[ { "id": 671748014, "name": "CVE-2023-38646--Metabase-", "full_name": "adriyansyah-mf\/CVE-2023-38646--Metabase-", "owner": { "login": "adriyansyah-mf", "id": 72158292, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/72158292?v=4", "html_url": "https:\/\/github.com\/adriyansyah-mf" }, "html_url": "https:\/\/github.com\/adriyansyah-mf\/CVE-2023-38646--Metabase-", "description": null, "fork": false, "created_at": "2023-07-28T03:39:07Z", "updated_at": "2023-08-02T03:02:30Z", "pushed_at": "2023-07-28T03:39:07Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 671894212, "name": "POC_Metabase_CVE-2023-38646", "full_name": "Pumpkin-Garden\/POC_Metabase_CVE-2023-38646", "owner": { "login": "Pumpkin-Garden", "id": 74209689, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74209689?v=4", "html_url": "https:\/\/github.com\/Pumpkin-Garden" }, "html_url": "https:\/\/github.com\/Pumpkin-Garden\/POC_Metabase_CVE-2023-38646", "description": "For educational purposes only", "fork": false, "created_at": "2023-07-28T11:43:06Z", "updated_at": "2023-07-31T05:37:00Z", "pushed_at": "2023-07-28T12:28:52Z", "stargazers_count": 7, "watchers_count": 7, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 7, "score": 0, "subscribers_count": 1 }, { "id": 672258181, "name": "CVE-2023-38646", "full_name": "0xrobiul\/CVE-2023-38646", "owner": { "login": "0xrobiul", "id": 100078094, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100078094?v=4", "html_url": "https:\/\/github.com\/0xrobiul" }, "html_url": "https:\/\/github.com\/0xrobiul\/CVE-2023-38646", "description": "Metabase Pre-auth RCE (CVE-2023-38646)!!", "fork": false, "created_at": "2023-07-29T13:07:00Z", "updated_at": "2023-12-08T21:41:10Z", "pushed_at": "2023-07-29T14:02:24Z", "stargazers_count": 13, "watchers_count": 13, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "0day", "cve", "cve-2023-38646", "metabase", "zeroday" ], "visibility": "public", "forks": 3, "watchers": 13, "score": 0, "subscribers_count": 1 }, { "id": 672405863, "name": "CVE-2023-38646", "full_name": "Chocapikk\/CVE-2023-38646", "owner": { "login": "Chocapikk", "id": 88535377, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4", "html_url": "https:\/\/github.com\/Chocapikk" }, "html_url": "https:\/\/github.com\/Chocapikk\/CVE-2023-38646", "description": "Remote Code Execution on Metabase CVE-2023-38646", "fork": false, "created_at": "2023-07-30T01:12:24Z", "updated_at": "2023-11-13T09:05:01Z", "pushed_at": "2023-07-30T01:12:52Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 2 }, { "id": 672496252, "name": "CVE-2023-38646-Poc", "full_name": "Xuxfff\/CVE-2023-38646-Poc", "owner": { "login": "Xuxfff", "id": 82816273, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/82816273?v=4", "html_url": "https:\/\/github.com\/Xuxfff" }, "html_url": "https:\/\/github.com\/Xuxfff\/CVE-2023-38646-Poc", "description": null, "fork": false, "created_at": "2023-07-30T09:33:28Z", "updated_at": "2023-08-22T15:48:58Z", "pushed_at": "2023-07-30T09:39:43Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 2, "score": 0, "subscribers_count": 1 }, { "id": 672501684, "name": "CVE-2023-38646", "full_name": "securezeron\/CVE-2023-38646", "owner": { "login": "securezeron", "id": 94959126, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94959126?v=4", "html_url": "https:\/\/github.com\/securezeron" }, "html_url": "https:\/\/github.com\/securezeron\/CVE-2023-38646", "description": "POC for CVE-2023-38646", "fork": false, "created_at": "2023-07-30T09:56:52Z", "updated_at": "2024-03-04T19:26:24Z", "pushed_at": "2023-12-07T11:10:46Z", "stargazers_count": 