Skip to content

Henry4E36/POCS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

40 Commits

AI智能客服系统

AI智能客服系统

 
 

Academy Learning Management System

Academy Learning Management System

 
 

Artica Proxy

Artica Proxy

 
 

Atlassian Jira

Atlassian Jira

 
 

CandidATS

CandidATS

 
 

Dapr Dashboard

Dapr Dashboard

 
 

Echo

Echo

 
 

Finetree 5MP

Finetree 5MP

 
 

Fortinet

Fortinet

 
 

Free5gc

Free5gc

 
 

GLPI

GLPI

 
 

Gitblit

Gitblit

 
 

Hospital Management System 1.0

Hospital Management System 1.0

 
 

ILIAS

ILIAS

 
 

Joomla

Joomla

 
 

KubePi

KubePi

 
 

KubeView

KubeView

 
 

Laravel Filemanager

Laravel Filemanager

 
 

Metersphere

Metersphere

 
 

Minio

Minio

 
 

OpenCat

OpenCat

 
 

PowerJob

PowerJob

 
 

RPCMS

RPCMS

 
 

Roxy-WI

Roxy-WI

 
 

ServiceNow

ServiceNow

 
 

Shirne CMS

Shirne CMS

 
 

SolarView Compact

SolarView Compact

 
 

SolarView

SolarView

 
 

Tenda

Tenda

 
 

WebPageTest

WebPageTest

 
 

Welcart eCommerce

Welcart eCommerce

 
 

WordPress BulletProof Security

WordPress BulletProof Security

 
 

ZOHO-ManageEngine-OpManager

ZOHO-ManageEngine-OpManager

 
 

Zaver

Zaver

 
 

iMO云办公室

iMO云办公室

 
 

kkFileView

kkFileView

 
 

才茂通信

才茂通信

 
 

.DS_Store

.DS_Store

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

Repository files navigation

POCS

Script Of Pocs Time:2022.10.8-2022.10.14

  1. laravel-filemanager 路径遍历漏洞 | CVE-2022-40734
  2. Hospital Management System SQL注入漏洞 | CVE-2022-38637
  3. WebPageTest jpeginfo.php SSRF漏洞 | 暂无CVE
  4. Zoho ManageEngine OpManager getUserAPIKey 敏感信息泄漏漏洞 | CVE-2022-36923
  5. Roxy-WI 注入漏洞 | CVE-2022-31126
  6. GLPI 代码注入 | CVE-2022-35914

Time:2022.10.17-2022.10.21

  1. RPCMS 跨站脚本攻击 | CVE-2022-41473
  2. Gitblit 路径遍历漏洞 | CVE-2022-31268
  3. Finetree 5MP 摄像机任意用户添加 | CNVD-2021-42372
  4. Zaver 任意文件读取 | CVE-2022-38794
  5. SolarView Compact 路径遍历漏洞 | CVE-2022-29298

Time:2022.10.24-2022.10.28

  1. Fortinet 身份绕过漏洞 | CVE-2022-40684
  2. WordPress Welcart eCommerce插件 目录遍历(<=2.7.7) | CVE-2022-41840
  3. iMO-云办公室远程命令执行 | 暂无CVE
  4. OpenCats 默认密码 | 无CVE
  5. OpenCats 跨站脚本攻击 | CVE-2022-43014
  6. OpenCats 跨站脚本攻击 | CVE-2022-43015
  7. OpenCats 跨站脚本攻击 | CVE-2022-43016
  8. OpenCats 跨站脚本攻击 | CVE-2022-43017
  9. OpenCats 跨站脚本攻击 | CVE-2022-43018

Time:2022.10.31-2022.11.4

  1. kkFileView 跨站脚本攻击 | CVE-2022-40879
  2. LabStack LLC echo SSRF漏洞 | CVE-2022-40083
  3. Atlassian Jira 身份验证绕过漏洞 | CVE-2022-39960
  4. WordPress BulletProof Security 插件 路径遍历漏洞 | CVE-2021-39327
  5. Tenda 11n 身份绕过漏洞 | CVE-2022-42233

Time:2022.11.7-11.11

  1. Free5gc 信息泄露漏洞 | CVE-2022-38870
  2. Dapr Dashboard 未授权访问 | CVE-2022-38817
  3. CandidATS 跨站脚本攻击 | CVE-2022-42749
  4. CandidATS 跨站脚本攻击 | CVE-2022-42748
  5. CandidATS 跨站脚本攻击 | CVE-2022-42747
  6. CandidATS 跨站脚本攻击 | CVE-2022-42746

Time:2022.11.14-11.18

  1. Academy Learning Management System 跨站脚本漏洞 | CVE-2022-38553
  2. ServiceNow 跨站脚本漏洞 | CVE-2022-38463
  3. Shirne 目录遍历 | CVE-2022-37299
  4. Artica Proxy 跨站脚本漏洞 | CVE-2022-37153

Time: 2022.11.21-11.25

  1. 出差未写poc

Time:2022.12.8

  1. AI智能客服系统任意文件读取漏洞 | 暂无CVE
  2. KubeView 信息泄漏 | CVE-2022-45933

Time:2022.12.19

  1. ILIAS 未经验证的重定向漏洞 | CVE-2022-45917

Time:2023.03.01

  1. Joomla cms信息泄露 | CVE-2023-23752

Time:2023.03.24

  1. minio 信息泄漏 | CVE-2023-28432

Time:2023.05.18

  1. 才贸通信 formping 命令执行 | 暂无CVE
  2. Metersphere file 任意文件下载漏洞 | CVE-2022-25573
  3. PowerJob list 信息泄漏漏洞 | CVE-2022-29923
  4. KubePi LoginLogsSearch 未授权访问漏洞 | CVE-2023-22478

About

Script Of Pocs

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages