13 +82,13 @@
"description": "RCE on Rails 5.2.2 using a path traversal (CVE-2019-5418) and a deserialization of Ruby objects (CVE-2019-5420)",
"fork": false,
"created_at": "2019-03-23T02:52:31Z",
- "updated_at": "2020-05-19T13:35:36Z",
+ "updated_at": "2020-06-08T00:55:00Z",
"pushed_at": "2020-06-05T20:43:59Z",
- "stargazers_count": 99,
- "watchers_count": 99,
+ "stargazers_count": 100,
+ "watchers_count": 100,
"forks_count": 18,
"forks": 18,
- "watchers": 99,
+ "watchers": 100,
"score": 0
},
{
diff --git a/2020/CVE-2020-0609.json b/2020/CVE-2020-0609.json
index 3030200a21..a1ca9eb9fe 100644
--- a/2020/CVE-2020-0609.json
+++ b/2020/CVE-2020-0609.json
@@ -36,13 +36,13 @@
"description": "PoC (DoS + scanner) for CVE-2020-0609 & CVE-2020-0610 - RD Gateway RCE",
"fork": false,
"created_at": "2020-01-23T22:29:46Z",
- "updated_at": "2020-05-29T01:56:32Z",
+ "updated_at": "2020-06-07T22:41:58Z",
"pushed_at": "2020-01-24T15:21:06Z",
- "stargazers_count": 212,
- "watchers_count": 212,
+ "stargazers_count": 213,
+ "watchers_count": 213,
"forks_count": 60,
"forks": 60,
- "watchers": 212,
+ "watchers": 213,
"score": 0
},
{
diff --git a/2020/CVE-2020-0796.json b/2020/CVE-2020-0796.json
index cee400cb42..53212f051e 100644
--- a/2020/CVE-2020-0796.json
+++ b/2020/CVE-2020-0796.json
@@ -86,8 +86,8 @@
"pushed_at": "2020-03-13T09:54:16Z",
"stargazers_count": 479,
"watchers_count": 479,
- "forks_count": 150,
- "forks": 150,
+ "forks_count": 153,
+ "forks": 153,
"watchers": 479,
"score": 0
},
@@ -404,13 +404,13 @@
"description": "PoC for triggering buffer overflow via CVE-2020-0796",
"fork": false,
"created_at": "2020-03-12T18:34:40Z",
- "updated_at": "2020-06-07T16:33:23Z",
+ "updated_at": "2020-06-08T01:08:32Z",
"pushed_at": "2020-03-14T10:04:59Z",
- "stargazers_count": 230,
- "watchers_count": 230,
- "forks_count": 88,
- "forks": 88,
- "watchers": 230,
+ "stargazers_count": 232,
+ "watchers_count": 232,
+ "forks_count": 90,
+ "forks": 90,
+ "watchers": 232,
"score": 0
},
{
@@ -937,8 +937,8 @@
"pushed_at": "2020-04-08T19:27:07Z",
"stargazers_count": 940,
"watchers_count": 940,
- "forks_count": 297,
- "forks": 297,
+ "forks_count": 299,
+ "forks": 299,
"watchers": 940,
"score": 0
},
@@ -956,13 +956,13 @@
"description": "CVE-2020-0796 Local Privilege Escalation POC",
"fork": false,
"created_at": "2020-03-30T16:06:50Z",
- "updated_at": "2020-06-06T02:20:03Z",
+ "updated_at": "2020-06-08T02:45:20Z",
"pushed_at": "2020-04-02T08:01:38Z",
- "stargazers_count": 169,
- "watchers_count": 169,
+ "stargazers_count": 170,
+ "watchers_count": 170,
"forks_count": 63,
"forks": 63,
- "watchers": 169,
+ "watchers": 170,
"score": 0
},
{
@@ -1006,8 +1006,8 @@
"pushed_at": "2020-03-31T11:34:02Z",
"stargazers_count": 3,
"watchers_count": 3,
- "forks_count": 1,
- "forks": 1,
+ "forks_count": 2,
+ "forks": 2,
"watchers": 3,
"score": 0
},
@@ -1117,13 +1117,13 @@
"description": "Cobalt Strike AggressorScripts CVE-2020-0796",
"fork": false,
"created_at": "2020-04-06T15:16:10Z",
- "updated_at": "2020-06-05T06:58:26Z",
+ "updated_at": "2020-06-08T00:50:35Z",
"pushed_at": "2020-04-06T15:22:01Z",
- "stargazers_count": 52,
