Updated by KhulnaSoft [BOT] 🤖

khulnasoft-lab · Sep 10, 2024 · 9a5f77c · 9a5f77c
1 parent 0be7d38
commit 9a5f77c
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 1 deletion.
diff --git a/db/cve.sqlite b/db/cve.sqlite
diff --git a/docs/README.md b/docs/README.md
@@ -2,12 +2,13 @@
 
 > Automatic monitor github cve using Github Actions
 
-Last generated: 2024-09-09 02:13:08.551992
+Last generated: 2024-09-10 02:11:08.579495
 
 | CVE | Name | Description | Date |
 |---|---|---|---|
 | [CVE-2024-7954](https://www.cve.org/CVERecord?id=CVE-2024-7954) | [Chocapikk/CVE-2024-7954](https://github.com/Chocapikk/CVE-2024-7954) | Unauthenticated Remote Code Execution in SPIP versions up to and including 4.2.12 | 2024-08-10T20:15:41Z |
 | [CVE-2024-7339](https://www.cve.org/CVERecord?id=CVE-2024-7339) | [RevoltSecurities/CVE-2024-7339](https://github.com/RevoltSecurities/CVE-2024-7339) | An Vulnerability detection and Exploitation tool for  CVE-2024-7339 | 2024-08-05T16:26:18Z |
+| [CVE-2024-7313](https://www.cve.org/CVERecord?id=CVE-2024-7313) | [Wayne-Ker/CVE-2024-7313](https://github.com/Wayne-Ker/CVE-2024-7313) | Custom Proof-of-Concept on XSS to Unauthorized Admin Account Creation via WordPress Plugin Shield Security &lt; 20.0.6 | 2024-08-16T01:01:57Z |
 | [CVE-2024-7188](https://www.cve.org/CVERecord?id=CVE-2024-7188) | [codeb0ss/CVE-2024-7188-PoC](https://github.com/codeb0ss/CVE-2024-7188-PoC) | Mass Exploit &lt; [CVE-2024-7188 - Bylancer Quicklancer] - SQL Injection | 2024-07-30T10:51:24Z |
 | [CVE-2024-7120](https://www.cve.org/CVERecord?id=CVE-2024-7120) | [codeb0ss/CVE-2024-7120-PoC](https://github.com/codeb0ss/CVE-2024-7120-PoC) | Mass Exploit &lt; [CVE-2024-7120 - Raisecom] - Command Injection | 2024-08-01T17:39:45Z |
 | [CVE-2024-6782](https://www.cve.org/CVERecord?id=CVE-2024-6782) | [zangjiahe/CVE-2024-6782](https://github.com/zangjiahe/CVE-2024-6782) | Calibre 远程代码执行（CVE-2024-6782）Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution. | 2024-08-06T15:31:48Z |
@@ -240,6 +241,8 @@ Last generated: 2024-09-09 02:13:08.551992
 | [CVE-2024-43044](https://www.cve.org/CVERecord?id=CVE-2024-43044) | [v9d0g/CVE-2024-43044-POC](https://github.com/v9d0g/CVE-2024-43044-POC) | CVE-2024-43044的利用方式 | 2024-08-13T07:32:35Z |
 | [CVE-2024-4295](https://www.cve.org/CVERecord?id=CVE-2024-4295) | [truonghuuphuc/CVE-2024-4295-Poc](https://github.com/truonghuuphuc/CVE-2024-4295-Poc) | CVE-2024-4295 Email Subscribers by Icegram Express &lt;= 5.7.20 - Unauthenticated SQL Injection via hash | 2024-06-05T09:29:20Z |
 | [CVE-2024-4295](https://www.cve.org/CVERecord?id=CVE-2024-4295) | [cve-2024/CVE-2024-4295-Poc](https://github.com/cve-2024/CVE-2024-4295-Poc) | no description | 2024-06-14T07:04:36Z |
+| [CVE-2024-42850](https://www.cve.org/CVERecord?id=CVE-2024-42850) | [njmbb8/CVE-2024-42850](https://github.com/njmbb8/CVE-2024-42850) | An issue in Silverpeas v6.4.2 and lower allows for the bypassing of password complexity requirements. | 2024-08-15T21:32:29Z |
