mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-12-27 14:45:33 +01:00
Code Issues Projects Releases Packages Wiki Activity
PoC-in-GitHub/2024/CVE-2024-36401.json
motikan2010-bot 5bd9ef74ee Auto Update 2025/08/27 06:37:47
2025-08-27 15:37:47 +09:00

634 lines
No EOL
23 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{
"id": 824152890,
"name": "CVE-2024-36401",
"full_name": "bigb0x\/CVE-2024-36401",
"owner": {
"login": "bigb0x",
"id": 13532434,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/13532434?v=4",
"html_url": "https:\/\/github.com\/bigb0x",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/bigb0x\/CVE-2024-36401",
"description": "POC for CVE-2024-36401. This POC will attempt to establish a reverse shell from the vlun targets.",
"fork": false,
"created_at": "2024-07-04T13:19:47Z",
"updated_at": "2025-03-18T17:59:24Z",
"pushed_at": "2024-07-04T19:18:04Z",
"stargazers_count": 33,
"watchers_count": 33,
"has_discussions": false,
"forks_count": 16,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 16,
"watchers": 33,
"score": 0,
"subscribers_count": 1
},
{
"id": 824386148,
"name": "CVE-2024-36401",
"full_name": "Niuwoo\/CVE-2024-36401",
"owner": {
"login": "Niuwoo",
"id": 57100441,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/57100441?v=4",
"html_url": "https:\/\/github.com\/Niuwoo",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Niuwoo\/CVE-2024-36401",
"description": "POC",
"fork": false,
"created_at": "2024-07-05T03:02:30Z",
"updated_at": "2025-03-18T17:59:24Z",
"pushed_at": "2024-07-05T03:05:39Z",
"stargazers_count": 4,
"watchers_count": 4,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 4,
"score": 0,
"subscribers_count": 1
},
{
"id": 824643210,
"name": "CVE-2024-36401",
"full_name": "RevoltSecurities\/CVE-2024-36401",
"owner": {
"login": "RevoltSecurities",
"id": 119435129,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/119435129?v=4",
"html_url": "https:\/\/github.com\/RevoltSecurities",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/RevoltSecurities\/CVE-2024-36401",
"description": "Exploiter a Vulnerability detection and Exploitation tool for GeoServer Unauthenticated Remote Code Execution CVE-2024-36401.",
"fork": false,
"created_at": "2024-07-05T15:24:50Z",
"updated_at": "2025-06-04T05:49:17Z",
"pushed_at": "2024-07-05T15:33:09Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 1,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 1,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 824794128,
"name": "CVE-2024-36401",
"full_name": "Mr-xn\/CVE-2024-36401",
"owner": {
"login": "Mr-xn",
"id": 18260135,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18260135?v=4",
"html_url": "https:\/\/github.com\/Mr-xn",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Mr-xn\/CVE-2024-36401",
"description": "Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit",
"fork": false,
"created_at": "2024-07-06T01:10:28Z",
"updated_at": "2025-08-11T06:42:55Z",
"pushed_at": "2024-07-06T01:57:58Z",
"stargazers_count": 51,
"watchers_count": 51,
"has_discussions": false,
"forks_count": 7,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve",
"cve-2024-36401",
"geoserver",
"poc",
"rce",
"vulnerabilities"
],
"visibility": "public",
"forks": 7,
"watchers": 51,
"score": 0,
"subscribers_count": 1
},
{
"id": 827686717,
"name": "CVE-2024-36401-GeoServer-RCE",
"full_name": "jakabakos\/CVE-2024-36401-GeoServer-RCE",
"owner": {
"login": "jakabakos",
"id": 42498816,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/42498816?v=4",
"html_url": "https:\/\/github.com\/jakabakos",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/jakabakos\/CVE-2024-36401-GeoServer-RCE",
"description": null,
"fork": false,
"created_at": "2024-07-12T07:01:12Z",
"updated_at": "2024-07-12T07:07:18Z",
"pushed_at": "2024-07-12T07:07:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 829775784,
"name": "geoserver-",
"full_name": "ahisec\/geoserver-",
"owner": {
"login": "ahisec",
"id": 3255339,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/3255339?v=4",
"html_url": "https:\/\/github.com\/ahisec",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ahisec\/geoserver-",
"description": "geoserver CVE-2024-36401漏洞利用工具",
"fork": false,
"created_at": "2024-07-17T02:25:21Z",
"updated_at": "2025-08-23T16:44:53Z",
"pushed_at": "2024-07-24T15:33:03Z",
"stargazers_count": 36,
"watchers_count": 36,
"has_discussions": false,
"forks_count": 6,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 6,
"watchers": 36,
"score": 0,
"subscribers_count": 0
},
{
"id": 835900082,
"name": "CVE-2024-36401",
"full_name": "Chocapikk\/CVE-2024-36401",
"owner": {
"login": "Chocapikk",
