Update CVE sources 2024-06-07 17:53

2025-05-05 10:17:57 +00:00 · 2024-06-07 17:53:02 +00:00 · 2024-06-07 17:53:02 +00:00 · e6ecd99f3d
commit e6ecd99f3d
parent 436163792c
205 changed files with 5340 additions and 34 deletions
--- a/2011/CVE-2011-2523.md
+++ b/2011/CVE-2011-2523.md
@ -73,6 +73,7 @@ vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which
 - https://github.com/sponkmonk/Ladon_english_update
 - https://github.com/sunzu94/vsftpd_2.3.4_Exploit
 - https://github.com/tarikemal/exploit-ftp-samba
+- https://github.com/thanawut2903/Port-21-tcp-vsftpd-2.3.4-exploit
 - https://github.com/vaishnavucv/CVE-2011-2523
 - https://github.com/vasanth-tamil/ctf-writeups
 - https://github.com/vmmaltsev/13.1
--- a/2012/CVE-2012-1823.md
+++ b/2012/CVE-2012-1823.md
@ -14,6 +14,7 @@ No PoCs from references.

 #### Github
 - https://github.com/0xl0k1/CVE-2012-1823
+- https://github.com/0xsyr0/OSCP
 - https://github.com/1060275195/Covid-v2-Botnet
 - https://github.com/404tk/lazyscan
 - https://github.com/ARPSyndicate/cvemon
--- a/2012/CVE-2012-1876.md
+++ b/2012/CVE-2012-1876.md
@ -16,6 +16,7 @@ Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not prope
 #### Github
 - https://github.com/ExploitCN/CVE-2012-1876-win7_x86_and_win7x64
 - https://github.com/WizardVan/CVE-2012-1876
+- https://github.com/ernestang98/win-exploits
 - https://github.com/migraine-sudo/Arsenal
 - https://github.com/ricew4ng/BrowserSecurity
 - https://github.com/ser4wang/BrowserSecurity
--- a/2013/CVE-2013-3900.md
+++ b/2013/CVE-2013-3900.md
@ -29,6 +29,7 @@ No PoCs from references.
 - https://github.com/ellikt1/Vulnerability-Assessment
 - https://github.com/florylsk/SignatureGate
 - https://github.com/hiba-ahmad1/NessusVulnManagement
+- https://github.com/hibahmad30/NessusVulnManagement
 - https://github.com/izj007/wechat
 - https://github.com/jason-klein/signed-nsis-exe-append-payload
 - https://github.com/lau1010/Packer_VMware_Win19_UEFI_secure_boot_with_Updates
--- a/2014/CVE-2014-0130.md
+++ b/2014/CVE-2014-0130.md
@ -15,6 +15,7 @@ Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb
 #### Github
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/omarkurt/cve-2014-0130
 - https://github.com/rubysec/ruby-advisory-db
--- a/2014/CVE-2014-0160.md
+++ b/2014/CVE-2014-0160.md
@ -18,6 +18,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p
 - https://hackerone.com/reports/6626

 #### Github
+- https://github.com/00xNetrunner/Shodan_Cheet-Sheet
 - https://github.com/0day404/vulnerability-poc
 - https://github.com/0x0d3ad/Kn0ck
 - https://github.com/0x90/CVE-2014-0160
--- a/2014/CVE-2014-0224.md
+++ b/2014/CVE-2014-0224.md
@ -26,6 +26,7 @@ OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not pr
 - https://kc.mcafee.com/corporate/index?page=content&id=SB10075

 #### Github
+- https://github.com/00xNetrunner/Shodan_Cheet-Sheet
 - https://github.com/0nopnop/qualysparser
 - https://github.com/1N3/MassBleed
 - https://github.com/84KaliPleXon3/a2sv
--- a/2014/CVE-2014-1234.md
+++ b/2014/CVE-2014-1234.md
@ -16,4 +16,5 @@ No PoCs from references.
 - https://github.com/Haifisch/dayswithoutansslexploit
 - https://github.com/fhightower/ioc-finder
 - https://github.com/guilhermeG23/manual_suricata_simples
+- https://github.com/xssec/xshodan

--- a/2014/CVE-2014-6271.md
+++ b/2014/CVE-2014-6271.md
@ -29,6 +29,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://www.exploit-db.com/exploits/42938/

 #### Github
+- https://github.com/00xNetrunner/Shodan_Cheet-Sheet
 - https://github.com/0bfxgh0st/cve-2014-6271
 - https://github.com/0x00-0x00/CVE-2014-6271
 - https://github.com/0x0d3ad/Kn0ck
@ -368,6 +369,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/francisck/shellshock-cgi
 - https://github.com/fxschaefer/ejpt
 - https://github.com/gabemarshall/shocknaww
+- https://github.com/gauss77/LaboratoriosHack
 - https://github.com/ghoneycutt/puppet-module-cve
 - https://github.com/gipi/cve-cemetery
 - https://github.com/giterlizzi/secdb-feeds
@ -542,6 +544,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/riikunn1004/oscp-cheatsheet
 - https://github.com/rjdj0261/-Awesome-Hacking-
 - https://github.com/rmetzler/ansible-shellshock-fix
+- https://github.com/rodolfomarianocy/OSCP-Tricks-2023
 - https://github.com/roninAPT/pentest-kit
 - https://github.com/rrmomaya2900/0dayWriteup-THM
 - https://github.com/rrreeeyyy/cve-2014-6271-spec
--- a/2014/CVE-2014-7818.md
+++ b/2014/CVE-2014-7818.md
@ -13,6 +13,7 @@ Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/s
 - https://puppet.com/security/cve/cve-2014-7829

 #### Github
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/tdunning/github-advisory-parser
--- a/2014/CVE-2014-7829.md
+++ b/2014/CVE-2014-7829.md
@ -14,6 +14,7 @@ Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/s
 - https://puppet.com/security/cve/cve-2014-7829

 #### Github
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-
--- a/2015/CVE-2015-1635.md
+++ b/2015/CVE-2015-1635.md
@ -19,6 +19,7 @@ HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Wind
 - https://github.com/ACIC-Africa/metasploitable3
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Aquilao/Toy-Box
+- https://github.com/Cappricio-Securities/CVE-2015-1635
 - https://github.com/H3xL00m/CVE-2015-1635
 - https://github.com/H3xL00m/CVE-2015-1635-POC
 - https://github.com/Olysyan/MSS
--- a/2015/CVE-2015-3104.md
+++ b/2015/CVE-2015-3104.md
@ -17,5 +17,6 @@ No PoCs from references.
 - https://github.com/BLACKHAT-SSG/EXP-401-OSEE
 - https://github.com/HaifeiLi/HardenFlash
 - https://github.com/PwnAwan/EXP-401-OSEE
+- https://github.com/ernestang98/win-exploits
 - https://github.com/gscamelo/OSEE

--- a/2015/CVE-2015-3306.md
+++ b/2015/CVE-2015-3306.md
@ -45,6 +45,7 @@ The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write t
 - https://github.com/developer3000S/PoC-in-GitHub
 - https://github.com/ebantula/eHacking_LABS
 - https://github.com/firatesatoglu/shodanSearch
+- https://github.com/gauss77/LaboratoriosHack
 - https://github.com/hackarada/cve-2015-3306
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/hktalent/TOP
--- a/2015/CVE-2015-6748.md
+++ b/2015/CVE-2015-6748.md
@ -16,4 +16,5 @@ Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Anonymous-Phunter/PHunter
 - https://github.com/CGCL-codes/PHunter
+- https://github.com/epicosy/VUL4J-59

--- a/2015/CVE-2015-7576.md
+++ b/2015/CVE-2015-7576.md
@ -14,6 +14,7 @@ No PoCs from references.

 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-
--- a/2015/CVE-2015-7581.md
+++ b/2015/CVE-2015-7581.md
@ -14,6 +14,7 @@ No PoCs from references.

 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-
--- a/2016/CVE-2016-0117.md
+++ b/2016/CVE-2016-0117.md
@ -16,4 +16,5 @@ No PoCs from references.
 - https://github.com/0xCyberY/CVE-T4PDF
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/datntsec/WINDOWS-10-SEGMENT-HEAP-INTERNALS
+- https://github.com/ernestang98/win-exploits

--- a/2016/CVE-2016-0751.md
+++ b/2016/CVE-2016-0751.md
@ -14,6 +14,7 @@ No PoCs from references.

 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/vulsio/go-cve-dictionary
--- a/2016/CVE-2016-0752.md
+++ b/2016/CVE-2016-0752.md
@ -18,6 +18,7 @@ Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.
 - https://github.com/NzKoff/shift_summer_2019
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/dachidahu/CVE-2016-0752
 - https://github.com/forced-request/rails-rce-cve-2016-0752
 - https://github.com/jasnow/585-652-ruby-advisory-db
--- a/2016/CVE-2016-5678.md
+++ b/2016/CVE-2016-5678.md
@ -14,5 +14,5 @@ NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have har
 - https://www.exploit-db.com/exploits/40200/

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/xssec/xshodan

--- a/2017/CVE-2017-4905.md
+++ b/2017/CVE-2017-4905.md
@ -16,4 +16,5 @@ No PoCs from references.

 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/ernestang98/win-exploits

--- a/2017/CVE-2017-6090.md
+++ b/2017/CVE-2017-6090.md
@ -17,5 +17,6 @@ Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/asaotomo/FofaMap
 - https://github.com/jlk/exploit-CVE-2017-6090

--- a/2018/CVE-2018-17463.md
+++ b/2018/CVE-2018-17463.md
@ -18,6 +18,7 @@ Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 al
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/Uniguri/CVE-1day
 - https://github.com/changelog2020/JSEChalls
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hwiwonl/dayone
 - https://github.com/jhalon/CVE-2018-17463
 - https://github.com/kdmarti2/CVE-2018-17463
--- a/2018/CVE-2018-20250.md
+++ b/2018/CVE-2018-20250.md
@ -83,6 +83,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab
 - https://github.com/eastmountyxz/NetworkSecuritySelf-study
 - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis
 - https://github.com/githuberxu/Safety-Books
+- https://github.com/gnusec/soapffzblogposts_backup
 - https://github.com/googleprojectzero/winafl
 - https://github.com/gyaansastra/Red-Team-Toolkit
 - https://github.com/hardik05/winafl-powermopt
--- a/2018/CVE-2018-9948.md
+++ b/2018/CVE-2018-9948.md
@ -15,6 +15,7 @@ This vulnerability allows remote attackers to disclose sensitive information on