19, "watchers_count": 19, "has_discussions": false, "forks_count": 12, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 12, "watchers": 19, "score": 0, "subscribers_count": 0 }, { "id": 672759334, "name": "CVE-2023-38646", "full_name": "raytheon0x21\/CVE-2023-38646", "owner": { "login": "raytheon0x21", "id": 92903333, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92903333?v=4", "html_url": "https:\/\/github.com\/raytheon0x21" }, "html_url": "https:\/\/github.com\/raytheon0x21\/CVE-2023-38646", "description": "Tools to exploit metabase CVE-2023-38646", "fork": false, "created_at": "2023-07-31T05:25:37Z", "updated_at": "2023-08-27T15:13:18Z", "pushed_at": "2023-08-11T03:12:13Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2023-38646", "metabase-exploit" ], "visibility": "public", "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 672876505, "name": "CVE-2023-38646", "full_name": "Zenmovie\/CVE-2023-38646", "owner": { "login": "Zenmovie", "id": 98185655, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98185655?v=4", "html_url": "https:\/\/github.com\/Zenmovie" }, "html_url": "https:\/\/github.com\/Zenmovie\/CVE-2023-38646", "description": "Proof of Concept for CVE-2023-38646", "fork": false, "created_at": "2023-07-31T11:18:21Z", "updated_at": "2023-08-08T17:28:41Z", "pushed_at": "2023-10-08T02:29:00Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 3, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 673808642, "name": "CVE-2023-38646-PoC", "full_name": "shamo0\/CVE-2023-38646-PoC", "owner": { "login": "shamo0", "id": 48299520, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48299520?v=4", "html_url": "https:\/\/github.com\/shamo0" }, "html_url": "https:\/\/github.com\/shamo0\/CVE-2023-38646-PoC", "description": "Metabase Pre-auth RCE", "fork": false, "created_at": "2023-08-02T13:21:58Z", "updated_at": "2024-03-11T13:13:07Z", "pushed_at": "2023-08-03T10:07:15Z", "stargazers_count": 11, "watchers_count": 11, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "code", "critical", "cve-2023-38646", "execution", "metabase", "open", "pre-authentication", "rce", "remote", "source" ], "visibility": "public", "forks": 1, "watchers": 11, "score": 0, "subscribers_count": 1 }, { "id": 674132744, "name": "CVE-2023-38646-POC", "full_name": "fidjiw\/CVE-2023-38646-POC", "owner": { "login": "fidjiw", "id": 49848047, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/49848047?v=4", "html_url": "https:\/\/github.com\/fidjiw" }, "html_url": "https:\/\/github.com\/fidjiw\/CVE-2023-38646-POC", "description": "CVE-2023-38646-POC", "fork": false, "created_at": "2023-08-03T08:06:10Z", "updated_at": "2023-08-03T08:14:22Z", "pushed_at": "2023-08-03T08:06:56Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 676389652, "name": "cve-2023-38646-metabase-ReverseShell", "full_name": "Any3ite\/cve-2023-38646-metabase-ReverseShell", "owner": { "login": "Any3ite", "id": 20638313, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20638313?v=4", "html_url": "https:\/\/github.com\/Any3ite" }, "html_url": "https:\/\/github.com\/Any3ite\/cve-2023-38646-metabase-ReverseShell", "description": null, "fork": false, "created_at": "2023-08-09T05:07:11Z", "updated_at": "2023-08-09T09:46:25Z", "pushed_at": "2023-08-09T05:11:58Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 676573097, "name": "CVE-2023-38646", "full_name": "robotmikhro\/CVE-2023-38646", "owner": { "login": "robotmikhro", "id": 45282185, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/45282185?v=4", "html_url": "https:\/\/github.com\/robotmikhro" }, "html_url": "https:\/\/github.com\/robotmikhro\/CVE-2023-38646", "description": "Automatic