mirror/PoC-in-GitHub
1
0
Fork 0
mirror of https://github.com/nomi-sec/PoC-in-GitHub.git synced 2025-12-27 14:45:33 +01:00
Code Issues Projects Releases Packages Wiki Activity
PoC-in-GitHub/2024/CVE-2024-28397.json
motikan2010-bot cbcb84f237 Auto Update 2025/09/13 18:36:29
2025-09-14 03:36:29 +09:00

250 lines
No EOL
9.2 KiB
JSON
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

[
{
"id": 817083025,
"name": "CVE-2024-28397-js2py-Sandbox-Escape",
"full_name": "Marven11\/CVE-2024-28397-js2py-Sandbox-Escape",
"owner": {
"login": "Marven11",
"id": 110723864,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/110723864?v=4",
"html_url": "https:\/\/github.com\/Marven11",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Marven11\/CVE-2024-28397-js2py-Sandbox-Escape",
"description": "CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction.",
"fork": false,
"created_at": "2024-06-19T01:46:33Z",
"updated_at": "2025-09-12T02:30:08Z",
"pushed_at": "2025-08-28T10:16:03Z",
"stargazers_count": 56,
"watchers_count": 56,
"has_discussions": false,
"forks_count": 11,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 11,
"watchers": 56,
"score": 0,
"subscribers_count": 2
},
{
"id": 818088894,
"name": "CVE-2024-28397-js2py-Sandbox-Escape",
"full_name": "CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape",
"owner": {
"login": "CYBER-WARRIOR-SEC",
"id": 168237449,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/168237449?v=4",
"html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/CYBER-WARRIOR-SEC\/CVE-2024-28397-js2py-Sandbox-Escape",
"description": null,
"fork": false,
"created_at": "2024-06-21T04:43:21Z",
"updated_at": "2024-06-29T21:42:12Z",
"pushed_at": "2024-06-29T21:42:10Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 1
},
{
"id": 1039364261,
"name": "CVE-2024-28397-command-execution-poc",
"full_name": "waleed-hassan569\/CVE-2024-28397-command-execution-poc",
"owner": {
"login": "waleed-hassan569",
"id": 101213166,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/101213166?v=4",
"html_url": "https:\/\/github.com\/waleed-hassan569",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/waleed-hassan569\/CVE-2024-28397-command-execution-poc",
"description": "This vulnerability arises from incomplete sandboxing in js2py, where crafted JavaScript can traverse Pythons internal object model and access dangerous classes like subprocess.Popen, leading to arbitrary command execution.",
"fork": false,
"created_at": "2025-08-17T04:00:59Z",
"updated_at": "2025-08-25T03:21:35Z",
"pushed_at": "2025-08-17T04:10:54Z",
"stargazers_count": 3,
"watchers_count": 3,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 3,
"score": 0,
"subscribers_count": 0
},
{
"id": 1039784105,
"name": "exploit-js2py",
"full_name": "releaseown\/exploit-js2py",
"owner": {
"login": "releaseown",
"id": 226413267,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/226413267?v=4",
"html_url": "https:\/\/github.com\/releaseown",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/releaseown\/exploit-js2py",
"description": "The CVE-2024-28397 vulnerability affects versions of js2py up to v0.74, a Python library that allows JavaScript code to be executed within the Python interpreter. ",
"fork": false,
"created_at": "2025-08-18T01:09:33Z",
"updated_at": "2025-08-30T00:25:16Z",
"pushed_at": "2025-08-22T15:43:30Z",
"stargazers_count": 2,
"watchers_count": 2,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 2,
"score": 0,
"subscribers_count": 0
},
{
"id": 1040192717,
"name": "CVE-2024-28397-RCE",
"full_name": "harutomo-jp\/CVE-2024-28397-RCE",
"owner": {
"login": "harutomo-jp",
"id": 139304582,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/139304582?v=4",
"html_url": "https:\/\/github.com\/harutomo-jp",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/harutomo-jp\/CVE-2024-28397-RCE",
"description": null,
"fork": false,
"created_at": "2025-08-18T15:40:19Z",
"updated_at": "2025-08-20T13:27:01Z",
"pushed_at": "2025-08-18T15:49:43Z",
"stargazers_count": 1,
"watchers_count": 1,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 1,
"score": 0,
"subscribers_count": 0
},
{
"id": 1046106441,
"name": "CVE-2024-28397-js2py-Sandbox-Escape",
"full_name": "Naved124\/CVE-2024-28397-js2py-Sandbox-Escape",
"owner": {
"login": "Naved124",
"id": 86107643,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/86107643?v=4",
"html_url": "https:\/\/github.com\/Naved124",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/Naved124\/CVE-2024-28397-js2py-Sandbox-Escape",
"description": null,
"fork": false,
"created_at": "2025-08-28T07:39:30Z",
"updated_at": "2025-08-28T15:19:52Z",
"pushed_at": "2025-08-28T15:19:49Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1051622838,
"name": "Remote-Code-Execution-CVE-2024-28397-pyload-ng-js2py-",
"full_name": "ExtremeUday\/Remote-Code-Execution-CVE-2024-28397-pyload-ng-js2py-",
"owner": {
"login": "ExtremeUday",
"id": 100433677,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/100433677?v=4",
"html_url": "https:\/\/github.com\/ExtremeUday",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/ExtremeUday\/Remote-Code-Execution-CVE-2024-28397-pyload-ng-js2py-",
"description": "PoC exploit for CVE-2024-28397 Remote Code Execution in pyload-ng via js2py sandbox escape",
"fork": false,
"created_at": "2025-09-06T11:39:44Z",
"updated_at": "2025-09-06T11:50:45Z",
"pushed_at": "2025-09-06T11:50:41Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
},
{
"id": 1053333854,
"name": "CVE-2024-28397",
"full_name": "naclapor\/CVE-2024-28397",
"owner": {
"login": "naclapor",
"id": 144923083,
"avatar_url": "https:\/\/avatars.githubusercontent.com\/u\/144923083?v=4",
"html_url": "https:\/\/github.com\/naclapor",
"user_view_type": "public"
},
"html_url": "https:\/\/github.com\/naclapor\/CVE-2024-28397",
"description": "This repository contains a python exploit code for CVE-2024-28397 intended for use on the \"CodePartTwo\" machine on Hack The Box (HTB).",
"fork": false,
"created_at": "2025-09-09T09:57:26Z",
"updated_at": "2025-09-09T10:04:17Z",
"pushed_at": "2025-09-09T10:04:14Z",
"stargazers_count": 0,
"watchers_count": 0,
"has_discussions": false,
"forks_count": 0,
"allow_forking": true,
"is_template": false,
"web_commit_signoff_required": false,
"topics": [],
"visibility": "public",
"forks": 0,
"watchers": 0,
"score": 0,
"subscribers_count": 0
}
]
Reference in a new issue View git blame Copy permalink