 #### Github
 - https://github.com/0xT11/CVE-POC
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958
 - https://github.com/orangepirate/cve-2018-9948-9958-exp
--- a/2018/CVE-2018-9958.md
+++ b/2018/CVE-2018-9958.md
@ -17,6 +17,7 @@ This vulnerability allows remote attackers to execute arbitrary code on vulnerab
 #### Github
 - https://github.com/0xT11/CVE-POC
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958
 - https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit
--- a/2019/CVE-2019-0567.md
+++ b/2019/CVE-2019-0567.md
@ -20,6 +20,7 @@ A remote code execution vulnerability exists in the way that the Chakra scriptin
 - https://github.com/EanNewton/Awesome-Reading-List
 - https://github.com/NatteeSetobol/Chakra-CVE-2019-0567
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/lnick2023/nicenice
 - https://github.com/nomi-sec/PoC-in-GitHub
--- a/2019/CVE-2019-11358.md
+++ b/2019/CVE-2019-11358.md
@ -3134,6 +3134,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/harshidk/MilleniumFalcons2022-2023OLD
 - https://github.com/harshidk/viperftclibrary-cpp
 - https://github.com/hashgupta/StaticDischargeCode
+- https://github.com/hatchetAx/14887FTC
 - https://github.com/hatchetAxing/14887FTC
 - https://github.com/heatedmonkeytrousers/powerplay
 - https://github.com/heavydriver/ftc_jasper
--- a/2019/CVE-2019-13764.md
+++ b/2019/CVE-2019-13764.md
@ -20,6 +20,7 @@ No PoCs from references.
 - https://github.com/KotenAngered/ZTE-Blade-A5-2019-Nae-Nae-List
 - https://github.com/OpposedDeception/ZTE-Blade-A5-2019-Nae-Nae-List
 - https://github.com/Self-Study-Committee/Skr_Learning
+- https://github.com/ernestang98/win-exploits
 - https://github.com/jfmcoronel/eevee
 - https://github.com/sslab-gatech/DIE
 - https://github.com/taielab/awesome-hacking-lists
--- a/2019/CVE-2019-13768.md
+++ b/2019/CVE-2019-13768.md
@ -16,6 +16,7 @@ No PoCs from references.
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ZwCreatePhoton/CVE-2019-5782_CVE-2019-13768
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/wh1ant/vulnjs
 - https://github.com/yuvaly0/exploits
--- a/2019/CVE-2019-18683.md
+++ b/2019/CVE-2019-18683.md
@ -22,6 +22,7 @@ An issue was discovered in drivers/media/platform/vivid in the Linux kernel thro
 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
 - https://github.com/Limesss/cve-2019-18683
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/kdn111/linux-kernel-exploitation
 - https://github.com/khanhdn111/linux-kernel-exploitation
--- a/2020/CVE-2020-0674.md
+++ b/2020/CVE-2020-0674.md
@ -49,6 +49,7 @@ A remote code execution vulnerability exists in the way that the scripting engin
 - https://github.com/binaryfigments/CVE-2020-0674
 - https://github.com/cyberanand1337x/bug-bounty-2022
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/ernestang98/win-exploits
 - https://github.com/forrest-orr/DoubleStar
 - https://github.com/hasee2018/Penetration_Testing_POC
 - https://github.com/hectorgie/PoC-in-GitHub
--- a/2020/CVE-2020-0796.md
+++ b/2020/CVE-2020-0796.md
@ -209,6 +209,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve
 - https://github.com/gabimarti/SMBScanner
 - https://github.com/giterlizzi/secdb-feeds
 - https://github.com/githuberxu/Safety-Books
+- https://github.com/gnusec/soapffzblogposts_backup
 - https://github.com/h7ml/h7ml
 - https://github.com/hack-parthsharma/WinPwn
 - https://github.com/halsten/CVE-2020-0796
--- a/2020/CVE-2020-16040.md
+++ b/2020/CVE-2020-16040.md
@ -21,6 +21,7 @@ Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowe
 - https://github.com/anvbis/chrome_v8_ndays
 - https://github.com/anvbis/trivialize
 - https://github.com/dongAxis/to_be_a_v8_master
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hktalent/bug-bounty
 - https://github.com/joydo/CVE-Writeups
 - https://github.com/maldev866/ChExp_CVE_2020_16040
--- a/2020/CVE-2020-6368.md
+++ b/2020/CVE-2020-6368.md
@ -0,0 +1,17 @@
+### [CVE-2020-6368](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6368)
+![](https://img.shields.io/static/v1?label=Product&message=SAP%20Business%20Planning%20and%20Consolidation&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3C750%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users, leading to Cross Site Scripting.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ernestang98/win-exploits
+
--- a/2021/CVE-2021-26084.md
+++ b/2021/CVE-2021-26084.md
@ -71,6 +71,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools
 - https://github.com/SYRTI/POC_to_review
 - https://github.com/Sma11New/PocList
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/TesterCC/exp_poc_library
 - https://github.com/TheclaMcentire/CVE-2021-26084_Confluence
 - https://github.com/Threekiii/Awesome-POC
--- a/2021/CVE-2021-33564.md
+++ b/2021/CVE-2021-33564.md
@ -27,6 +27,7 @@ An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby a
 - https://github.com/markevans/dragonfly
 - https://github.com/mlr0p/CVE-2021-33564
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rodolfomarianocy/OSCP-Tricks-2023
 - https://github.com/soosmile/POC
 - https://github.com/trhacknon/Pocingit
 - https://github.com/zecool/cve
--- a/2021/CVE-2021-34473.md
+++ b/2021/CVE-2021-34473.md
@ -33,6 +33,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability
 - https://github.com/CVEDB/PoC-List
 - https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/CVEDB/top
+- https://github.com/Dheerajmadhukar/karma_v2
 - https://github.com/DiedB/caldera-precomp
 - https://github.com/FDlucifer/Proxy-Attackchain
 - https://github.com/GhostTroops/TOP
--- a/2021/CVE-2021-38003.md
+++ b/2021/CVE-2021-38003.md
@ -18,6 +18,7 @@ No PoCs from references.
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/SpiralBL0CK/Chrome-V8-RCE-CVE-2021-38003
 - https://github.com/anvbis/chrome_v8_ndays
+- https://github.com/ernestang98/win-exploits
 - https://github.com/kestryix/tisc-2023-writeups
 - https://github.com/numencyber/Vulnerability_PoC
 - https://github.com/wh1ant/vulnjs
--- a/2021/CVE-2021-43798.md
+++ b/2021/CVE-2021-43798.md
@ -77,6 +77,7 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver
 - https://github.com/anonymous364872/Rapier_Tool
 - https://github.com/apif-review/APIF_tool_2024
 - https://github.com/asaotomo/CVE-2021-43798-Grafana-Exp
+- https://github.com/asaotomo/FofaMap
 - https://github.com/aymenbouferroum/CVE-2021-43798_exploit
 - https://github.com/b4zinga/Raphael
 - https://github.com/bigblackhat/oFx
--- a/2022/CVE-2022-0149.md
+++ b/2022/CVE-2022-0149.md
@ -15,4 +15,5 @@ The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/asaotomo/FofaMap

