Update Sun Jan 28 20:23:55 UTC 2024

2004/CVE-2004-2687.md

@@ -29,6 +29,7 @@ No PoCs from references.
 - https://github.com/k4miyo/CVE-2004-2687
 - https://github.com/k4u5h41/distccd_rce_CVE-2004-2687
 - https://github.com/marcocastro100/Intrusion_Detection_System-Python
+- https://github.com/n3ov4n1sh/distccd_rce_CVE-2004-2687
 - https://github.com/ss0wl/CVE-2004-2687_distcc_v1
 - https://github.com/sukraken/distcc_exploit.py
 

2008/CVE-2008-2285.md

@@ -0,0 +1,17 @@
+### [CVE-2008-2285](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2285)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The ssh-vulnkey tool on Ubuntu Linux 7.04, 7.10, and 8.04 LTS does not recognize authorized_keys lines that contain options, which makes it easier for remote attackers to exploit CVE-2008-0166 by guessing a key that was not identified by this tool.
+
+### POC
+
+#### Reference
+- http://www.ubuntu.com/usn/usn-612-5
+
+#### Github
+No PoCs found on GitHub currently.
+

2008/CVE-2008-4250.md

@@ -39,9 +39,11 @@ The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP
 - https://github.com/fortinet-fortisoar/solution-pack-ips-alert-triage
 - https://github.com/gwyomarch/Legacy-HTB-Writeup-FR
 - https://github.com/k4u5h41/MS08-067
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/lyshark/Windows-exploits
 - https://github.com/miguelvelazco/coffee-saver
 - https://github.com/morkin1792/security-tests
+- https://github.com/n3ov4n1sh/MS08-067
 - https://github.com/nanotechz9l/cvesearch
 - https://github.com/nitishbadole/oscp-note-2
 - https://github.com/notsag-dev/htb-legacy

2009/CVE-2009-2265.md

@@ -28,6 +28,7 @@ Multiple directory traversal vulnerabilities in FCKeditor before 2.6.4.1 allow r
 - https://github.com/crypticdante/CVE-2009-2265
 - https://github.com/k4u5h41/CVE-2009-2265
 - https://github.com/macosta-42/Exploit-Development
+- https://github.com/n3ov4n1sh/CVE-2009-2265
 - https://github.com/p1ckzi/CVE-2009-2265
 - https://github.com/zaphoxx/zaphoxx-coldfusion
 

2011/CVE-2011-1249.md

@@ -25,5 +25,6 @@ The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and S
 - https://github.com/fei9747/WindowsElevation
 - https://github.com/k4u5h41/CVE-2011-1249
 - https://github.com/lyshark/Windows-exploits
+- https://github.com/n3ov4n1sh/CVE-2011-1249
 - https://github.com/ycdxsb/WindowsPrivilegeEscalation
 

2012/CVE-2012-1823.md

@@ -43,6 +43,7 @@ No PoCs from references.
 - https://github.com/drone789/CVE-2012-1823
 - https://github.com/infodox/exploits
 - https://github.com/kalivim/pySecurity
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/krishpranav/autosploit
 - https://github.com/marcocastro100/Intrusion_Detection_System-Python
 - https://github.com/panduki/SIE

2014/CVE-2014-6271.md

@@ -408,6 +408,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/kelleykong/cve-2014-6271-mengjia-kong
 - https://github.com/kerk1/ShellShock-Scenario
 - https://github.com/kgwanjala/oscp-cheatsheet
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/kielSDeM/Black-Zero
 - https://github.com/kinourik/hacking-tools
 - https://github.com/kk98kk0/Payloads

2014/CVE-2014-6324.md

@@ -32,6 +32,7 @@ No PoCs from references.
 - https://github.com/fei9747/WindowsElevation
 - https://github.com/geeksniper/active-directory-pentest
 - https://github.com/infosecn1nja/AD-Attack-Defense
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/metaDNA/hackingteamhack
 - https://github.com/mishmashclone/infosecn1nja-AD-Attack-Defense
 - https://github.com/mubix/pykek

2014/CVE-2014-7169.md

@@ -56,6 +56,7 @@ GNU Bash through 4.3 bash43-025 processes trailing strings after certain malform
 - https://github.com/jackbezalel/patchme
 - https://github.com/jcollie/shellshock_salt_grain
 - https://github.com/jdauphant/patch-bash-shellshock
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/make0day/pentest
 - https://github.com/matthewlinks/shellshock-Ansible
 - https://github.com/meherarfaoui09/meher

