mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-01-15 20:32:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
PoC-in-GitHub/2024/CVE-2024-36401.json
motikan2010-bot 452adca33e Auto Update 2025/01/15 06:32:14
2025-01-15 15:32:14 +09:00

505 lines
No EOL
18 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{
"id": 824152890,
"name": "CVE-2024-36401",
"full_name": "bigb0x\/CVE-2024-36401",
"owner": {
"login": "bigb0x",
"id": 13532434,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4",
"html_url": "https:\/\/github.com\/bigb0x",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36401",
"description": "POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.",
"fork": false,
"created_at": "2024-07-04T13:19:47Z",
"updated_at": "2024-12-06T09:40:42Z",
"pushed_at": "2024-07-04T19:18:04Z",
"stargazers_count": 32,
"watchers_count": 32,
"has_discussions": false,
"forks_count": 18,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 18,
"watchers": 32,
"score": 0,
"subscribers_count": 1
},
{
"id": 824386148,
"name": "CVE-2024-36401",
"full_name": "Niuwoo\/CVE-2024-36401",
"owner": {
"login": "Niuwoo",
"id": 57100441,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57100441?v=4",
"html_url": "https:\/\/github.com\/Niuwoo",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Niuwoo\/CVE-2024-36401",
"description": "POC",
"fork": false,
"created_at": "2024-07-05T03:02:30Z",
"updated_at": "2024-11-20T16:30:53Z",
"pushed_at": "2024-07-05T03:05:39Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 824643210,
"name": "CVE-2024-36401",
"full_name": "RevoltSecurities\/CVE-2024-36401",
"owner": {
"login": "RevoltSecurities",
"id": 119435129,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4",
"html_url": "https:\/\/github.com\/RevoltSecurities",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-36401",
"description": "Exploiter a Vulnerability detection and Exploitation tool for GeoServer Unauthenticated Remote Code Execution CVE-2024-36401.",
"fork": false,
"created_at": "2024-07-05T15:24:50Z",
"updated_at": "2024-07-20T21:01:18Z",
"pushed_at": "2024-07-05T15:33:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 824794128,
"name": "CVE-2024-36401",
"full_name": "Mr-xn\/CVE-2024-36401",
"owner": {
"login": "Mr-xn",
"id": 18260135,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4",
"html_url": "https:\/\/github.com\/Mr-xn",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-36401",
"description": "Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit",
"fork": false,
"created_at": "2024-07-06T01:10:28Z",
"updated_at": "2024-12-18T15:53:25Z",
"pushed_at": "2024-07-06T01:57:58Z",
"stargazers_count": 44,
"watchers_count": 44,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2024-36401",
"geoserver",
"poc",
"rce",
"vulnerabilities"
],
"visibility": "public",
"forks": 6,
"watchers": 44,
"score": 0,
"subscribers_count": 1
},
{
"id": 827686717,
"name": "CVE-2024-36401-GeoServer-RCE",
"full_name": "jakabakos\/CVE-2024-36401-GeoServer-RCE",
"owner": {
"login": "jakabakos",
"id": 42498816,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4",
"html_url": "https:\/\/github.com\/jakabakos",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-36401-GeoServer-RCE",
"description": null,
"fork": false,
"created_at": "2024-07-12T07:01:12Z",
"updated_at": "2024-07-12T07:07:18Z",
"pushed_at": "2024-07-12T07:07:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 829775784,
"name": "geoserver-",
"full_name": "ahisec\/geoserver-",
"owner": {
"login": "ahisec",
"id": 3255339,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3255339?v=4",
"html_url": "https:\/\/github.com\/ahisec",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ahisec\/geoserver-",
"description": "geoserver CVE-2024-36401漏洞利用工具",
"fork": false,
"created_at": "2024-07-17T02:25:21Z",
"updated_at": "2025-01-14T08:01:08Z",
"pushed_at": "2024-07-24T15:33:03Z",
"stargazers_count": 17,
"watchers_count": 17,
"has_discussions": false,
"forks_count": 4,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 4,
"watchers": 17,
"score": 0,
"subscribers_count": 0
},
{
"id": 835900082,
"name": "CVE-2024-36401",
"full_name": "Chocapikk\/CVE-2024-36401",
"owner": {
"login": "Chocapikk",
"id": 88535377,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4",
"html_url": "https:\/\/github.com\/Chocapikk",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-36401",
"description": "GeoServer Remote Code Execution",
"fork": false,
"created_at": "2024-07-30T18:43:40Z",
"updated_at": "2024-12-26T04:35:42Z",
"pushed_at": "2024-08-02T14:57:26Z",
"stargazers_count": 77,
"watchers_count": 77,
"has_discussions": false,
"forks_count": 12,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 12,
"watchers": 77,
"score": 0,
"subscribers_count": 1
},
{
"id": 836929821,
"name": "CVE-2024-36401-PoC",
"full_name": "yisas93\/CVE-2024-36401-PoC",
"owner": {
"login": "yisas93",
"id": 115517295,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115517295?v=4",
"html_url": "https:\/\/github.com\/yisas93",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/yisas93\/CVE-2024-36401-PoC",