--- a/2022/CVE-2022-1134.md
+++ b/2022/CVE-2022-1134.md
@ -13,5 +13,5 @@ Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote at
 - http://packetstormsecurity.com/files/172851/Chrome-Renderer-Type-Confusion-Remote-Code-Execution.html

 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/ernestang98/win-exploits

--- a/2022/CVE-2022-1388.md
+++ b/2022/CVE-2022-1388.md
@ -78,6 +78,7 @@ On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.
 - https://github.com/Stonzyy/Exploit-F5-CVE-2022-1388
 - https://github.com/Str1am/my-nuclei-templates
 - https://github.com/SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/Threekiii/Awesome-POC
 - https://github.com/TomArni680/CVE-2022-1388-POC
 - https://github.com/TomArni680/CVE-2022-1388-RCE
--- a/2022/CVE-2022-22947.md
+++ b/2022/CVE-2022-22947.md
@ -74,6 +74,7 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are v
 - https://github.com/Sec-Fork/mullet2
 - https://github.com/SiJiDo/CVE-2022-22947
 - https://github.com/Summer177/Spring-Cloud-Gateway-CVE-2022-22947
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/SummerSec/learning-codeql
 - https://github.com/Tas9er/SpringCloudGatewayRCE
 - https://github.com/Threekiii/Awesome-Exploit
--- a/2022/CVE-2022-22963.md
+++ b/2022/CVE-2022-22963.md
@ -68,6 +68,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w
 - https://github.com/SirElmard/ethical_hacking
 - https://github.com/SnailDev/github-hot-hub
 - https://github.com/SourM1lk/CVE-2022-22963-Exploit
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/Threekiii/Awesome-Exploit
 - https://github.com/Threekiii/Awesome-POC
 - https://github.com/Threekiii/Awesome-Redteam
--- a/2022/CVE-2022-22965.md
+++ b/2022/CVE-2022-22965.md
@ -97,6 +97,7 @@ A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable t
 - https://github.com/Snip3R69/spring-shell-vuln
 - https://github.com/Sparrow-Co-Ltd/real_cve_examples
 - https://github.com/SummerSec/BlogPapers
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/SummerSec/SummerSec
 - https://github.com/TheGejr/SpringShell
 - https://github.com/Threekiii/Awesome-Exploit
--- a/2022/CVE-2022-26134.md
+++ b/2022/CVE-2022-26134.md
@ -48,6 +48,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
 - https://github.com/CatAnnaDev/CVE-2022-26134
 - https://github.com/Chocapikk/CVE-2022-26134
 - https://github.com/ColdFusionX/CVE-2022-26134
+- https://github.com/CuriousLearnerDev/Full-Scanner
 - https://github.com/CyberDonkyx0/CVE-2022-26134
 - https://github.com/DARKSTUFF-LAB/-CVE-2022-26134
 - https://github.com/DallasWmk/censys_takehome
@ -88,6 +89,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
 - https://github.com/Sakura-nee/CVE-2022-26134
 - https://github.com/SirElmard/ethical_hacking
 - https://github.com/StarCrossPortal/scalpel
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/Sylon001/Common-tool
 - https://github.com/Threekiii/Awesome-POC
 - https://github.com/Threekiii/Awesome-Redteam
--- a/2022/CVE-2022-28739.md
+++ b/2022/CVE-2022-28739.md
@ -16,6 +16,7 @@ There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x befor