- "watchers_count": 52,
+ "stargazers_count": 51,
+ "watchers_count": 51,
"forks_count": 12,
"forks": 12,
- "watchers": 52,
+ "watchers": 51,
"score": 0
},
{
@@ -1186,13 +1186,13 @@
"description": "PoC RCE Reverse Shell for CVE-2020-0796 (SMBGhost)",
"fork": false,
"created_at": "2020-04-22T09:09:02Z",
- "updated_at": "2020-06-06T15:22:55Z",
+ "updated_at": "2020-06-07T22:45:29Z",
"pushed_at": "2020-06-05T16:21:55Z",
- "stargazers_count": 6,
- "watchers_count": 6,
+ "stargazers_count": 7,
+ "watchers_count": 7,
"forks_count": 11,
"forks": 11,
- "watchers": 6,
+ "watchers": 7,
"score": 0
},
{
diff --git a/2020/CVE-2020-11444.json b/2020/CVE-2020-11444.json
index cb32dbb118..4f100ee5a1 100644
--- a/2020/CVE-2020-11444.json
+++ b/2020/CVE-2020-11444.json
@@ -13,13 +13,13 @@
"description": "Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,优先更新高危且易利用的漏洞利用脚本,最新添加CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340",
"fork": false,
"created_at": "2020-04-01T09:33:35Z",
- "updated_at": "2020-06-07T11:28:26Z",
+ "updated_at": "2020-06-08T02:55:30Z",
"pushed_at": "2020-06-01T02:34:27Z",
- "stargazers_count": 884,
- "watchers_count": 884,
+ "stargazers_count": 887,
+ "watchers_count": 887,
"forks_count": 212,
"forks": 212,
- "watchers": 884,
+ "watchers": 887,
"score": 0
},
{
diff --git a/2020/CVE-2020-12753.json b/2020/CVE-2020-12753.json
index 5d41c39ecc..5e4a8294f0 100644
--- a/2020/CVE-2020-12753.json
+++ b/2020/CVE-2020-12753.json
@@ -13,13 +13,13 @@
"description": "A proof-of-concept for CVE-2020-12753",
"fork": false,
"created_at": "2020-06-01T21:58:42Z",
- "updated_at": "2020-06-06T18:07:29Z",
+ "updated_at": "2020-06-08T01:11:35Z",
"pushed_at": "2020-06-01T22:55:46Z",
- "stargazers_count": 14,
- "watchers_count": 14,
+ "stargazers_count": 16,
+ "watchers_count": 16,
"forks_count": 4,
"forks": 4,
- "watchers": 14,
+ "watchers": 16,
"score": 0
}
]
\ No newline at end of file
diff --git a/2020/CVE-2020-12832.json b/2020/CVE-2020-12832.json
new file mode 100644
index 0000000000..3a409b6136
--- /dev/null
+++ b/2020/CVE-2020-12832.json
@@ -0,0 +1,25 @@
+[
+ {
+ "id": 270467011,
+ "name": "simplefilelist1.7",
+ "full_name": "0x05010705\/simplefilelist1.7",
+ "owner": {
+ "login": "0x05010705",
+ "id": 47504230,
+ "avatar_url": "https:\/\/avatars1.githubusercontent.com\/u\/47504230?v=4",
+ "html_url": "https:\/\/github.com\/0x05010705"
+ },
+ "html_url": "https:\/\/github.com\/0x05010705\/simplefilelist1.7",
+ "description": "Manually Reverted SimpleFileList 1.7 plugin for Wordpress to explore CVE-2020-12832",
+ "fork": false,
+ "created_at": "2020-06-07T23:57:08Z",
+ "updated_at": "2020-06-08T01:26:58Z",
+ "pushed_at": "2020-06-08T01:26:57Z",
+ "stargazers_count": 0,
+ "watchers_count": 0,
+ "forks_count": 0,
+ "forks": 0,
+ "watchers": 0,
+ "score": 0
+ }
+]
\ No newline at end of file
diff --git a/2020/CVE-2020-13889.json b/2020/CVE-2020-13889.json
index 056a4b0d37..4753eb91c1 100644
--- a/2020/CVE-2020-13889.json
+++ b/2020/CVE-2020-13889.json
@@ -1,19 +1,19 @@
[
{
"id": 269470325,
- "name": "bludit-DOM-xss",
- "full_name": "gh0st56\/bludit-DOM-xss",
