Skip to content

vulcat-v1.1.4
Compare
Choose a tag to compare
@CLincat CLincat released this 10 Oct 02:49
· 16 commits to main since this release
vulcat-v1.1.4
af563fc

2022.10.10
vulcat-v1.1.4

  • 新POC:
  1. Apache SkyWalking SQL注入(CVE-2020-9483)
  2. Solr 远程命令执行(CVE-2017-12629)
  3. Solr Velocity 注入远程命令执行(CVE-2019-17558)
  4. phpMyadmin Scripts/setup.php 反序列化(WooYun-2016-199433)
  5. phpMyadmin 4.8.1 远程文件包含(CVE-2018-12613)
  6. PHPUnit 远程代码执行(CVE-2017-9841)
  7. Spring Security OAuth2 远程命令执行(CVE-2016-4977)
  8. Spring Data Rest 远程命令执行(CVE-2017-8046)
  9. Spring Data Commons 远程命令执行(CVE-2018-1273)
  • 新功能:
  1. --list已经支持英文,可通过使用“python vulcat.py --list”查看英文的漏洞列表(vulcat默认语言改为英文,可以修改文件vulcat/lib/initial/language.py进行语言的切换)
  • New POC:
  1. Apache SkyWalking SQLinject (CVE-2020-9483)
  2. Solr Remote Command Execution (CVE-2017-12629)
  3. Solr Remote Code Execution Via Velocity Custom Template (CVE-2019-17558)
  4. phpMyAdmin Scripts/setup.php Deserialization (WooYun-2016-199433)
  5. phpMyAdmin 4.8.1 Remote File Inclusion (CVE-2018-12613)
  6. PHPUnit Remote Command Execution (CVE-2017-9841)
  7. Spring Security OAuth2 Remote Command Execution (CVE-2016-4977)
  8. Spring Data Rest Remote Command Execution (CVE-2017-8046)
  9. Spring Data Commons Remote Command Execution (CVE-2018-1273)
  • New features:
  1. --list already supports English, you can view the list of vulnerabilities in English by using "python vulcat.py --list" (the default language of vulcat is changed to English, and the file vulcat/lib/initial/language.py can be modified for language switching)
Assets 3
Loading