 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/lifeparticle/Ruby-Cheatsheet
 - https://github.com/rubysec/ruby-advisory-db
--- a/2022/CVE-2022-4968.md
+++ b/2022/CVE-2022-4968.md
@ -0,0 +1,17 @@
+### [CVE-2022-4968](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4968)
+![](https://img.shields.io/static/v1?label=Product&message=Netplan&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%3D%201.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-200&color=brighgreen)
+
+### Description
+
+netplan leaks the private key of wireguard to local users. A security fix will be released soon.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/fkie-cad/nvd-json-data-feeds
+
--- a/2023/CVE-2023-0098.md
+++ b/2023/CVE-2023-0098.md
@ -0,0 +1,17 @@
+### [CVE-2023-0098](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0098)
+![](https://img.shields.io/static/v1?label=Product&message=Simple%20URLs&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=0%3C%20115%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+The Simple URLs WordPress plugin before 115 does not escape some parameters before using them in various SQL statements used by AJAX actions available by any authenticated users, leading to a SQL injection exploitable by low privilege users such as subscriber.
+
+### POC
+
+#### Reference
+- https://wpscan.com/vulnerability/db0b3275-40df-404e-aa8d-53558f0122d8
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-0841.md
+++ b/2023/CVE-2023-0841.md
@ -10,6 +10,7 @@ A vulnerability, which was classified as critical, has been found in GPAC 2.3-DE
 ### POC

 #### Reference
+- https://github.com/gpac/gpac/issues/2396
 - https://github.com/qianshuidewajueji/poc/blob/main/gpac/mp3_dmx_process_poc3

 #### Github
--- a/2023/CVE-2023-20938.md
+++ b/2023/CVE-2023-20938.md
@ -0,0 +1,17 @@
+### [CVE-2023-20938](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-20938)
+![](https://img.shields.io/static/v1?label=Product&message=Android&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Elevation%20of%20privilege&color=brighgreen)
+
+### Description
+
+In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-257685302References: Upstream kernel
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/IamAlch3mist/Awesome-Android-Vulnerability-Research
+
--- a/2023/CVE-2023-22795.md
+++ b/2023/CVE-2023-22795.md
@ -13,6 +13,7 @@ A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1 and <7.
 No PoCs from references.

 #### Github
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db

--- a/2023/CVE-2023-26484.md
+++ b/2023/CVE-2023-26484.md
@ -0,0 +1,17 @@
+### [CVE-2023-26484](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26484)
+![](https://img.shields.io/static/v1?label=Product&message=kubevirt&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3C%3D%200.59.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-863%3A%20Incorrect%20Authorization&color=brighgreen)
+
+### Description
+
+KubeVirt is a virtual machine management add-on for Kubernetes. In versions 0.59.0 and prior, if a malicious user has taken over a Kubernetes node where virt-handler (the KubeVirt node-daemon) is running, the virt-handler service account can be used to modify all node specs. This can be misused to lure-in system-level-privileged components which can, for instance, read all secrets on the cluster, or can exec into pods on other nodes. This way, a compromised node can be used to elevate privileges beyond the node until potentially having full privileged access to the whole cluster. The simplest way to exploit this, once a user could compromise a specific node, is to set with the virt-handler service account all other nodes to unschedulable and simply wait until system-critical components with high privileges appear on its node. No patches are available as of time of publication. As a workaround, gatekeeper users can add a webhook which will block the `virt-handler` service account to modify the spec of a node.
+
+### POC
+
+#### Reference
+- https://github.com/kubevirt/kubevirt/issues/9109
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-26756.md
+++ b/2023/CVE-2023-26756.md
@ -12,6 +12,7 @@
 #### Reference
 - https://googleinformationsworld.blogspot.com/2023/04/revive-adserver-541-vulnerable-to-brute.html
 - https://www.esecforte.com/login-page-brute-force-attack/
+- https://www.revive-adserver.com/security/response-to-cve-2023-26756/

 #### Github
 No PoCs found on GitHub currently.
--- a/2023/CVE-2023-27652.md
+++ b/2023/CVE-2023-27652.md
@ -0,0 +1,17 @@
+### [CVE-2023-27652](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27652)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges cause a denial of service via the update_info field of the _default_.xml file.
+
+### POC
+
+#### Reference
+- https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27652/CVE%20detail.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-29747.md
+++ b/2023/CVE-2023-29747.md
@ -0,0 +1,17 @@
+### [CVE-2023-29747](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29747)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Story Saver for Instragram - Video Downloader 1.0.6 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the application is opened. Depending on how the data is used, this can result in various attack consequences, such as ad display exceptions.
+
+### POC
+
+#### Reference
+- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29747/CVE%20detail.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-29751.md
+++ b/2023/CVE-2023-29751.md
@ -0,0 +1,17 @@
+### [CVE-2023-29751](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29751)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue found in Yandex Navigator v.6.60 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
+
+### POC
+
+#### Reference
+- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29751/CVE%20detailed.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-29758.md
+++ b/2023/CVE-2023-29758.md
@ -0,0 +1,17 @@
+### [CVE-2023-29758](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29758)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue found in Blue Light Filter v.1.5.5 for Android allows unauthorized apps to cause a persistent denial of service by manipulating the SharedPreference files.
+
+### POC
+
+#### Reference
+- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29758/CVE%20detailed.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-29767.md
+++ b/2023/CVE-2023-29767.md
@ -0,0 +1,17 @@
+### [CVE-2023-29767](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29767)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause a persistent denial of service via the database files.
+
+### POC
+
+#### Reference
+- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29767/CVE%20detailed.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-31468.md
+++ b/2023/CVE-2023-31468.md
@ -11,7 +11,9 @@ An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3

