[ { "id": 52896981, "name": "dh-CVE_2016_2098", "full_name": "hderms\/dh-CVE_2016_2098", "owner": { "login": "hderms", "id": 833575, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/833575?v=4", "html_url": "https:\/\/github.com\/hderms", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/hderms\/dh-CVE_2016_2098", "description": "Proof of concept showing how CVE-2016-2098 leads to remote code execution", "fork": false, "created_at": "2016-03-01T17:45:29Z", "updated_at": "2020-06-06T02:45:09Z", "pushed_at": "2016-03-01T17:45:55Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 4, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 60613259, "name": "PoC_CVE-2016-2098_Rails42", "full_name": "CyberDefenseInstitute\/PoC_CVE-2016-2098_Rails42", "owner": { "login": "CyberDefenseInstitute", "id": 13356356, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13356356?v=4", "html_url": "https:\/\/github.com\/CyberDefenseInstitute", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/CyberDefenseInstitute\/PoC_CVE-2016-2098_Rails42", "description": "A PoC of CVE-2016-2098 (rails4.2.5.1 \/ view render)", "fork": false, "created_at": "2016-06-07T12:59:31Z", "updated_at": "2019-08-26T16:39:44Z", "pushed_at": "2016-06-07T13:15:24Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "poc", "rails", "vulnerability" ], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 6 }, { "id": 80069309, "name": "rails-PoC-CVE-2016-2098", "full_name": "Alejandro-MartinG\/rails-PoC-CVE-2016-2098", "owner": { "login": "Alejandro-MartinG", "id": 14140693, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/14140693?v=4", "html_url": "https:\/\/github.com\/Alejandro-MartinG", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Alejandro-MartinG\/rails-PoC-CVE-2016-2098", "description": "Proof of concept CVE-2016-2098", "fork": false, "created_at": "2017-01-25T23:42:31Z", "updated_at": "2017-07-05T14:05:44Z", "pushed_at": "2017-01-25T23:46:47Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 2 }, { "id": 120927347, "name": "CVE-2016-2098", "full_name": "0x00-0x00\/CVE-2016-2098", "owner": { "login": "0x00-0x00", "id": 23364530, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/23364530?v=4", "html_url": "https:\/\/github.com\/0x00-0x00", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/0x00-0x00\/CVE-2016-2098", "description": "Ruby On Rails unrestricted render() exploit", "fork": false, "created_at": "2018-02-09T16:16:08Z", "updated_at": "2024-08-12T19:36:09Z", "pushed_at": "2018-02-09T16:17:35Z", "stargazers_count": 16, "watchers_count": 16, "has_discussions": false, "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "exploit", "rail", "rails", "render", "ruby" ], "visibility": "public", "forks": 4, "watchers": 16, "score": 0, "subscribers_count": 3 }, { "id": 137853310, "name": "CVE-2016-2098", "full_name": "its-arun\/CVE-2016-2098", "owner": { "login": "its-arun", "id": 20841421, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20841421?v=4", "html_url": "https:\/\/github.com\/its-arun", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/its-arun\/CVE-2016-2098", "description": "CVE-2016-2098 simple POC written in bash", "fork": false, "created_at": "2018-06-19T07:05:51Z", "updated_at": "2024-08-12T19:39:25Z", "pushed_at": "2020-03-11T14:30:46Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 1, "score": 0, "subscribers_count": 0 }, { "id": 218523957, "name": "CVE-2016-2098", "full_name": "3rg1s\/CVE-2016-2098", "owner": { "login": "3rg1s", "id": 16364370, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/16364370?v=4", "html_url": "https:\/\/github.com\/3rg1s", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/3rg1s\/CVE-2016-2098", "description": null, "fork": false, "created_at": "2019-10-30T12:36:38Z", "updated_at": "2019-10-30T12:39:03Z", "pushed_at": "2019-10-30T12:39:01Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve", "python" ], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 0 }, { "id": 282880213, "name": "CVE-2016-2098-my-first-exploit", "full_name": "DanielHemmati\/CVE-2016-2098-my-first-exploit", "owner": { "login": "DanielHemmati", "id": 25554446, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/25554446?v=4", "html_url": "https:\/\/github.com\/DanielHemmati", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/DanielHemmati\/CVE-2016-2098-my-first-exploit", "description": "This exploit is remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data", "fork": false, "created_at": "2020-07-27T11:38:48Z", "updated_at": "2020-07-28T04:39:07Z", "pushed_at": "2020-07-27T11:42:11Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 355436102, "name": "CVE-2016-2098", "full_name": "Debalinax64\/CVE-2016-2098", "owner": { "login": "Debalinax64", "id": 33616847, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/33616847?v=4", "html_url": "https:\/\/github.com\/Debalinax64", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Debalinax64\/CVE-2016-2098", "description": "CVE-2016-2098 - POC of RCE Ruby on Rails: Improper Input Validation (CVE-2016-2098) in bash. Remote attackers can execute arbitrary Ruby code by leveraging an application's unrestricted use of the render method.", "fork": false, "created_at": "2021-04-07T06:27:25Z", "updated_at": "2021-04-07T08:51:21Z", "pushed_at": "2021-04-07T08:48:58Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 401752555, "name": "CVE-2016-2098", "full_name": "j4k0m\/CVE-2016-2098", "owner": { "login": "j4k0m", "id": 48088579, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48088579?v=4", "html_url": "https:\/\/github.com\/j4k0m", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/j4k0m\/CVE-2016-2098", "description": "Remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data.", "fork": false, "created_at": "2021-08-31T15:25:41Z", "updated_at": "2023-11-06T10:08:29Z", "pushed_at": "2021-08-31T16:06:51Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 2 }, { "id": 540989582, "name": "CVE-2016-2098", "full_name": "Shakun8\/CVE-2016-2098", "owner": { "login": "Shakun8", "id": 87657631, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/87657631?v=4", "html_url": "https:\/\/github.com\/Shakun8", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Shakun8\/CVE-2016-2098", "description": "CVE-2016-2098 POC", "fork": false, "created_at": "2022-09-24T22:58:04Z", "updated_at": "2023-03-22T17:11:57Z", "pushed_at": "2022-09-25T14:34:19Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 788610920, "name": "Ruby-on-Rails-ActionPack-Inline-ERB-Remote-Code-Execution", "full_name": "JoseLRC97\/Ruby-on-Rails-ActionPack-Inline-ERB-Remote-Code-Execution", "owner": { "login": "JoseLRC97", "id": 56311988, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56311988?v=4", "html_url": "https:\/\/github.com\/JoseLRC97", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/JoseLRC97\/Ruby-on-Rails-ActionPack-Inline-ERB-Remote-Code-Execution", "description": "Script that exploits the vulnerability that allows remote code execution in Ruby 2.3.8 ​​with CVE-2016-2098", "fork": false, "created_at": "2024-04-18T18:45:28Z", "updated_at": "2024-04-18T18:48:28Z", "pushed_at": "2024-04-18T18:48:25Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 } ]