Tools For Metabase Exploit Known As CVE-2023-38646", "fork": false, "created_at": "2023-08-09T14:05:24Z", "updated_at": "2024-01-17T09:48:45Z", "pushed_at": "2023-08-11T10:31:01Z", "stargazers_count": 28, "watchers_count": 28, "has_discussions": false, "forks_count": 6, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 6, "watchers": 28, "score": 0, "subscribers_count": 1 }, { "id": 680483538, "name": "CVE-2023-38646", "full_name": "kh4sh3i\/CVE-2023-38646", "owner": { "login": "kh4sh3i", "id": 64693844, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64693844?v=4", "html_url": "https:\/\/github.com\/kh4sh3i" }, "html_url": "https:\/\/github.com\/kh4sh3i\/CVE-2023-38646", "description": "Metabase Pre-auth RCE (CVE-2023-38646)", "fork": false, "created_at": "2023-08-19T11:47:08Z", "updated_at": "2023-12-10T21:28:59Z", "pushed_at": "2023-08-19T12:18:45Z", "stargazers_count": 6, "watchers_count": 6, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "0day", "0day-exploit", "cve", "cve-2023-38646", "cve2023", "exploit", "metabase", "metabase-api", "preauth-rce", "python", "rce", "rce-exploit", "scanner", "zeroday" ], "visibility": "public", "forks": 0, "watchers": 6, "score": 0, "subscribers_count": 1 }, { "id": 701915266, "name": "CVE-2023-38646", "full_name": "joaoviictorti\/CVE-2023-38646", "owner": { "login": "joaoviictorti", "id": 85838827, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/85838827?v=4", "html_url": "https:\/\/github.com\/joaoviictorti" }, "html_url": "https:\/\/github.com\/joaoviictorti\/CVE-2023-38646", "description": "CVE-2023-38646 (Pre-Auth RCE in Metabase)", "fork": false, "created_at": "2023-10-08T00:21:07Z", "updated_at": "2023-10-08T00:22:25Z", "pushed_at": "2023-11-22T21:46:53Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 701997863, "name": "CVE-2023-38646", "full_name": "yxl2001\/CVE-2023-38646", "owner": { "login": "yxl2001", "id": 56950033, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56950033?v=4", "html_url": "https:\/\/github.com\/yxl2001" }, "html_url": "https:\/\/github.com\/yxl2001\/CVE-2023-38646", "description": null, "fork": false, "created_at": "2023-10-08T07:36:57Z", "updated_at": "2023-10-08T07:47:59Z", "pushed_at": "2023-10-08T07:51:08Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 702119098, "name": "CVE-2023-38646", "full_name": "alexandre-pecorilla\/CVE-2023-38646", "owner": { "login": "alexandre-pecorilla", "id": 76220633, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/76220633?v=4", "html_url": "https:\/\/github.com\/alexandre-pecorilla" }, "html_url": "https:\/\/github.com\/alexandre-pecorilla\/CVE-2023-38646", "description": "CVE-2023-38646 Pre-Auth RCE in Metabase", "fork": false, "created_at": "2023-10-08T14:52:35Z", "updated_at": "2023-10-10T18:09:37Z", "pushed_at": "2023-10-08T15:25:52Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 702912772, "name": "Metabase-H2-CVE-2023-38646-", "full_name": "CN016\/Metabase-H2-CVE-2023-38646-", "owner": { "login": "CN016", "id": 108575004, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/108575004?v=4", "html_url": "https:\/\/github.com\/CN016" }, "html_url": "https:\/\/github.com\/CN016\/Metabase-H2-CVE-2023-38646-", "description": "Metabase H2 远程代码执行漏洞(CVE-2023-38646)", "fork": false, "created_at": "2023-10-10T08:45:14Z", "updated_at": "2023-10-10T08:45:57Z", "pushed_at": "2023-10-10T08:45:51Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 