 #### Reference
 - http://packetstormsecurity.com/files/174268/Inosoft-VisiWin-7-2022-2.1-Insecure-Permissions-Privilege-Escalation.html
+- https://www.cisa.gov/news-events/ics-advisories/icsa-24-151-03
 - https://www.exploit-db.com/exploits/51682
+- https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

 #### Github
 No PoCs found on GitHub currently.
--- a/2023/CVE-2023-31492.md
+++ b/2023/CVE-2023-31492.md
@ -11,6 +11,7 @@ Zoho ManageEngine ADManager Plus version 7182 and prior disclosed the default pa

 #### Reference
 - http://packetstormsecurity.com/files/177091/ManageEngine-ADManager-Plus-Recovery-Password-Disclosure.html
+- https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2023/CVE-2023-36121.md
+++ b/2023/CVE-2023-36121.md
@ -10,6 +10,7 @@ Cross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to e
 ### POC

 #### Reference
+- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/e107%20v2.3.2.md
 - https://www.chtsecurity.com/news/0a4743a5-491e-4685-95ee-df8316ab5284
 - https://www.exploit-db.com/exploits/51449

--- a/2023/CVE-2023-36644.md
+++ b/2023/CVE-2023-36644.md
@ -10,7 +10,7 @@ Incorrect Access Control in ITB-GmbH TradePro v9.5, allows remote attackers to r
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/caffeinated-labs/CVE-2023-36644

 #### Github
 - https://github.com/caffeinated-labs/CVE-2023-36644
--- a/2023/CVE-2023-3797.md
+++ b/2023/CVE-2023-3797.md
@ -0,0 +1,17 @@
+### [CVE-2023-3797](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3797)
+![](https://img.shields.io/static/v1?label=Product&message=Four%20Mountain%20Torrent%20Disaster%20Prevention%20and%20Control%20of%20Monitoring%20and%20Early%20Warning%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%2020230712%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability, which was classified as critical, was found in Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712. This affects an unknown part of the file /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx. The manipulation of the argument Filedata leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier VDB-235065 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/segonse/cve/blob/main/sichuang/sichuang.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-3798.md
+++ b/2023/CVE-2023-3798.md
@ -0,0 +1,17 @@
+### [CVE-2023-3798](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3798)
+![](https://img.shields.io/static/v1?label=Product&message=Flash%20Flood%20Disaster%20Monitoring%20and%20Warning%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0 and classified as critical. This vulnerability affects unknown code of the file /App_Resource/UEditor/server/upload.aspx. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and may be used. VDB-235066 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/RCEraser/cve/blob/main/wanjiang.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-3802.md
+++ b/2023/CVE-2023-3802.md
@ -10,6 +10,7 @@ A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning
 ### POC

 #### Reference
+- https://github.com/GUIqizsq/cve/blob/main/upload_1.md
 - https://vuldb.com/?id.235070

 #### Github
--- a/2023/CVE-2023-3804.md
+++ b/2023/CVE-2023-3804.md
@ -0,0 +1,17 @@
+### [CVE-2023-3804](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3804)
+![](https://img.shields.io/static/v1?label=Product&message=Flash%20Flood%20Disaster%20Monitoring%20and%20Warning%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-434%20Unrestricted%20Upload&color=brighgreen)
+
+### Description
+
+A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file /Service/FileHandler.ashx. The manipulation of the argument userFile leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235072. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/yueying638/cve/blob/main/upload.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-38870.md
+++ b/2023/CVE-2023-38870.md
@ -0,0 +1,17 @@
+### [CVE-2023-38870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38870)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A SQL injection vulnerability exists in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1. The cash book has a feature to list accomplishments by category, and the 'category_id' parameter is vulnerable to SQL Injection.
+
+### POC
+
+#### Reference
+- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38870
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-38872.md
+++ b/2023/CVE-2023-38872.md
@ -0,0 +1,17 @@
+### [CVE-2023-38872](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38872)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment.
+
+### POC
+
+#### Reference
+- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38872
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-38874.md
+++ b/2023/CVE-2023-38874.md
@ -0,0 +1,17 @@
+### [CVE-2023-38874](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38874)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A remote code execution (RCE) vulnerability via an insecure file upload exists in gugoan's Economizzer v.0.9-beta1 and commit 3730880 (April 2023). A malicious attacker can upload a PHP web shell as an attachment when adding a new cash book entry. Afterwards, the attacker may visit the web shell and execute arbitrary commands.
+
+### POC
+
+#### Reference
+- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38874
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-38876.md
+++ b/2023/CVE-2023-38876.md
@ -0,0 +1,17 @@
+### [CVE-2023-38876](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38876)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A reflected cross-site scripting (XSS) vulnerability in msaad1999's PHP-Login-System 2.0.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'selector' parameter in '/reset-password'.
+
+### POC
+
+#### Reference
+- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38876
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-38879.md
+++ b/2023/CVE-2023-38879.md
@ -0,0 +1,17 @@
+### [CVE-2023-38879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38879)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+The Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to read arbitrary files via a directory traversal vulnerability in the 'filename' parameter of 'DownloadWindow.php'.
+
+### POC
+
+#### Reference
+- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38879
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-38882.md
+++ b/2023/CVE-2023-38882.md
@ -0,0 +1,17 @@
+### [CVE-2023-38882](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38882)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A reflected cross-site scripting (XSS) vulnerability in the Community Edition version 9.0 of OS4ED's openSIS Classic allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'include' parameter in 'ForExport.php'
+
+### POC
+
+#### Reference
+- https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38882
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-38973.md
+++ b/2023/CVE-2023-38973.md
@ -0,0 +1,17 @@
+### [CVE-2023-38973](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38973)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.
+
+### POC
+
+#### Reference
+- https://github.com/anh91/uasoft-indonesia--badaso/blob/main/xss5.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-39551.md
+++ b/2023/CVE-2023-39551.md
@ -10,6 +10,7 @@ PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injec
 ### POC