2015/CVE-2015-1328.md

@@ -52,6 +52,7 @@ The overlayfs implementation in the linux (aka Linux kernel) package before 3.19
 - https://github.com/hktalent/bug-bounty
 - https://github.com/j-info/ctfsite
 - https://github.com/kerk1/ShellShock-Scenario
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/kumardineshwar/linux-kernel-exploits
 - https://github.com/m0mkris/linux-kernel-exploits
 - https://github.com/makoto56/penetration-suite-toolkit

2015/CVE-2015-3306.md

@@ -49,6 +49,7 @@ The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write t
 - https://github.com/huimzjty/vulwiki
 - https://github.com/jbmihoub/all-poc
 - https://github.com/jptr218/proftpd_bypass
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/lnick2023/nicenice
 - https://github.com/m4udSec/ProFTPD_CVE-2015-3306
 - https://github.com/nodoyuna09/eHacking_LABS

2016/CVE-2016-5195.md

@@ -257,6 +257,7 @@ Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allo
 - https://github.com/khanhhdz/linux-kernel-exploitation
 - https://github.com/khanhhdz06/linux-kernel-exploitation
 - https://github.com/khanhnd123/linux-kernel-exploitation
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/kicku6/Opensource88888
 - https://github.com/kkamagui/linux-kernel-exploits
 - https://github.com/kmeaw/cowcleaner

2017/CVE-2017-0143.md

@@ -86,6 +86,7 @@ The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2
 - https://github.com/jeredbare/ms17-010_to_slack
 - https://github.com/k4u5h41/MS17-010_CVE-2017-0143
 - https://github.com/k8gege/Ladon
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/liorsivan/hackthebox-machines
 - https://github.com/lnick2023/nicenice
 - https://github.com/lyshark/Windows-exploits

2017/CVE-2017-12611.md

@@ -31,6 +31,7 @@ No PoCs from references.
 - https://github.com/albinowax/ActiveScanPlusPlus
 - https://github.com/brianwrf/S2-053-CVE-2017-12611
 - https://github.com/ice0bear14h/struts2scan
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/khodges42/Etrata
 - https://github.com/linchong-cmd/BugLists
 - https://github.com/lnick2023/nicenice

2017/CVE-2017-16995.md

@@ -79,6 +79,7 @@ The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4
 - https://github.com/khanhhdz/linux-kernel-exploitation
 - https://github.com/khanhhdz06/linux-kernel-exploitation
 - https://github.com/khanhnd123/linux-kernel-exploitation
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/kkamagui/linux-kernel-exploits
 - https://github.com/kumardineshwar/linux-kernel-exploits
 - https://github.com/likescam/Ubuntu-0day-2017

2017/CVE-2017-7494.md

@@ -166,6 +166,7 @@ Samba since version 3.5.0 and before 4.6.4, 4.5.10 and 4.4.14 is vulnerable to r
 - https://github.com/joxeankoret/CVE-2017-7494
 - https://github.com/justone0127/Red-Hat-Advanced-Cluster-Security-for-Kubernetes-Operator-Installation
 - https://github.com/justone0127/Red-Hat-Cluster-Security-for-Kubernetes-Operator-Installation
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/kinourik/hacking-tools
 - https://github.com/kraloveckey/venom
 - https://github.com/kumardineshwar/linux-kernel-exploits

2017/CVE-2017-9791.md

@@ -45,6 +45,7 @@ The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code exe
 - https://github.com/ice0bear14h/struts2scan
 - https://github.com/iqrok/myhktools
 - https://github.com/jas502n/st2-048
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/khodges42/Etrata
 - https://github.com/linchong-cmd/BugLists
 - https://github.com/lnick2023/nicenice

2017/CVE-2017-9805.md

@@ -97,6 +97,7 @@ The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x bef
 - https://github.com/iqrok/myhktools
 - https://github.com/jbmihoub/all-poc
 - https://github.com/jongmartinez/-CVE-2017-9805-
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/khodges42/Etrata
 - https://github.com/kk98kk0/Payloads
 - https://github.com/klausware/Java-Deserialization-Cheat-Sheet