+ "name": "bludit-xss-CVE-2020-13889",
+ "full_name": "gh0st56\/bludit-xss-CVE-2020-13889",
"owner": {
"login": "gh0st56",
"id": 40955428,
"avatar_url": "https:\/\/avatars3.githubusercontent.com\/u\/40955428?v=4",
"html_url": "https:\/\/github.com\/gh0st56"
},
- "html_url": "https:\/\/github.com\/gh0st56\/bludit-DOM-xss",
+ "html_url": "https:\/\/github.com\/gh0st56\/bludit-xss-CVE-2020-13889",
"description": "CVE-2020-13889. The admin page of bludit have an Self XSS in the showAlert() function that dont sanitize user input leading them to execute an malicious code.",
"fork": false,
"created_at": "2020-06-04T21:35:22Z",
- "updated_at": "2020-06-07T02:21:33Z",
+ "updated_at": "2020-06-08T01:14:56Z",
"pushed_at": "2020-06-07T02:21:31Z",
"stargazers_count": 0,
"watchers_count": 0,
diff --git a/2020/CVE-2020-2551.json b/2020/CVE-2020-2551.json
index 5b9635a311..bb5255a014 100644
--- a/2020/CVE-2020-2551.json
+++ b/2020/CVE-2020-2551.json
@@ -174,13 +174,13 @@
"description": "Weblogic Vuln POC EXP cve-2020-2551 cve-2020-2555 cve-2020-2883 ,。。。",
"fork": false,
"created_at": "2020-05-16T03:01:32Z",
- "updated_at": "2020-06-05T05:09:44Z",
+ "updated_at": "2020-06-08T01:35:08Z",
"pushed_at": "2020-05-17T12:07:01Z",
- "stargazers_count": 21,
- "watchers_count": 21,
+ "stargazers_count": 22,
+ "watchers_count": 22,
"forks_count": 4,
"forks": 4,
- "watchers": 21,
+ "watchers": 22,
"score": 0
},
{
diff --git a/2020/CVE-2020-8835.json b/2020/CVE-2020-8835.json
index 462f0386f0..7d074573dc 100644
--- a/2020/CVE-2020-8835.json
+++ b/2020/CVE-2020-8835.json
@@ -36,7 +36,7 @@
"description": "CVE-2020-8835 Exploit\/PoC",
"fork": false,
"created_at": "2020-06-06T01:53:36Z",
- "updated_at": "2020-06-06T13:55:18Z",
+ "updated_at": "2020-06-08T02:26:47Z",
"pushed_at": "2020-06-06T13:17:37Z",
"stargazers_count": 1,
"watchers_count": 1,
diff --git a/README.md b/README.md
index e2780c935c..90b8ff7763 100644
--- a/README.md
+++ b/README.md
@@ -608,6 +608,14 @@ An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, a
### CVE-2020-12800
- [amartinsec/CVE-2020-12800](https://github.com/amartinsec/CVE-2020-12800)
+### CVE-2020-12832
+
+
+WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input.
+
+
+- [0x05010705/simplefilelist1.7](https://github.com/0x05010705/simplefilelist1.7)
+
### CVE-2020-12856
@@ -647,7 +655,7 @@ In the cheetah free wifi 5.1 driver file liebaonat.sys, local users are allowed
showAlert() in the administration panel in Bludit 3.12.0 allows XSS.
-- [gh0st56/bludit-DOM-xss](https://github.com/gh0st56/bludit-DOM-xss)
+- [gh0st56/bludit-xss-CVE-2020-13889](https://github.com/gh0st56/bludit-xss-CVE-2020-13889)
### CVE-2020-1611
@@ -13706,6 +13714,14 @@ Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded app
- [tagatac/libsafe-CVE-2005-1125](https://github.com/tagatac/libsafe-CVE-2005-1125)
+### CVE-2005-2428
+
+
+Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696.
+
+
+- [schwankner/CVE-2005-2428-IBM-Lotus-Domino-R8-Password-Hash-Extraction-Exploit](https://github.com/schwankner/CVE-2005-2428-IBM-Lotus-Domino-R8-Password-Hash-Extraction-Exploit)
+
## 2004
### CVE-2004-0558