mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
5.1 KiB
5.1 KiB
CVE-2017-12615
Description
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
POC
Reference
- http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html
- https://github.com/breaktoprotect/CVE-2017-12615
- https://www.exploit-db.com/exploits/42953/
Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0day666/Vulnerability-verification
- https://github.com/0ps/pocassistdb
- https://github.com/1120362990/vulnerability-list
- https://github.com/1337g/CVE-2017-12615
- https://github.com/1f3lse/taiE
- https://github.com/20142995/Goby
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ArrestX/--POC
- https://github.com/Aukaii/notes
- https://github.com/BeyondCy/CVE-2017-12615
- https://github.com/CLincat/vulcat
- https://github.com/CnHack3r/Penetration_PoC
- https://github.com/EchoGin404/-
- https://github.com/EchoGin404/gongkaishouji
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HimmelAward/Goby_POC
- https://github.com/KRookieSec/WebSecurityStudy
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NCSU-DANCE-Research-Group/CDL
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Seif-Naouali/Secu_Dev_2
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Tyro-Shan/gongkaishouji
- https://github.com/Weik1/Artillery
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/YgorAlberto/Ethical-Hacker
- https://github.com/YgorAlberto/ygoralberto.github.io
- https://github.com/Z0fhack/Goby_POC
- https://github.com/ZTK-009/Penetration_PoC
- https://github.com/ZTK-009/RedTeamer
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/amcai/myscan
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/cved-sources/cve-2017-12615
- https://github.com/cyberharsh/Tomcat-CVE-2017-12615
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/deut-erium/inter-iit-netsec
- https://github.com/einzbernnn/Tomcatscan
- https://github.com/enomothem/PenTestNote
- https://github.com/fengjixuchui/RedTeamer
- https://github.com/g6a/g6adoc
- https://github.com/hasee2018/Penetration_Testing_POC
- https://github.com/heane404/CVE_scan
- https://github.com/huike007/penetration_poc
- https://github.com/huike007/poc
- https://github.com/huimzjty/vulwiki
- https://github.com/hxysaury/saury-vulnhub
- https://github.com/ianxtianxt/CVE-2017-12615
- https://github.com/ilhamrzr/ApacheTomcat
- https://github.com/jweny/pocassistdb
- https://github.com/k8gege/Aggressor
- https://github.com/k8gege/Ladon
- https://github.com/k8gege/PowerLadon
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/lnick2023/nicenice
- https://github.com/lp008/Hack-readme
- https://github.com/maya6/-scan-
- https://github.com/mefulton/cve-2017-12615
- https://github.com/nixawk/labs
- https://github.com/oneplus-x/MS17-010
- https://github.com/password520/Penetration_PoC
- https://github.com/password520/RedTeamer
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/qiantu88/Tomcat-Exploit
- https://github.com/qiwentaidi/Slack
- https://github.com/r0eXpeR/redteam_vul
- https://github.com/safe6Sec/PentestNote
- https://github.com/skyblueflag/WebSecurityStudy
- https://github.com/sobinge/nuclei-templates
- https://github.com/sponkmonk/Ladon_english_update
- https://github.com/superfish9/pt
- https://github.com/tdcoming/Vulnerability-engine
- https://github.com/tpt11fb/AttackTomcat
- https://github.com/trganda/dockerv
- https://github.com/underattack-today/underattack-py
- https://github.com/veo/vscan
- https://github.com/w0x68y/CVE-2017-12615-EXP
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/woodpecker-appstore/tomcat-vuldb
- https://github.com/woods-sega/woodswiki
- https://github.com/wsg00d/cve-2017-12615
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xiaokp7/Tomcat_PUT_GUI_EXP
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yedada-wei/-
- https://github.com/yedada-wei/gongkaishouji
- https://github.com/zha0/Bei-Gai-penetration-test-guide
- https://github.com/zi0Black/POC-CVE-2017-12615-or-CVE-2017-12717