+| [CVE-2024-42849](https://www.cve.org/CVERecord?id=CVE-2024-42849) | [njmbb8/CVE-2024-42849](https://github.com/njmbb8/CVE-2024-42849) | An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function. | 2024-08-15T21:57:29Z |
 | [CVE-2024-42758](https://www.cve.org/CVERecord?id=CVE-2024-42758) | [1s1ldur/CVE-2024-42758](https://github.com/1s1ldur/CVE-2024-42758) | CVE-2024-42758 - Dokuwiki (indexmenu plugin) - XSS Vulnerability | 2024-08-15T13:59:50Z |
 | [CVE-2024-42461](https://www.cve.org/CVERecord?id=CVE-2024-42461) | [fevar54/CVE-2024-42461](https://github.com/fevar54/CVE-2024-42461) | Se han identificado problemas en la verificación de firmas ECDSA y EDDSA en el proyecto Wycheproof. Las comprobaciones ausentes durante la etapa de decodificación de firmas permiten agregar o eliminar bytes cero, lo que afecta la capacidad de envío de correos. | 2024-08-06T21:56:15Z |
 | [CVE-2024-4232](https://www.cve.org/CVERecord?id=CVE-2024-4232) | [Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232](https://github.com/Redfox-Secuirty/Digisol-DG-GR1321-s-Password-Storage-in-Plaintext-CVE-2024-4232) | no description | 2024-06-18T11:05:06Z |
@@ -333,6 +336,7 @@ Last generated: 2024-09-09 02:13:08.551992
 | [CVE-2024-38063](https://www.cve.org/CVERecord?id=CVE-2024-38063) | [diegoalbuquerque/CVE-2024-38063](https://github.com/diegoalbuquerque/CVE-2024-38063) | mitigation script by disabling ipv6 of all interfaces | 2024-08-15T12:41:01Z |
 | [CVE-2024-3806](https://www.cve.org/CVERecord?id=CVE-2024-3806) | [truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc](https://github.com/truonghuuphuc/CVE-2024-3806-AND-CVE-2024-3807-Poc) | CVE-2024-3806: Porto &lt;= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts CVE-2024-3807: Porto &lt;= 7.1.0 - Authenticated (Contributor+) Local File Inclusion via Post Meta | 2024-05-10T16:13:07Z |
 | [CVE-2024-38041](https://www.cve.org/CVERecord?id=CVE-2024-38041) | [varwara/CVE-2024-38041](https://github.com/varwara/CVE-2024-38041) | Kernel pointers copied to output user mode buffer with ioctl 0x22A014 in the appid.sys driver. | 2024-07-21T02:29:18Z |
+| [CVE-2024-38036](https://www.cve.org/CVERecord?id=CVE-2024-38036) | [hnytgl/CVE-2024-38036](https://github.com/hnytgl/CVE-2024-38036) | 排查ipv6使用情况 | 2024-08-16T01:38:21Z |
 | [CVE-2024-37889](https://www.cve.org/CVERecord?id=CVE-2024-37889) | [uname-s/CVE-2024-37889](https://github.com/uname-s/CVE-2024-37889) | no description | 2024-06-17T04:50:00Z |
 | [CVE-2024-37888](https://www.cve.org/CVERecord?id=CVE-2024-37888) | [7Ragnarok7/CVE-2024-37888](https://github.com/7Ragnarok7/CVE-2024-37888) | XSS PoC/Exploit for Open Link Plugin for CKEditor 4 | 2024-06-10T07:00:18Z |
 | [CVE-2024-37843](https://www.cve.org/CVERecord?id=CVE-2024-37843) | [gsmith257-cyber/CVE-2024-37843-POC](https://github.com/gsmith257-cyber/CVE-2024-37843-POC) | POC for CVE-2024-37843. Craft CMS time-based blind SQLi | 2024-06-18T02:27:04Z |
@@ -905,6 +909,7 @@ Last generated: 2024-09-09 02:13:08.551992