2018/CVE-2018-11776.md

@@ -116,6 +116,7 @@ Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remo
 - https://github.com/hudunkey/Red-Team-links
 - https://github.com/hwiwonl/dayone
 - https://github.com/hyeonql/WHS
+- https://github.com/hyeonql/WHS_Struts2-S2-059-
 - https://github.com/ice0bear14h/struts2scan
 - https://github.com/iflody/codeql-workshop
 - https://github.com/iqrok/myhktools

2018/CVE-2018-7600.md

@@ -159,6 +159,7 @@ Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1
 - https://github.com/jstang9527/gofor
 - https://github.com/jyo-zi/CVE-2018-7600
 - https://github.com/kgwanjala/oscp-cheatsheet
+- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
 - https://github.com/kk98kk0/Payloads
 - https://github.com/knqyf263/CVE-2018-7600
 - https://github.com/koutto/jok3r-pocs

2019/CVE-2019-0230.md

@@ -46,6 +46,7 @@ Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on r
 - https://github.com/gh0st27/Struts2Scanner
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/hyeonql/WHS
+- https://github.com/hyeonql/WHS_Struts2-S2-059-
 - https://github.com/ice0bear14h/struts2scan
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/pctF/vulnerable-app

2019/CVE-2019-0567.md

@@ -18,6 +18,7 @@ A remote code execution vulnerability exists in the way that the Chakra scriptin
 - https://github.com/0xT11/CVE-POC
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/EanNewton/Awesome-Reading-List
+- https://github.com/NatteeSetobol/Chakra-CVE-2019-0567
 - https://github.com/developer3000S/PoC-in-GitHub
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/lnick2023/nicenice

2019/CVE-2019-1010218.md

@@ -15,4 +15,5 @@ No PoCs from references.
 #### Github
 - https://github.com/CPAN-Security/Net-NVD
 - https://github.com/garu/Net-NVD
+- https://github.com/yoryio/Fedora_CVE_Detection_Script
 

2019/CVE-2019-1010268.md

@@ -13,5 +13,5 @@ Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is affected b
 - https://www.exploit-db.com/exploits/43113
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/Tonyynot14/CVE-2019-1010268
 

2019/CVE-2019-11358.md

@@ -389,6 +389,8 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/BigPingLowIQ/Vectron-CenterStage
 - https://github.com/BigieCheese/RobotNoWorky
 - https://github.com/BionicBeesFTC/FtcRobotController
+- https://github.com/BionicTigers/HiveFive
+- https://github.com/BionicTigers/Hydrophobia
 - https://github.com/BlackOps10373/ChargedUp
 - https://github.com/BlackOps10373/FreightFrenzy
 - https://github.com/BlahBlah23406/RobotControlCord
@@ -2511,6 +2513,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/amanster22/staticDischargeUpdated
 - https://github.com/amarcolini/18421-PP
 - https://github.com/amarcolini/joos_quickstart
+- https://github.com/amarcolini/swerve_example
 - https://github.com/amartinez21/Ultimate_Goal
 - https://github.com/ameenchougle/Powerplay
 - https://github.com/ameenchougle/git_testing
@@ -3941,6 +3944,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/wfhs-robotics/PowerPlay-22-23
 - https://github.com/wfrfred/Ftc_fff_2022
 - https://github.com/wfrfred/ftc_fff
+- https://github.com/whYXZee/FTC2024-master
 - https://github.com/whalecodes/powerplay-app
 - https://github.com/whitmore8492/2021-Freight-Frenzy
 - https://github.com/wildebunch/2022_2023_Robot

2019/CVE-2019-11395.md

@@ -23,4 +23,5 @@ A buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitra
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/redalien301090/CVE-2019-11395
 

2019/CVE-2019-11408.md

@@ -14,5 +14,5 @@ XSS in app/operator_panel/index_inc.php in the Operator Panel module in FusionPB
 - https://blog.gdssecurity.com/labs/2019/6/7/rce-using-caller-id-multiple-vulnerabilities-in-fusionpbx.html
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/HoseynHeydari/fusionpbx_rce_vulnerability
 