 #### Reference
+- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.md
 - https://www.chtsecurity.com/news/0dbe8e1d-0a6c-4604-9cf1-778ddc86a8c1

 #### Github
--- a/2023/CVE-2023-40280.md
+++ b/2023/CVE-2023-40280.md
@ -10,7 +10,7 @@ An issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a dir
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/BugBountyHunterCVE/CVE-2023-40280/blob/main/CVE-2023-40280_Authenticated-Directory-Path-Traversal_OpenClinic-GA_5.247.01_Report.md

 #### Github
 - https://github.com/BugBountyHunterCVE/CVE-2023-40280
--- a/2023/CVE-2023-41036.md
+++ b/2023/CVE-2023-41036.md
@ -10,7 +10,7 @@ Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv

 #### Github
 - https://github.com/NaInSec/CVE-LIST
--- a/2023/CVE-2023-41334.md
+++ b/2023/CVE-2023-41334.md
@ -10,7 +10,7 @@ Astropy is a project for astronomy in Python that fosters interoperability betwe
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/astropy/astropy/security/advisories/GHSA-h2x6-5jx5-46hf

 #### Github
 - https://github.com/NaInSec/CVE-LIST
--- a/2023/CVE-2023-41443.md
+++ b/2023/CVE-2023-41443.md
@ -0,0 +1,17 @@
+### [CVE-2023-41443](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41443)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+SQL injection vulnerability in Novel-Plus v.4.1.0 allows a remote attacker to execute arbitrary code via a crafted script to the sort parameter in /sys/menu/list.
+
+### POC
+
+#### Reference
+- https://github.com/Deng-JunFeng/cve-lists/tree/main/novel-plus/vuln
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-4165.md
+++ b/2023/CVE-2023-4165.md
@ -10,7 +10,7 @@ A vulnerability, which was classified as critical, was found in Tongda OA. This
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/nagenanhai/cve/blob/main/sql.md

 #### Github
 - https://github.com/d4n-sec/d4n-sec.github.io
--- a/2023/CVE-2023-4171.md
+++ b/2023/CVE-2023-4171.md
@ -0,0 +1,17 @@
+### [CVE-2023-4171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4171)
+![](https://img.shields.io/static/v1?label=Product&message=Flash%20Flood%20Disaster%20Monitoring%20and%20Warning%20System&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.0%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-24%20Path%20Traversal%3A%20'..%2Ffiledir'&color=brighgreen)
+
+### Description
+
+A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file \Service\FileDownload.ashx. The manipulation of the argument Files leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-236206 is the identifier assigned to this vulnerability.
+
+### POC
+
+#### Reference
+- https://github.com/nagenanhai/cve/blob/main/duqu.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-42286.md
+++ b/2023/CVE-2023-42286.md
@ -0,0 +1,17 @@
+### [CVE-2023-42286](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42286)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4, allowing attackers to execute code or system commands through a carefully crafted malicious payload.
+
+### POC
+
+#### Reference
+- https://github.com/Nacl122/CVEReport/blob/main/CVE-2023-42286/CVE-2023-42286.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-4414.md
+++ b/2023/CVE-2023-4414.md
@ -10,7 +10,7 @@ A vulnerability was found in Byzoro Smart S85F Management Platform up to 2023080
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/RCEraser/cve/blob/main/S85F.md

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2023/CVE-2023-44253.md
+++ b/2023/CVE-2023-44253.md
@ -0,0 +1,18 @@
+### [CVE-2023-44253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44253)
+![](https://img.shields.io/static/v1?label=Product&message=FortiAnalyzer&color=blue)
+![](https://img.shields.io/static/v1?label=Product&message=FortiManager&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=7.4.0%3C%3D%207.4.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Information%20disclosure&color=brighgreen)
+
+### Description
+
+An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet FortiManager version 7.4.0 through 7.4.1 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.1 and before 7.2.5 and FortiAnalyzer-BigData before 7.2.5 allows an adom administrator to enumerate other adoms and device names via crafted HTTP or HTTPS requests.
+
+### POC
+
+#### Reference
+- https://github.com/orangecertcc/security-research/security/advisories/GHSA-25j8-69h7-83h2
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-44693.md
+++ b/2023/CVE-2023-44693.md
@ -10,7 +10,7 @@ D-Link Online behavior audit gateway DAR-7000 V31R02B1413C is vulnerable to SQL
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/llixixi/cve/blob/main/D-LINK-DAR-7000_sql_%20importexport.md