 | [CVE-2024-27198](https://www.cve.org/CVERecord?id=CVE-2024-27198) | [Shimon03/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-](https://github.com/Shimon03/Explora-o-RCE-n-o-autenticado-JetBrains-TeamCity-CVE-2024-27198-) | Em fevereiro de 2024, foi identificado duas novas vulnerabilidades que afetam o servidor JetBrains TeamCity (CVE-2024-27198 e CVE-2024-27199) | 2024-04-02T09:46:51Z |
 | [CVE-2024-27198](https://www.cve.org/CVERecord?id=CVE-2024-27198) | [Stuub/RCity-CVE-2024-27198](https://github.com/Stuub/RCity-CVE-2024-27198) | CVE-2024-27198 &amp; CVE-2024-27199 PoC - RCE, Admin Account Creation, Enum Users, Server Information | 2024-04-22T22:14:24Z |
 | [CVE-2024-27198](https://www.cve.org/CVERecord?id=CVE-2024-27198) | [HPT-Intern-Task-Submission/CVE-2024-27198](https://github.com/HPT-Intern-Task-Submission/CVE-2024-27198) | no description | 2024-07-20T17:26:13Z |
+| [CVE-2024-27198](https://www.cve.org/CVERecord?id=CVE-2024-27198) | [jrbH4CK/CVE-2024-27198](https://github.com/jrbH4CK/CVE-2024-27198) | PoC about CVE-2024-27198 | 2024-08-16T05:39:57Z |
 | [CVE-2024-27173](https://www.cve.org/CVERecord?id=CVE-2024-27173) | [Ieakd/0day-POC-for-CVE-2024-27173](https://github.com/Ieakd/0day-POC-for-CVE-2024-27173) | no description | 2024-06-14T07:04:46Z |
 | [CVE-2024-27130](https://www.cve.org/CVERecord?id=CVE-2024-27130) | [watchtowrlabs/CVE-2024-27130](https://github.com/watchtowrlabs/CVE-2024-27130) | PoC for CVE-2024-27130 | 2024-05-17T07:58:01Z |
 | [CVE-2024-27130](https://www.cve.org/CVERecord?id=CVE-2024-27130) | [d0rb/CVE-2024-27130](https://github.com/d0rb/CVE-2024-27130) | This Python script is designed as a proof-of-concept (PoC) for the CVE-2024-27130 vulnerability in QNAP QTS | 2024-05-21T11:14:22Z |
@@ -1228,6 +1233,7 @@ Last generated: 2024-09-09 02:13:08.551992
 | [CVE-2024-21762](https://www.cve.org/CVERecord?id=CVE-2024-21762) | [Codeb3af/Cve-2024-21762-](https://github.com/Codeb3af/Cve-2024-21762-) | Full exploit of Cve-2024-21762! | 2024-04-16T22:06:52Z |
 | [CVE-2024-21762](https://www.cve.org/CVERecord?id=CVE-2024-21762) | [rdoix/cve-2024-21762-checker](https://github.com/rdoix/cve-2024-21762-checker) | no description | 2024-06-20T02:58:02Z |
 | [CVE-2024-21754](https://www.cve.org/CVERecord?id=CVE-2024-21754) | [CyberSecuritist/CVE-2024-21754-Forti-RCE](https://github.com/CyberSecuritist/CVE-2024-21754-Forti-RCE) | no description | 2024-06-27T18:52:06Z |
+| [CVE-2024-21733](https://www.cve.org/CVERecord?id=CVE-2024-21733) | [LtmThink/CVE-2024-21733](https://github.com/LtmThink/CVE-2024-21733) | 一个验证对CVE-2024-21733 | 2024-08-15T09:47:32Z |
 | [CVE-2024-21683](https://www.cve.org/CVERecord?id=CVE-2024-21683) | [r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server](https://github.com/r00t7oo2jm/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server) | This vulnerability allows an unauthenticated attacker to remotely execute arbitrary code on a vulnerable Confluence server. The vulnerability exists due to an improper validation of user-supplied input in the Confluence REST API. This allows an attacker to inject malicious code into the Confluence server, which can then be executed by the server | 2024-05-23T02:10:24Z |