703324516, "name": "MetabaseRceTools", "full_name": "Boogipop\/MetabaseRceTools", "owner": { "login": "Boogipop", "id": 114604850, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/114604850?v=4", "html_url": "https:\/\/github.com\/Boogipop" }, "html_url": "https:\/\/github.com\/Boogipop\/MetabaseRceTools", "description": "CVE-2023-38646 Metabase RCE", "fork": false, "created_at": "2023-10-11T03:18:09Z", "updated_at": "2024-03-05T08:12:37Z", "pushed_at": "2023-10-11T04:06:43Z", "stargazers_count": 45, "watchers_count": 45, "has_discussions": false, "forks_count": 4, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "cve-2023-38646", "gui", "metabase", "rce" ], "visibility": "public", "forks": 4, "watchers": 45, "score": 0, "subscribers_count": 2 }, { "id": 703617395, "name": "CVE-2023-38646", "full_name": "SUT0L\/CVE-2023-38646", "owner": { "login": "SUT0L", "id": 117520656, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117520656?v=4", "html_url": "https:\/\/github.com\/SUT0L" }, "html_url": "https:\/\/github.com\/SUT0L\/CVE-2023-38646", "description": "CVE-2023-38646 Metabase 0.46.6 exploit", "fork": false, "created_at": "2023-10-11T15:18:25Z", "updated_at": "2024-03-04T23:01:56Z", "pushed_at": "2023-10-11T15:26:44Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 703739148, "name": "CVE-2023-38646", "full_name": "nickswink\/CVE-2023-38646", "owner": { "login": "nickswink", "id": 57839593, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57839593?v=4", "html_url": "https:\/\/github.com\/nickswink" }, "html_url": "https:\/\/github.com\/nickswink\/CVE-2023-38646", "description": "CVE-2023-38646 Unauthenticated RCE vulnerability in Metabase ", "fork": false, "created_at": "2023-10-11T20:17:14Z", "updated_at": "2023-11-03T07:26:19Z", "pushed_at": "2023-10-12T14:41:02Z", "stargazers_count": 3, "watchers_count": 3, "has_discussions": false, "forks_count": 2, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 2, "watchers": 3, "score": 0, "subscribers_count": 1 }, { "id": 703830211, "name": "CVE-2023-38646", "full_name": "passwa11\/CVE-2023-38646", "owner": { "login": "passwa11", "id": 112363374, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/112363374?v=4", "html_url": "https:\/\/github.com\/passwa11" }, "html_url": "https:\/\/github.com\/passwa11\/CVE-2023-38646", "description": null, "fork": false, "created_at": "2023-10-12T02:24:12Z", "updated_at": "2023-10-12T02:24:24Z", "pushed_at": "2023-10-12T02:24:21Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 704099223, "name": "CVE-2023-38646", "full_name": "threatHNTR\/CVE-2023-38646", "owner": { "login": "threatHNTR", "id": 102164992, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/102164992?v=4", "html_url": "https:\/\/github.com\/threatHNTR" }, "html_url": "https:\/\/github.com\/threatHNTR\/CVE-2023-38646", "description": "This is a Proof of Concept (PoC) script for exploiting Metabase, an open-source business intelligence and data analytics tool.", "fork": false, "created_at": "2023-10-12T14:32:17Z", "updated_at": "2023-12-04T16:03:16Z", "pushed_at": "2023-10-17T22:12:30Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 704953176, "name": "CVE-2023-38646", "full_name": "asepsaepdin\/CVE-2023-38646", "owner": { "login": "asepsaepdin", "id": 122620685, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/122620685?v=4", "html_url": "https:\/\/github.com\/asepsaepdin" }, "html_url": "https:\/\/github.com\/asepsaepdin\/CVE-2023-38646", "description": null, "fork": false, "created_at": "2023-10-14T15:56:18Z", "updated_at": "2023-10-14T15:57:18Z", "pushed_at": "2023-10-14T16:56:02Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 