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2023/CVE-2023-4543.md
+++ b/2023/CVE-2023-4543.md
@ -0,0 +1,17 @@
+### [CVE-2023-4543](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4543)
+![](https://img.shields.io/static/v1?label=Product&message=OA&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%204.5.5%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-89%20SQL%20Injection&color=brighgreen)
+
+### Description
+
+A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238048. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
+
+### POC
+
+#### Reference
+- https://github.com/spcck/cve/blob/main/sql.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-46012.md
+++ b/2023/CVE-2023-46012.md
@ -0,0 +1,17 @@
+### [CVE-2023-46012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46012)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Buffer Overflow vulnerability LINKSYS EA7500 3.0.1.207964 allows a remote attacker to execute arbitrary code via an HTTP request to the IGD UPnP.
+
+### POC
+
+#### Reference
+- https://github.com/dest-3/CVE-2023-46012/tree/main
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-46060.md
+++ b/2023/CVE-2023-46060.md
@ -0,0 +1,17 @@
+### [CVE-2023-46060](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46060)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+A Buffer Overflow vulnerability in Tenda AC500 v.2.0.1.9 allows a remote attacker to cause a denial of service via the port parameter at the goform/setVlanInfo component.
+
+### POC
+
+#### Reference
+- https://github.com/peris-navince/founded-0-days/blob/main/Tenda/ac500/fromSetVlanInfo/1.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-46426.md
+++ b/2023/CVE-2023-46426.md
@ -0,0 +1,17 @@
+### [CVE-2023-46426](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46426)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Heap-based Buffer Overflow vulnerability in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code and cause a denial of service (DoS) via gf_fwrite component in at utils/os_file.c.
+
+### POC
+
+#### Reference
+- https://github.com/gpac/gpac/issues/2642
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-46427.md
+++ b/2023/CVE-2023-46427.md
@ -0,0 +1,17 @@
+### [CVE-2023-46427](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46427)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+An issue was discovered in gpac version 2.3-DEV-rev588-g7edc40fee-master, allows remote attackers to execute arbitrary code, cause a denial of service (DoS), and obtain sensitive information via null pointer deference in gf_dash_setup_period component in media_tools/dash_client.c.
+
+### POC
+
+#### Reference
+- https://github.com/gpac/gpac/issues/2641
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-46442.md
+++ b/2023/CVE-2023-46442.md
@ -10,7 +10,7 @@ An infinite loop in the retrieveActiveBody function of Soot before v4.4.1 under
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/JAckLosingHeart/CVE-2023-46442_POC/tree/main

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2023/CVE-2023-46694.md
+++ b/2023/CVE-2023-46694.md
@ -0,0 +1,17 @@
+### [CVE-2023-46694](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46694)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Vtenext 21.02 allows an authenticated attacker to upload arbitrary files, potentially enabling them to execute remote commands. This flaw exists due to the application's failure to enforce proper authentication controls when accessing the Ckeditor file manager functionality.
+
+### POC
+
+#### Reference
+- https://github.com/invisiblebyte/CVE-2023-46694
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-46950.md
+++ b/2023/CVE-2023-46950.md
@ -10,7 +10,7 @@ Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2023/CVE-2023-46951.md
+++ b/2023/CVE-2023-46951.md
@ -10,7 +10,7 @@ Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote
 ### POC

 #### Reference
-No PoCs from references.
+- https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38

 #### Github
 - https://github.com/fkie-cad/nvd-json-data-feeds
--- a/2023/CVE-2023-4850.md
+++ b/2023/CVE-2023-4850.md
@ -10,6 +10,7 @@ A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. T
 ### POC

 #### Reference
+- https://github.com/RCEraser/cve/blob/main/sql_inject_2.md
 - https://vuldb.com/?id.239259

 #### Github
--- a/2023/CVE-2023-48859.md
+++ b/2023/CVE-2023-48859.md
@ -0,0 +1,17 @@
+### [CVE-2023-48859](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48859)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+TOTOLINK A3002RU version 2.0.0-B20190902.1958 has a post-authentication RCE due to incorrect access control, allows attackers to bypass front-end security restrictions and execute arbitrary code.
+
+### POC
+
+#### Reference
+- https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-A3002RU-RCE.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-49275.md
+++ b/2023/CVE-2023-49275.md
@ -0,0 +1,17 @@
+### [CVE-2023-49275](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49275)
+![](https://img.shields.io/static/v1?label=Product&message=wazuh&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%20%3E%3D%203.2.0%2C%20%3C%204.7.1%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%3A%20NULL%20Pointer%20Dereference&color=brighgreen)
+
+### Description
+
+Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when `analysisd` receives a syscollector message with the `hotfix` `msg_type` but lacking a `timestamp`. It uses `cJSON_GetObjectItem()` to get the `timestamp` object item and dereferences it without checking for a `NULL` value. A malicious client can DoS the analysis engine. This vulnerability is fixed in 4.7.1.
+
+### POC
+
+#### Reference
+- https://github.com/wazuh/wazuh/security/advisories/GHSA-4mq7-w9r6-9975
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2023/CVE-2023-49484.md
+++ b/2023/CVE-2023-49484.md
@ -0,0 +1,17 @@
+### [CVE-2023-49484](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49484)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Dreamer CMS v4.1.3 was discovered to contain a cross-site scripting (XSS) vulnerability in the article management department.
+
+### POC
+
+#### Reference
+- https://github.com/jiaofj/cms/blob/main/There%20is%20a%20storage%20based%20XSS%20in%20the%20article%20management%20department.md
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/Show More
+++ b/Show More