2019/CVE-2019-11409.md

@@ -15,5 +15,5 @@ app/operator_panel/exec.php in the Operator Panel module in FusionPBX 4.4.3 suff
 - https://blog.gdssecurity.com/labs/2019/6/7/rce-using-caller-id-multiple-vulnerabilities-in-fusionpbx.html
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/HoseynHeydari/fusionpbx_rce_vulnerability
 

2019/CVE-2019-11447.md

@@ -31,5 +31,6 @@ An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate th
 - https://github.com/khuntor/CVE-2019-11447-EXP
 - https://github.com/mt-code/CVE-2019-11447
 - https://github.com/schumalc/cutenews2.1.2_rce
+- https://github.com/substing/CVE-2019-11447_reverse_shell_upload
 - https://github.com/thewhiteh4t/cve-2019-11447
 

2019/CVE-2019-12840.md

@@ -21,6 +21,7 @@ In Webmin through 1.910, any user authorized to the "Package Updates" module can
 - https://github.com/Awrrays/FrameVul
 - https://github.com/InesMartins31/iot-cves
 - https://github.com/KrE80r/webmin_cve-2019-12840_poc
+- https://github.com/Pol-Ruiz/PoC-CVE-2019-12840
 - https://github.com/WizzzStark/CVE-2019-12840.py
 - https://github.com/anasbousselham/webminscan
 - https://github.com/anquanscan/sec-tools

2019/CVE-2019-13604.md

@@ -11,6 +11,7 @@ There is a short key vulnerability in HID Global DigitalPersona (formerly Crossm
 
 #### Reference
 - https://github.com/sungjungk/fp-img-key-crack
+- https://www.youtube.com/watch?v=7tKJQdKRm2k
 - https://www.youtube.com/watch?v=BwYK_xZlKi4
 
 #### Github

2019/CVE-2019-14287.md

@@ -96,6 +96,7 @@ In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can
 - https://github.com/malangalothbrok/sudo-linux-bypass
 - https://github.com/mussar0x4D5352/rekall-penetration-test
 - https://github.com/n0w4n/CVE-2019-14287
+- https://github.com/n3ov4n1sh/CVE-2019-14287
 - https://github.com/notnue/Linux-Privilege-Escalation
 - https://github.com/oscpname/OSCP_cheat
 - https://github.com/ra1nb0rn/search_vulns

2019/CVE-2019-15107.md

@@ -60,6 +60,7 @@ An issue was discovered in Webmin <=1.920. The parameter old in password_change.
 - https://github.com/YIXINSHUWU/Penetration_Testing_POC
 - https://github.com/YeezyTaughtMe1/HTB-Postman
 - https://github.com/Z0fhack/Goby_POC
+- https://github.com/aamfrk/Webmin-CVE-2019-15107
 - https://github.com/bakery312/Vulhub-Reproduce
 - https://github.com/cckuailong/vultarget_web
 - https://github.com/cd6629/Python-scripts
@@ -101,6 +102,7 @@ An issue was discovered in Webmin <=1.920. The parameter old in password_change.
 - https://github.com/merlinepedra/nuclei-templates
 - https://github.com/merlinepedra25/nuclei-templates
 - https://github.com/n0obit4/Webmin_1.890-POC
+- https://github.com/olingo99/CVE-2019-15107
 - https://github.com/orgTestCodacy11KRepos110MB/repo-3569-collection-document
 - https://github.com/password520/Penetration_PoC
 - https://github.com/password520/RedTeamer

2019/CVE-2019-16278.md

@@ -53,6 +53,7 @@ Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6
 - https://github.com/lnick2023/nicenice
 - https://github.com/merlinepedra/nuclei-templates
 - https://github.com/merlinepedra25/nuclei-templates
+- https://github.com/n3ov4n1sh/CVE-2019-16278
 - https://github.com/password520/Penetration_PoC
 - https://github.com/qazbnm456/awesome-cve-poc
 - https://github.com/richardsonjf/King-of-the-hill

2019/CVE-2019-18634.md

@@ -23,6 +23,7 @@ In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigg
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/AfvanMoopen/tryhackme-
 - https://github.com/CyberSec-Monkey/Zero2H4x0r
+- https://github.com/DDayLuong/CVE-2019-18634
 - https://github.com/DarkFunct/CVE_Exploits
 - https://github.com/Dinesh-999/Hacking_contents
 - https://github.com/Drakfunc/CVE_Exploits