"description": null,
"fork": false,
"created_at": "2024-08-01T21:22:51Z",
"updated_at": "2024-08-01T21:30:07Z",
"pushed_at": "2024-08-01T21:30:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 848340676,
"name": "geoexplorer",
"full_name": "justin-p\/geoexplorer",
"owner": {
"login": "justin-p",
"id": 8249280,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4",
"html_url": "https:\/\/github.com\/justin-p",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/justin-p\/geoexplorer",
"description": "Mass scanner for CVE-2024-36401",
"fork": false,
"created_at": "2024-08-27T15:28:04Z",
"updated_at": "2024-10-23T10:07:20Z",
"pushed_at": "2024-08-27T16:16:15Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 856852823,
"name": "CVE-2024-36401-PoC",
"full_name": "daniellowrie\/CVE-2024-36401-PoC",
"owner": {
"login": "daniellowrie",
"id": 19762230,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19762230?v=4",
"html_url": "https:\/\/github.com\/daniellowrie",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/daniellowrie\/CVE-2024-36401-PoC",
"description": "Proof-of-Concept Exploit for CVE-2024-36401 GeoServer 2.25.1",
"fork": false,
"created_at": "2024-09-13T10:28:48Z",
"updated_at": "2024-10-12T17:59:41Z",
"pushed_at": "2024-09-26T13:20:32Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 864563382,
"name": "GeoServer-CVE-2024-36401",
"full_name": "punitdarji\/GeoServer-CVE-2024-36401",
"owner": {
"login": "punitdarji",
"id": 38101321,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4",
"html_url": "https:\/\/github.com\/punitdarji",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/punitdarji\/GeoServer-CVE-2024-36401",
"description": "GeoServer CVE-2024-36401: Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions",
"fork": false,
"created_at": "2024-09-28T14:55:50Z",
"updated_at": "2024-09-30T09:00:33Z",
"pushed_at": "2024-09-28T14:58:44Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 868038376,
"name": "CVE-2024-36401",
"full_name": "netuseradministrator\/CVE-2024-36401",
"owner": {
"login": "netuseradministrator",
"id": 96680088,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96680088?v=4",
"html_url": "https:\/\/github.com\/netuseradministrator",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/netuseradministrator\/CVE-2024-36401",
"description": "geoserver图形化漏洞利用工具",
"fork": false,
"created_at": "2024-10-05T10:08:55Z",
"updated_at": "2025-01-11T10:30:26Z",
"pushed_at": "2024-10-08T03:16:26Z",
"stargazers_count": 33,
"watchers_count": 33,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 33,
"score": 0,
"subscribers_count": 1
},
{
"id": 872538624,
"name": "CVE-2024-36401",
"full_name": "kkhackz0013\/CVE-2024-36401",
"owner": {
"login": "kkhackz0013",
"id": 183632565,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183632565?v=4",
"html_url": "https:\/\/github.com\/kkhackz0013",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kkhackz0013\/CVE-2024-36401",
"description": null,
"fork": false,
"created_at": "2024-10-14T15:57:06Z",
"updated_at": "2024-10-14T17:16:07Z",
"pushed_at": "2024-10-14T17:16:03Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 892410177,
"name": "CVE-2024-36401-WoodpeckerPlugin",
"full_name": "thestar0\/CVE-2024-36401-WoodpeckerPlugin",
"owner": {
"login": "thestar0",
"id": 97114131,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97114131?v=4",
"html_url": "https:\/\/github.com\/thestar0",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/thestar0\/CVE-2024-36401-WoodpeckerPlugin",
"description": "CVE-2024-36401-GeoServer Property 表达式注入 Rce woodpecker-framework 插件",
"fork": false,
"created_at": "2024-11-22T03:57:12Z",
"updated_at": "2024-12-18T20:13:38Z",
"pushed_at": "2024-11-23T08:24:26Z",
"stargazers_count": 12,
"watchers_count": 12,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 12,
"score": 0,
"subscribers_count": 1
},
{
"id": 892655439,
"name": "cve-2024-36401-poc",
"full_name": "XiaomingX\/cve-2024-36401-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-36401-poc",
"description": "CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时将其不安全地解析为XPath表达式。具体而言GeoServer调用的GeoTools库API在评估要素类型的属性名称时以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码攻击者可以通过构造特定的输入利用多个OGC请求参数如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等在未经身份验证的情况下远程执行任意代码。 ",
"fork": false,
"created_at": "2024-11-22T14:21:53Z",
"updated_at": "2025-01-13T18:17:29Z",
"pushed_at": "2024-11-22T14:22:57Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 895213731,
"name": "CVE-2024-36401",
"full_name": "0x0d3ad\/CVE-2024-36401",
"owner": {
"login": "0x0d3ad",
"id": 18898977,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4",
"html_url": "https:\/\/github.com\/0x0d3ad",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-36401",
"description": "CVE-2024-36401 (GeoServer Remote Code Execution)",
"fork": false,
"created_at": "2024-11-27T19:13:49Z",
"updated_at": "2024-11-30T19:28:17Z",
"pushed_at": "2024-11-30T19:28:14Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 2,
"score": 0,
"subscribers_count": 1
}
]
Reference in a new issue View git blame Copy permalink