705088605, "name": "CVE-2023-38646", "full_name": "Pyr0sec\/CVE-2023-38646", "owner": { "login": "Pyr0sec", "id": 74669749, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/74669749?v=4", "html_url": "https:\/\/github.com\/Pyr0sec" }, "html_url": "https:\/\/github.com\/Pyr0sec\/CVE-2023-38646", "description": "Exploit script for Pre-Auth RCE in Metabase (CVE-2023-38646)", "fork": false, "created_at": "2023-10-15T01:29:37Z", "updated_at": "2024-01-03T23:07:05Z", "pushed_at": "2023-10-15T01:51:31Z", "stargazers_count": 5, "watchers_count": 5, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 5, "score": 0, "subscribers_count": 1 }, { "id": 706044373, "name": "CVE-2023-38646", "full_name": "birdm4nw\/CVE-2023-38646", "owner": { "login": "birdm4nw", "id": 81826371, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/81826371?v=4", "html_url": "https:\/\/github.com\/birdm4nw" }, "html_url": "https:\/\/github.com\/birdm4nw\/CVE-2023-38646", "description": "Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.", "fork": false, "created_at": "2023-10-17T07:43:58Z", "updated_at": "2023-10-17T07:45:26Z", "pushed_at": "2023-10-17T08:01:32Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 707752489, "name": "CVE-2023-38646", "full_name": "AnvithLobo\/CVE-2023-38646", "owner": { "login": "AnvithLobo", "id": 64419387, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/64419387?v=4", "html_url": "https:\/\/github.com\/AnvithLobo" }, "html_url": "https:\/\/github.com\/AnvithLobo\/CVE-2023-38646", "description": "RCE Exploit for CVE-2023-38646", "fork": false, "created_at": "2023-10-20T15:21:08Z", "updated_at": "2023-10-20T15:21:15Z", "pushed_at": "2023-10-27T07:58:14Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 709928112, "name": "CVE-2023-38646", "full_name": "Red4mber\/CVE-2023-38646", "owner": { "login": "Red4mber", "id": 58694886, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/58694886?v=4", "html_url": "https:\/\/github.com\/Red4mber" }, "html_url": "https:\/\/github.com\/Red4mber\/CVE-2023-38646", "description": "Python script to exploit CVE-2023-38646 Metabase Pre-Auth RCE via SQL injection", "fork": false, "created_at": "2023-10-25T17:10:53Z", "updated_at": "2023-10-26T10:35:14Z", "pushed_at": "2023-10-26T10:32:23Z", "stargazers_count": 2, "watchers_count": 2, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 2, "score": 0, "subscribers_count": 1 }, { "id": 710257770, "name": "CVE-2023-38646", "full_name": "junnythemarksman\/CVE-2023-38646", "owner": { "login": "junnythemarksman", "id": 20056452, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/20056452?v=4", "html_url": "https:\/\/github.com\/junnythemarksman" }, "html_url": "https:\/\/github.com\/junnythemarksman\/CVE-2023-38646", "description": "Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.", "fork": false, "created_at": "2023-10-26T10:37:23Z", "updated_at": "2023-10-26T10:39:35Z", "pushed_at": "2023-10-26T11:18:02Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 715398190, "name": "CVE-2023-38646", "full_name": "Mrunalkaran\/CVE-2023-38646", "owner": { "login": "Mrunalkaran", "id": 12004564, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/12004564?v=4", "html_url": "https:\/\/github.com\/Mrunalkaran" }, "html_url": "https:\/\/github.com\/Mrunalkaran\/CVE-2023-38646", "description": "Metabase Pre-Auth RCE POC", "fork": false, "created_at": "2023-11-07T03:57:15Z", "updated_at": "2023-11-07T04:17:08Z", "pushed_at": "2023-11-07T05:10:02Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 