"id": 88535377,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/88535377?v=4",
"html_url": "https:\/\/github.com\/Chocapikk",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Chocapikk\/CVE-2024-36401",
"description": "GeoServer Remote Code Execution",
"fork": false,
"created_at": "2024-07-30T18:43:40Z",
"updated_at": "2025-07-20T00:51:46Z",
"pushed_at": "2025-04-06T16:50:10Z",
"stargazers_count": 82,
"watchers_count": 82,
"has_discussions": false,
"forks_count": 13,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 13,
"watchers": 82,
"score": 0,
"subscribers_count": 1
},
{
"id": 836929821,
"name": "CVE-2024-36401-PoC",
"full_name": "y1s4s\/CVE-2024-36401-PoC",
"owner": {
"login": "y1s4s",
"id": 115517295,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/115517295?v=4",
"html_url": "https:\/\/github.com\/y1s4s",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/y1s4s\/CVE-2024-36401-PoC",
"description": null,
"fork": false,
"created_at": "2024-08-01T21:22:51Z",
"updated_at": "2024-08-01T21:30:07Z",
"pushed_at": "2024-08-01T21:30:04Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 848340676,
"name": "geoexplorer",
"full_name": "justin-p\/geoexplorer",
"owner": {
"login": "justin-p",
"id": 8249280,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/8249280?v=4",
"html_url": "https:\/\/github.com\/justin-p",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/justin-p\/geoexplorer",
"description": "Mass scanner for CVE-2024-36401",
"fork": false,
"created_at": "2024-08-27T15:28:04Z",
"updated_at": "2024-10-23T10:07:20Z",
"pushed_at": "2024-08-27T16:16:15Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 856852823,
"name": "CVE-2024-36401-PoC",
"full_name": "daniellowrie\/CVE-2024-36401-PoC",
"owner": {
"login": "daniellowrie",
"id": 19762230,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/19762230?v=4",
"html_url": "https:\/\/github.com\/daniellowrie",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/daniellowrie\/CVE-2024-36401-PoC",
"description": "Proof-of-Concept Exploit for CVE-2024-36401 GeoServer 2.25.1",
"fork": false,
"created_at": "2024-09-13T10:28:48Z",
"updated_at": "2025-08-22T14:30:51Z",
"pushed_at": "2024-09-26T13:20:32Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 3,
"score": 0,
"subscribers_count": 1
},
{
"id": 864563382,
"name": "GeoServer-CVE-2024-36401",
"full_name": "punitdarji\/GeoServer-CVE-2024-36401",
"owner": {
"login": "punitdarji",
"id": 38101321,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/38101321?v=4",
"html_url": "https:\/\/github.com\/punitdarji",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/punitdarji\/GeoServer-CVE-2024-36401",
"description": "GeoServer CVE-2024-36401: Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions",
"fork": false,
"created_at": "2024-09-28T14:55:50Z",
"updated_at": "2025-08-07T03:14:14Z",
"pushed_at": "2024-09-28T14:58:44Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 868038376,
"name": "CVE-2024-36401",
"full_name": "netuseradministrator\/CVE-2024-36401",
"owner": {
"login": "netuseradministrator",
"id": 96680088,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/96680088?v=4",
"html_url": "https:\/\/github.com\/netuseradministrator",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/netuseradministrator\/CVE-2024-36401",
"description": "geoserver图形化漏洞利用工具",
"fork": false,
"created_at": "2024-10-05T10:08:55Z",
"updated_at": "2025-08-27T02:21:16Z",
"pushed_at": "2025-03-04T07:08:14Z",
"stargazers_count": 58,
"watchers_count": 58,
"has_discussions": false,
"forks_count": 3,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 3,
"watchers": 58,
"score": 0,
"subscribers_count": 1
},
{
"id": 872538624,
"name": "CVE-2024-36401",
"full_name": "kkhackz0013\/CVE-2024-36401",
"owner": {
"login": "kkhackz0013",
"id": 183632565,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/183632565?v=4",
"html_url": "https:\/\/github.com\/kkhackz0013",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/kkhackz0013\/CVE-2024-36401",
"description": null,
"fork": false,
"created_at": "2024-10-14T15:57:06Z",
"updated_at": "2024-10-14T17:16:07Z",
"pushed_at": "2024-10-14T17:16:03Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 892410177,
"name": "CVE-2024-36401-WoodpeckerPlugin",
"full_name": "thestar0\/CVE-2024-36401-WoodpeckerPlugin",
"owner": {
"login": "thestar0",
"id": 97114131,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/97114131?v=4",
"html_url": "https:\/\/github.com\/thestar0",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/thestar0\/CVE-2024-36401-WoodpeckerPlugin",
"description": "CVE-2024-36401-GeoServer Property 表达式注入 Rce woodpecker-framework 插件",
"fork": false,
