[ { "id": 825358517, "name": "chamilo-lms-unauthenticated-big-upload-rce-poc", "full_name": "m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", "owner": { "login": "m3m0o", "id": 130102748, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/130102748?v=4", "html_url": "https:\/\/github.com\/m3m0o", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/m3m0o\/chamilo-lms-unauthenticated-big-upload-rce-poc", "description": "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220", "fork": false, "created_at": "2024-07-07T15:08:30Z", "updated_at": "2024-10-27T17:09:40Z", "pushed_at": "2024-07-27T00:19:17Z", "stargazers_count": 22, "watchers_count": 22, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "chamilo", "chamilo-lms", "cve", "cve-2023-4220", "exploit", "rce", "rce-exploit" ], "visibility": "public", "forks": 3, "watchers": 22, "score": 0, "subscribers_count": 1 }, { "id": 825375455, "name": "Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", "full_name": "dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", "owner": { "login": "dollarboysushil", "id": 48991715, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/48991715?v=4", "html_url": "https:\/\/github.com\/dollarboysushil", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/dollarboysushil\/Chamilo-LMS-Unauthenticated-File-Upload-CVE-2023-4220", "description": "Unrestricted file upload in big file upload functionality in `\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.", "fork": false, "created_at": "2024-07-07T15:53:54Z", "updated_at": "2024-07-31T16:11:57Z", "pushed_at": "2024-07-07T16:18:13Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "chamilo-exploit", "chamilo-lms", "cve-2023-4220", "file-upload-vulnerability", "hackthebox" ], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 825400213, "name": "CVE-2023-4220", "full_name": "charlesgargasson\/CVE-2023-4220", "owner": { "login": "charlesgargasson", "id": 26895987, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/26895987?v=4", "html_url": "https:\/\/github.com\/charlesgargasson", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/charlesgargasson\/CVE-2023-4220", "description": "RCE Chamilo 1.11.24", "fork": false, "created_at": "2024-07-07T16:57:18Z", "updated_at": "2024-08-16T20:18:49Z", "pushed_at": "2024-07-11T07:27:20Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "2023", "beersel", "bigupload", "chamilo", "chamilo-lms", "cve", "cve-2023-4220", "exploit", "lms", "poc", "rce" ], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 825617104, "name": "CVE-2023-4220", "full_name": "insomnia-jacob\/CVE-2023-4220", "owner": { "login": "insomnia-jacob", "id": 174169862, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/174169862?v=4", "html_url": "https:\/\/github.com\/insomnia-jacob", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/insomnia-jacob\/CVE-2023-4220", "description": "CVE-2023-4220 POC RCE", "fork": false, "created_at": "2024-07-08T07:31:35Z", "updated_at": "2024-11-30T17:20:41Z", "pushed_at": "2024-08-07T23:36:20Z", "stargazers_count": 4, "watchers_count": 4, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 4, "score": 0, "subscribers_count": 1 }, { "id": 825678272, "name": "Chamilo-CVE-2023-4220-Exploit", "full_name": "Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit", "owner": { "login": "Ziad-Sakr", "id": 60154552, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/60154552?v=4", "html_url": "https:\/\/github.com\/Ziad-Sakr", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Ziad-Sakr\/Chamilo-CVE-2023-4220-Exploit", "description": "This is an Exploit for Unrestricted file upload in big file upload functionality in Chamilo-LMS for this location \"\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php\" in Chamilo LMS <= v1.11.24, and Attackers can obtain remote code execution via uploading of web shell.", "fork": false, "created_at": "2024-07-08T09:48:38Z", "updated_at": "2024-11-08T19:00:18Z", "pushed_at": "2024-07-08T11:55:53Z", "stargazers_count": 7, "watchers_count": 7, "has_discussions": false, "forks_count": 3, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [ "chamilo", "chamilo-lms", "cve", "exploit", "file-upload-poc", "lms", "penetration", "penetration-testing", "poc", "web-shell" ], "visibility": "public", "forks": 3, "watchers": 7, "score": 0, "subscribers_count": 1 }, { "id": 826392009, "name": "cve-2023-4220-poc", "full_name": "HO4XXX\/cve-2023-4220-poc", "owner": { "login": "HO4XXX", "id": 128794868, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/128794868?v=4", "html_url": "https:\/\/github.com\/HO4XXX", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/HO4XXX\/cve-2023-4220-poc", "description": "PoC for CVE-2023-4220 - Chamilo LMS - Unauthenticated File Upload in BigUpload", "fork": false, "created_at": "2024-07-09T16:09:18Z", "updated_at": "2024-07-10T08:14:06Z", "pushed_at": "2024-07-09T16:13:18Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 826491015, "name": "CVE-2023-4220-PoC", "full_name": "B1TC0R3\/CVE-2023-4220-PoC", "owner": { "login": "B1TC0R3", "id": 