cve/2019/CVE-2019-0604.md

### [CVE-2019-0604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0604)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Enterprise%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Foundation&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)

### Description

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/20142995/Goby
- https://github.com/5thphlame/OSCP-NOTES-ACTIVE-DIRECTORY-1
- https://github.com/ANON-D46KPH4TOM/Active-Directory-Exploitation-Cheat-Sheets
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AshikAhmed007/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/Aslamlatheef/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Gh0st0ne/weaponized-0604
- https://github.com/GhostTroops/TOP
- https://github.com/H0j3n/EzpzSharepoint
- https://github.com/HimmelAward/Goby_POC
- https://github.com/JERRY123S/all-poc
- https://github.com/Mehedi-Babu/active_directory_chtsht
- https://github.com/NHPT/ysoserial.net
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PWN-Kingdom/Test_Tasks
- https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet.
- https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Voulnet/desharialize
- https://github.com/Y4er/dotnet-deserialization
- https://github.com/Z0fhack/Goby_POC
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/anquanscan/sec-tools
- https://github.com/aymankhder/AD-esploitation-cheatsheet
- https://github.com/boxhg/CVE-2019-0604
- https://github.com/cetriext/fireeye_cves
- https://github.com/cyb3rpeace/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/davidlebr1/cve-2019-0604-SP2010-netv3.5
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/drerx/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/hktalent/ysoserial.net
- https://github.com/jbmihoub/all-poc
- https://github.com/k8gege/CVE-2019-0604
- https://github.com/k8gege/PowerLadon
- https://github.com/likescam/CVE-2019-0604_sharepoint_CVE
- https://github.com/linhlhq/CVE-2019-0604
- https://github.com/lnick2023/nicenice
- https://github.com/m5050/CVE-2019-0604
- https://github.com/michael101096/cs2020_msels
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/only2pencils/Cybersecurity-Current-Event-Report
- https://github.com/puckiestyle/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/puckiestyle/ysoserial.net
- https://github.com/puckiestyle/ysoserial.net-master
- https://github.com/pwntester/ysoserial.net
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/r0eXpeR/supplier
- https://github.com/retr0-13/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/revoverflow/ysoserial
- https://github.com/rodrigosilvaluz/JUST_WALKING_DOG
- https://github.com/rumputliar/Active-Directory-Exploitation-Cheat-Sheet
- https://github.com/s3mPr1linux/JUST_WALKING_DOG
- https://github.com/triw0lf/Security-Matters-22
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whitfieldsdad/epss
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2019-0604](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0604)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Enterprise%20Server&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Foundation&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Microsoft%20SharePoint%20Server&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Remote%20Code%20Execution&color=brighgreen)`

			`### Description`

			`A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/0xT11/CVE-POC`
			`- https://github.com/20142995/Goby`
			`- https://github.com/5thphlame/OSCP-NOTES-ACTIVE-DIRECTORY-1`
			`- https://github.com/ANON-D46KPH4TOM/Active-Directory-Exploitation-Cheat-Sheets`
			`- https://github.com/ARPSyndicate/cvemon`
			`- https://github.com/AshikAhmed007/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/Aslamlatheef/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/CVEDB/PoC-List`
			`- https://github.com/CVEDB/awesome-cve-repo`
			`- https://github.com/CVEDB/top`
			`- https://github.com/Gh0st0ne/weaponized-0604`
			`- https://github.com/GhostTroops/TOP`
			`- https://github.com/H0j3n/EzpzSharepoint`
			`- https://github.com/HimmelAward/Goby_POC`
			`- https://github.com/JERRY123S/all-poc`
			`- https://github.com/Mehedi-Babu/active_directory_chtsht`
			`- https://github.com/NHPT/ysoserial.net`
			`- https://github.com/Ostorlab/KEV`
			`- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors`
			`- https://github.com/PWN-Kingdom/Test_Tasks`
			`- https://github.com/QWERTSKIHACK/Active-Directory-Exploitation-Cheat-Sheet.`
			`- https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/SexyBeast233/SecBooks`
			`- https://github.com/Voulnet/desharialize`
			`- https://github.com/Y4er/dotnet-deserialization`
			`- https://github.com/Z0fhack/Goby_POC`
			`- https://github.com/alphaSeclab/sec-daily-2019`
			`- https://github.com/anquanscan/sec-tools`
			`- https://github.com/aymankhder/AD-esploitation-cheatsheet`
			`- https://github.com/boxhg/CVE-2019-0604`
			`- https://github.com/cetriext/fireeye_cves`
			`- https://github.com/cyb3rpeace/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/cyberanand1337x/bug-bounty-2022`
			`- https://github.com/davidlebr1/cve-2019-0604-SP2010-netv3.5`
			`- https://github.com/developer3000S/PoC-in-GitHub`
			`- https://github.com/drerx/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/hectorgie/PoC-in-GitHub`
			`- https://github.com/hktalent/TOP`
			`- https://github.com/hktalent/ysoserial.net`
			`- https://github.com/jbmihoub/all-poc`
			`- https://github.com/k8gege/CVE-2019-0604`
Update CVE sources 2024-06-07 04:52 2024-06-07 04:52:01 +00:00			`- https://github.com/k8gege/PowerLadon`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`- https://github.com/likescam/CVE-2019-0604_sharepoint_CVE`
			`- https://github.com/linhlhq/CVE-2019-0604`
			`- https://github.com/lnick2023/nicenice`
			`- https://github.com/m5050/CVE-2019-0604`
			`- https://github.com/michael101096/cs2020_msels`
			`- https://github.com/nomi-sec/PoC-in-GitHub`
			`- https://github.com/only2pencils/Cybersecurity-Current-Event-Report`
			`- https://github.com/puckiestyle/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/puckiestyle/ysoserial.net`
			`- https://github.com/puckiestyle/ysoserial.net-master`
			`- https://github.com/pwntester/ysoserial.net`
			`- https://github.com/qazbnm456/awesome-cve-poc`
			`- https://github.com/r0eXpeR/supplier`
			`- https://github.com/retr0-13/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/revoverflow/ysoserial`
			`- https://github.com/rodrigosilvaluz/JUST_WALKING_DOG`
			`- https://github.com/rumputliar/Active-Directory-Exploitation-Cheat-Sheet`
			`- https://github.com/s3mPr1linux/JUST_WALKING_DOG`
			`- https://github.com/triw0lf/Security-Matters-22`
			`- https://github.com/weeka10/-hktalent-TOP`
			`- https://github.com/whitfieldsdad/epss`
			`- https://github.com/xbl3/awesome-cve-poc_qazbnm456`