2019/CVE-2019-18935.md

@@ -52,6 +52,7 @@ Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deseria
 - https://github.com/becrevex/Telerik_CVE-2019-18935
 - https://github.com/cyberanand1337x/bug-bounty-2022
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/dust-life/CVE-2019-18935-memShell
 - https://github.com/emtee40/win-pentest-tools
 - https://github.com/ghostr00tt/test
 - https://github.com/hack-parthsharma/Pentest-Tools

2019/CVE-2019-19447.md

@@ -14,4 +14,5 @@ In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/Trinadh465/linux-4.19.72_CVE-2019-19447
 

2019/CVE-2019-2215.md

@@ -52,6 +52,7 @@ A use-after-free in binder.c allows an elevation of privilege from an applicatio
 - https://github.com/gmh5225/awesome-game-security
 - https://github.com/grant-h/qu1ckr00t
 - https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/jsirichai/CVE-2019-2215
 - https://github.com/kangtastic/cve-2019-2215
 - https://github.com/kdn111/linux-kernel-exploitation
 - https://github.com/khanhdn111/linux-kernel-exploitation

2019/CVE-2019-3398.md

@@ -17,6 +17,7 @@ Confluence Server and Data Center had a path traversal vulnerability in the down
 #### Github
 - https://github.com/0x783kb/Security-operation-book
 - https://github.com/0xT11/CVE-POC
+- https://github.com/132231g/CVE-2019-3398
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

2019/CVE-2019-4279.md

@@ -19,4 +19,5 @@ No PoCs from references.
 - https://github.com/BrittanyKuhn/javascript-tutorial
 - https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
 - https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
+- https://github.com/pazwant/CVEAutoMatcher
 

2019/CVE-2019-5736.md

@@ -131,6 +131,7 @@ runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allow
 - https://github.com/milloni/cve-2019-5736-exp
 - https://github.com/mrzzy/govware-2019-demos
 - https://github.com/myugan/awesome-docker-security
+- https://github.com/n3ov4n1sh/CVE-2019-5736
 - https://github.com/neargle/my-re0-k8s-security
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub

2019/CVE-2019-6447.md

@@ -46,6 +46,7 @@ The ES File Explorer File Manager application through 4.1.9.7.4 for Android allo
 - https://github.com/k4u5h41/CVE-2019-6447
 - https://github.com/kgwanjala/oscp-cheatsheet
 - https://github.com/mooyoul/awesome-stars
+- https://github.com/n3ov4n1sh/CVE-2019-6447
 - https://github.com/nitishbadole/oscp-note-3
 - https://github.com/nomi-sec/PoC-in-GitHub
 - https://github.com/oscpname/OSCP_cheat

2019/CVE-2019-6693.md

@@ -16,5 +16,6 @@ No PoCs from references.
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/gquere/CVE-2019-6693
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/saladandonionrings/cve-2019-6693
 - https://github.com/synacktiv/CVE-2020-9289
 

2019/CVE-2019-7481.md

@@ -17,6 +17,7 @@ No PoCs from references.
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/b4bay/CVE-2019-7482
+- https://github.com/itstarsec/Blueprint-Incident-Response
 - https://github.com/pipiscrew/timeline
 - https://github.com/r0eXpeR/supplier
 - https://github.com/triw0lf/Security-Matters-22

2019/CVE-2019-8942.md

@@ -24,6 +24,7 @@ WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because
 - https://github.com/brianwrf/WordPress_4.9.8_RCE_POC
 - https://github.com/developer3000S/PoC-in-GitHub
 - https://github.com/hectorgie/PoC-in-GitHub
+- https://github.com/ret2x-tools/poc-wordpress-5.0.0
 - https://github.com/s4rgaz/poc-wordpress-5.0.0
 - https://github.com/synacktiv/CVE-2019-8942
 - https://github.com/synod2/WP_CROP_RCE

2019/CVE-2019-8943.md

@@ -29,6 +29,7 @@ WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An attacker (w
 - https://github.com/hadrian3689/wordpress_cropimage
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/nenandjabhata/CTFs-Journey
+- https://github.com/ret2x-tools/poc-wordpress-5.0.0
 - https://github.com/s4rgaz/poc-wordpress-5.0.0
 - https://github.com/scannells/exploits
 - https://github.com/synod2/WP_CROP_RCE