"created_at": "2024-11-22T03:57:12Z",
"updated_at": "2025-07-16T04:18:36Z",
"pushed_at": "2024-11-23T08:24:26Z",
"stargazers_count": 14,
"watchers_count": 14,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 14,
"score": 0,
"subscribers_count": 1
},
{
"id": 892655439,
"name": "cve-2024-36401-poc",
"full_name": "XiaomingX\/cve-2024-36401-poc",
"owner": {
"login": "XiaomingX",
"id": 5387930,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/5387930?v=4",
"html_url": "https:\/\/github.com\/XiaomingX",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/XiaomingX\/cve-2024-36401-poc",
"description": "CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时将其不安全地解析为XPath表达式。具体而言GeoServer调用的GeoTools库API在评估要素类型的属性名称时以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码攻击者可以通过构造特定的输入利用多个OGC请求参数如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等在未经身份验证的情况下远程执行任意代码。 ",
"fork": false,
"created_at": "2024-11-22T14:21:53Z",
"updated_at": "2025-01-22T06:18:49Z",
"pushed_at": "2024-11-22T14:22:57Z",
"stargazers_count": 5,
"watchers_count": 5,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 5,
"score": 0,
"subscribers_count": 1
},
{
"id": 895213731,
"name": "CVE-2024-36401",
"full_name": "0x0d3ad\/CVE-2024-36401",
"owner": {
"login": "0x0d3ad",
"id": 18898977,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/18898977?v=4",
"html_url": "https:\/\/github.com\/0x0d3ad",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/0x0d3ad\/CVE-2024-36401",
"description": "CVE-2024-36401 (GeoServer Remote Code Execution)",
"fork": false,
"created_at": "2024-11-27T19:13:49Z",
"updated_at": "2024-11-30T19:28:17Z",
"pushed_at": "2024-11-30T19:28:14Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 1
},
{
"id": 913197892,
"name": "GeoServerExploit",
"full_name": "whitebear-ch\/GeoServerExploit",
"owner": {
"login": "whitebear-ch",
"id": 79890141,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/79890141?v=4",
"html_url": "https:\/\/github.com\/whitebear-ch",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/whitebear-ch\/GeoServerExploit",
"description": "GeoServerCVE-2024-36401\/CVE-2024-36404漏洞利用工具",
"fork": false,
"created_at": "2025-01-07T08:13:39Z",
"updated_at": "2025-08-21T03:55:33Z",
"pushed_at": "2025-01-17T08:36:48Z",
"stargazers_count": 105,
"watchers_count": 105,
"has_discussions": false,
"forks_count": 5,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [
"cve-2024-36401",
"cve-2024-36404",
"exploit",
"geoserver"
],
"visibility": "public",
"forks": 5,
"watchers": 105,
"score": 0,
"subscribers_count": 1
},
{
"id": 964348748,
"name": "GeoServer-Tools-CVE-2024-36401",
"full_name": "bmth666\/GeoServer-Tools-CVE-2024-36401",
"owner": {
"login": "bmth666",
"id": 56423559,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/56423559?v=4",
"html_url": "https:\/\/github.com\/bmth666",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/bmth666\/GeoServer-Tools-CVE-2024-36401",
"description": "CVE-2024-36401 图形化利用工具支持各个JDK版本利用以及回显、内存马实现",
"fork": false,
"created_at": "2025-04-11T04:36:34Z",
"updated_at": "2025-08-14T13:14:22Z",
"pushed_at": "2025-07-16T11:52:37Z",
"stargazers_count": 27,
"watchers_count": 27,
"has_discussions": false,
"forks_count": 2,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 2,
"watchers": 27,
"score": 0,
"subscribers_count": 1
},
{
"id": 975367374,
"name": "CVE-2024-36401_Geoserver_RCE_POC",
"full_name": "amoy6228\/CVE-2024-36401_Geoserver_RCE_POC",
"owner": {
"login": "amoy6228",
"id": 92043772,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/92043772?v=4",
"html_url": "https:\/\/github.com\/amoy6228",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/amoy6228\/CVE-2024-36401_Geoserver_RCE_POC",
"description": "本脚本是针对 GeoServer 的远程代码执行漏洞CVE-2024-36401开发的 PoCProof of Concept探测工具。该漏洞允许攻击者通过构造特定请求在目标服务器上执行任意命令。",
"fork": false,
"created_at": "2025-04-30T07:45:55Z",
"updated_at": "2025-05-07T02:07:41Z",
"pushed_at": "2025-04-30T08:46:21Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 1
},
{
"id": 1023820934,
"name": "Exploit-CVE-2024-36401",
"full_name": "holokitty\/Exploit-CVE-2024-36401",
"owner": {
"login": "holokitty",
"id": 98260160,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/98260160?v=4",
"html_url": "https:\/\/github.com\/holokitty",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/holokitty\/Exploit-CVE-2024-36401",
"description": "Python exploit for GeoServer (CVE-2024-36401) with JSP web shell upload",
"fork": false,
"created_at": "2025-07-21T18:40:39Z",
"updated_at": "2025-07-21T18:40:39Z",
"pushed_at": "2025-07-21T18:40:39Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]
Reference in a new issue View git blame Copy permalink