77125551, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/77125551?v=4", "html_url": "https:\/\/github.com\/B1TC0R3", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/B1TC0R3\/CVE-2023-4220-PoC", "description": "Proof of concept exploit for CVE-2023-4220", "fork": false, "created_at": "2024-07-09T20:06:40Z", "updated_at": "2024-08-19T08:41:49Z", "pushed_at": "2024-08-19T08:41:45Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 2 }, { "id": 827338519, "name": "CVE-2023-4220", "full_name": "nr4x4\/CVE-2023-4220", "owner": { "login": "nr4x4", "id": 104433163, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/104433163?v=4", "html_url": "https:\/\/github.com\/nr4x4", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/nr4x4\/CVE-2023-4220", "description": "CVE-2023–4220 Exploit", "fork": false, "created_at": "2024-07-11T13:06:17Z", "updated_at": "2024-07-12T10:21:41Z", "pushed_at": "2024-07-12T10:21:38Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 828720069, "name": "CVE-2023-4220-Exploit", "full_name": "Al3xGD\/CVE-2023-4220-Exploit", "owner": { "login": "Al3xGD", "id": 115897853, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115897853?v=4", "html_url": "https:\/\/github.com\/Al3xGD", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Al3xGD\/CVE-2023-4220-Exploit", "description": "LMS Chamilo 1.11.24 CVE-2023-4220 Exploit", "fork": false, "created_at": "2024-07-15T01:38:47Z", "updated_at": "2024-07-15T01:51:16Z", "pushed_at": "2024-07-15T01:51:13Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 837062013, "name": "chamilo-lms-unauthenticated-rce-poc", "full_name": "charchit-subedi\/chamilo-lms-unauthenticated-rce-poc", "owner": { "login": "charchit-subedi", "id": 59109697, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/59109697?v=4", "html_url": "https:\/\/github.com\/charchit-subedi", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/charchit-subedi\/chamilo-lms-unauthenticated-rce-poc", "description": "This is a script written in Python that allows the exploitation of the Chamilo's LMS software security flaw described in CVE-2023-4220 ", "fork": false, "created_at": "2024-08-02T06:14:56Z", "updated_at": "2024-08-02T06:17:33Z", "pushed_at": "2024-08-02T06:17:11Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 844242066, "name": "CVE-2023-4220-Proof-of-concept", "full_name": "LGenAgul\/CVE-2023-4220-Proof-of-concept", "owner": { "login": "LGenAgul", "id": 110150285, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110150285?v=4", "html_url": "https:\/\/github.com\/LGenAgul", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/LGenAgul\/CVE-2023-4220-Proof-of-concept", "description": "Chamilo LMS Unauthenticated Big Upload File that allows remote code execution", "fork": false, "created_at": "2024-08-18T20:00:33Z", "updated_at": "2024-08-18T20:10:32Z", "pushed_at": "2024-08-18T20:10:29Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 846844178, "name": "CVE-2023-4220", "full_name": "VanishedPeople\/CVE-2023-4220", "owner": { "login": "VanishedPeople", "id": 155242438, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/155242438?v=4", "html_url": "https:\/\/github.com\/VanishedPeople", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/VanishedPeople\/CVE-2023-4220", "description": "CVE-2023-4220 PoC Chamilo RCE", "fork": false, "created_at": "2024-08-24T05:32:31Z", "updated_at": "2024-10-21T13:18:06Z", "pushed_at": "2024-09-23T18:27:30Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 0 }, { "id": 847006463, "name": "CVE-2023-4220_Chamilo_RCE", "full_name": "thefizzyfish\/CVE-2023-4220_Chamilo_RCE", "owner": { "login": "thefizzyfish", "id": 94797978, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/94797978?v=4", "html_url": "https:\/\/github.com\/thefizzyfish", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/thefizzyfish\/CVE-2023-4220_Chamilo_RCE", "description": "Python exploit for Chamilo Unrestricted File Upload Vuln - CVE-2023-4220", "fork": false, "created_at": "2024-08-24T15:25:28Z", "updated_at": "2024-11-09T18:59:16Z", "pushed_at": "2024-10-03T19:29:01Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 848391001, "name": "CVE-2023-4220", "full_name": "qrxnz\/CVE-2023-4220", "owner": { "login": "qrxnz", "id": 176516119, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/176516119?v=4", "html_url": "https:\/\/github.com\/qrxnz", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/qrxnz\/CVE-2023-4220", "description": "CVE-2023-4220 Chamilo Exploit", "fork": false, "created_at": "2024-08-27T17:12:48Z", "updated_at": "2024-08-27T17:17:27Z", "pushed_at": "2024-08-27T17:17:11Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 851612450, "name": "Chamilo-CVE-2023-4220-RCE-Exploit", "full_name": "0x00-null\/Chamilo-CVE-2023-4220-RCE-Exploit", "owner": { "login": "0x00-null", "id": 10076254, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/10076254?v=4", "html_url": "https:\/\/github.com\/0x00-null", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/0x00-null\/Chamilo-CVE-2023-4220-RCE-Exploit", "description": "(CVE-2023-4220) Chamilo