716592824, "name": "CVE-2023-38646", "full_name": "j0yb0y0h\/CVE-2023-38646", "owner": { "login": "j0yb0y0h", "id": 143268493, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/143268493?v=4", "html_url": "https:\/\/github.com\/j0yb0y0h" }, "html_url": "https:\/\/github.com\/j0yb0y0h\/CVE-2023-38646", "description": "Code to detect\/exploit vulnerable metabase application", "fork": false, "created_at": "2023-11-09T13:13:25Z", "updated_at": "2023-11-09T14:56:15Z", "pushed_at": "2023-11-09T14:56:12Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 723442683, "name": "CVE-2023-38646", "full_name": "Ego1stoo\/CVE-2023-38646", "owner": { "login": "Ego1stoo", "id": 53305928, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/53305928?v=4", "html_url": "https:\/\/github.com\/Ego1stoo" }, "html_url": "https:\/\/github.com\/Ego1stoo\/CVE-2023-38646", "description": "Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.", "fork": false, "created_at": "2023-11-25T17:22:22Z", "updated_at": "2023-11-26T03:22:51Z", "pushed_at": "2023-11-26T04:01:45Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 729952479, "name": "Another-Metabase-RCE-CVE-2023-38646", "full_name": "0utl4nder\/Another-Metabase-RCE-CVE-2023-38646", "owner": { "login": "0utl4nder", "id": 117042369, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/117042369?v=4", "html_url": "https:\/\/github.com\/0utl4nder" }, "html_url": "https:\/\/github.com\/0utl4nder\/Another-Metabase-RCE-CVE-2023-38646", "description": "Metabase postgres (org.h2.Driver) RCE without INIT", "fork": false, "created_at": "2023-12-10T21:07:10Z", "updated_at": "2023-12-12T03:26:37Z", "pushed_at": "2023-12-12T22:40:44Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 749427663, "name": "MetabaseRCE_CVE-2023-38646", "full_name": "Shisones\/MetabaseRCE_CVE-2023-38646", "owner": { "login": "Shisones", "id": 126447666, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/126447666?v=4", "html_url": "https:\/\/github.com\/Shisones" }, "html_url": "https:\/\/github.com\/Shisones\/MetabaseRCE_CVE-2023-38646", "description": null, "fork": false, "created_at": "2024-01-28T15:01:40Z", "updated_at": "2024-02-04T09:59:32Z", "pushed_at": "2024-02-19T03:59:06Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 760212653, "name": "METABASE-RCE-CVE-2023-38646-", "full_name": "acesoyeo\/METABASE-RCE-CVE-2023-38646-", "owner": { "login": "acesoyeo", "id": 127269737, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/127269737?v=4", "html_url": "https:\/\/github.com\/acesoyeo" }, "html_url": "https:\/\/github.com\/acesoyeo\/METABASE-RCE-CVE-2023-38646-", "description": null, "fork": false, "created_at": "2024-02-20T01:51:47Z", "updated_at": "2024-02-20T01:54:06Z", "pushed_at": "2024-02-20T01:57:09Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 761543979, "name": "Exploit-CVE-2023-38646-Metabase", "full_name": "UserConnecting\/Exploit-CVE-2023-38646-Metabase", "owner": { "login": "UserConnecting", "id": 97047842, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97047842?v=4", "html_url": "https:\/\/github.com\/UserConnecting" }, "html_url": "https:\/\/github.com\/UserConnecting\/Exploit-CVE-2023-38646-Metabase", "description": "Exploit for the Remote Code Execution (RCE) vulnerability identified in Metabase versions before 0.46.6.1 (open source) and 1.46.6.1 (Enterprise). Authentication is not required for exploitation.", "fork": false, "created_at": "2024-02-22T02:55:55Z", "updated_at": "2024-03-01T02:06:33Z", "pushed_at": "2024-02-22T03:12:11Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 } ]