LMS Unauthenticated Big Upload File Remote Code Execution ", "fork": false, "created_at": "2024-09-03T12:16:52Z", "updated_at": "2024-09-10T12:37:45Z", "pushed_at": "2024-09-03T13:11:47Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 877083916, "name": "CVE-2023-4220-RCE", "full_name": "bueno-armando\/CVE-2023-4220-RCE", "owner": { "login": "bueno-armando", "id": 124701314, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/124701314?v=4", "html_url": "https:\/\/github.com\/bueno-armando", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/bueno-armando\/CVE-2023-4220-RCE", "description": null, "fork": false, "created_at": "2024-10-23T04:01:20Z", "updated_at": "2024-10-23T05:06:22Z", "pushed_at": "2024-10-23T05:06:18Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 879406527, "name": "Chamilo-LMS-CVE-2023-4220-Exploit", "full_name": "0xDTC\/Chamilo-LMS-CVE-2023-4220-Exploit", "owner": { "login": "0xDTC", "id": 95960398, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/95960398?v=4", "html_url": "https:\/\/github.com\/0xDTC", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/0xDTC\/Chamilo-LMS-CVE-2023-4220-Exploit", "description": "Refurbish Chamilo LMS CVE-2023-4220 exploit written in bash", "fork": false, "created_at": "2024-10-27T20:18:13Z", "updated_at": "2024-10-27T20:19:22Z", "pushed_at": "2024-10-27T20:19:19Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 882333805, "name": "CVE-2023-4220", "full_name": "H4cking4All\/CVE-2023-4220", "owner": { "login": "H4cking4All", "id": 187107603, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/187107603?v=4", "html_url": "https:\/\/github.com\/H4cking4All", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/H4cking4All\/CVE-2023-4220", "description": "CVE-2023-4220 Chamilo Exploit", "fork": false, "created_at": "2024-11-02T14:49:51Z", "updated_at": "2024-11-02T15:09:11Z", "pushed_at": "2024-11-02T15:09:08Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 886317363, "name": "CVE-2023-4220-HTB-PermX", "full_name": "oxapavan\/CVE-2023-4220-HTB-PermX", "owner": { "login": "oxapavan", "id": 106510266, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/106510266?v=4", "html_url": "https:\/\/github.com\/oxapavan", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/oxapavan\/CVE-2023-4220-HTB-PermX", "description": null, "fork": false, "created_at": "2024-11-10T18:13:18Z", "updated_at": "2024-11-11T12:18:47Z", "pushed_at": "2024-11-10T18:23:27Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 1, "score": 0, "subscribers_count": 1 }, { "id": 887758220, "name": "CVE-2023-4220", "full_name": "numaan911098\/CVE-2023-4220", "owner": { "login": "numaan911098", "id": 50366430, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50366430?v=4", "html_url": "https:\/\/github.com\/numaan911098", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/numaan911098\/CVE-2023-4220", "description": "https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2023-4220", "fork": false, "created_at": "2024-11-13T08:30:00Z", "updated_at": "2024-11-13T08:34:24Z", "pushed_at": "2024-11-13T08:34:20Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 0, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 0, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 898709513, "name": "CVE-2023-4220", "full_name": "MikeyPPPPPPPP\/CVE-2023-4220", "owner": { "login": "MikeyPPPPPPPP", "id": 50926811, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/50926811?v=4", "html_url": "https:\/\/github.com\/MikeyPPPPPPPP", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/MikeyPPPPPPPP\/CVE-2023-4220", "description": "Remote command execution exploit made for redteamers.", "fork": false, "created_at": "2024-12-04T22:16:12Z", "updated_at": "2024-12-05T08:48:28Z", "pushed_at": "2024-12-05T08:48:24Z", "stargazers_count": 0, "watchers_count": 0, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 0, "score": 0, "subscribers_count": 1 }, { "id": 899001660, "name": "CVE-2023-4220-exploit", "full_name": "Pr1or95\/CVE-2023-4220-exploit", "owner": { "login": "Pr1or95", "id": 135025186, "avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/135025186?v=4", "html_url": "https:\/\/github.com\/Pr1or95", "user_view_type": "public" }, "html_url": "https:\/\/github.com\/Pr1or95\/CVE-2023-4220-exploit", "description": "Carga de archivos sin restricciones en la funcionalidad de carga de archivos grandes en `\/main\/inc\/lib\/javascript\/bigupload\/inc\/bigUpload.php` en Chamilo LMS en versiones <= 1.11.24 permite a atacantes no autenticados realizar ataques de Cross Site Scripting almacenados y obtener código remoto ejecución mediante la carga de web shell.", "fork": false, "created_at": "2024-12-05T12:45:13Z", "updated_at": "2024-12-06T11:57:04Z", "pushed_at": "2024-12-05T13:11:39Z", "stargazers_count": 1, "watchers_count": 1, "has_discussions": false, "forks_count": 1, "allow_forking": true, "is_template": false, "web_commit_signoff_required": false, "topics": [], "visibility": "public", "forks": 1, "watchers": 1, "score": 0, "subscribers_count": 1 } ]