 | [CVE-2024-21683](https://www.cve.org/CVERecord?id=CVE-2024-21683) | [absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server](https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server) | This vulnerability could allow an attacker to take complete control of a vulnerable Confluence server. This could allow the attacker to steal data, modify data, or disrupt the availability of the server. | 2024-05-24T05:38:18Z |
 | [CVE-2024-21683](https://www.cve.org/CVERecord?id=CVE-2024-21683) | [W01fh4cker/CVE-2024-21683-RCE](https://github.com/W01fh4cker/CVE-2024-21683-RCE) | CVE-2024-21683 Confluence Post Auth RCE | 2024-05-23T09:05:40Z |
@@ -2713,6 +2719,7 @@ Last generated: 2024-09-09 02:13:08.551992
 | [CVE-2023-29489](https://www.cve.org/CVERecord?id=CVE-2023-29489) | [SynixCyberCrimeMy/CVE-2023-29489](https://github.com/SynixCyberCrimeMy/CVE-2023-29489) | SynixCyberCrimeMY CVE-2023-29489 Scanner By SamuraiMelayu1337 &amp; h4zzzzzz@scc | 2023-11-16T20:24:11Z |
 | [CVE-2023-29489](https://www.cve.org/CVERecord?id=CVE-2023-29489) | [Makurorororororororo/Validate-CVE-2023-29489-scanner-](https://github.com/Makurorororororororo/Validate-CVE-2023-29489-scanner-) | no description | 2023-12-23T06:28:32Z |
 | [CVE-2023-29489](https://www.cve.org/CVERecord?id=CVE-2023-29489) | [some-man1/CVE-2023-29489](https://github.com/some-man1/CVE-2023-29489) | # CVE-2023-29489 exploit | 2024-04-14T08:29:22Z |
+| [CVE-2023-29489](https://www.cve.org/CVERecord?id=CVE-2023-29489) | [md-thalal/CVE-2023-29489](https://github.com/md-thalal/CVE-2023-29489) | CVE-2023-29489 is a vulnerability to exploitable in cross-site scripting ( xss ) reflect the cpanel | 2024-05-30T07:20:09Z |
 | [CVE-2023-29478](https://www.cve.org/CVERecord?id=CVE-2023-29478) | [Exopteron/BiblioRCE](https://github.com/Exopteron/BiblioRCE) | CVE-2023-29478 - BiblioCraft File Manipulation/Remote Code Execution exploit affecting BiblioCraft versions prior to v2.4.6 | 2022-10-27T06:17:24Z |
 | [CVE-2023-29439](https://www.cve.org/CVERecord?id=CVE-2023-29439) | [LOURC0D3/CVE-2023-29439](https://github.com/LOURC0D3/CVE-2023-29439) | PoC of CVE-2023-29439 | 2023-07-05T13:04:39Z |
 | [CVE-2023-29409](https://www.cve.org/CVERecord?id=CVE-2023-29409) | [mateusz834/CVE-2023-29409](https://github.com/mateusz834/CVE-2023-29409) | CVE-2023-29409 reproducer | 2023-08-21T15:59:26Z |
@@ -3230,6 +3237,7 @@ Last generated: 2024-09-09 02:13:08.551992
 | [CVE-2022-46638](https://www.cve.org/CVERecord?id=CVE-2022-46638) | [naonymous101/CVE-2022-46638](https://github.com/naonymous101/CVE-2022-46638) | Blog Pribadi | 2019-02-16T16:50:50Z |
 | [CVE-2022-46604](https://www.cve.org/CVERecord?id=CVE-2022-46604) | [galoget/ResponsiveFileManager-CVE-2022-46604](https://github.com/galoget/ResponsiveFileManager-CVE-2022-46604) | Responsive FileManager v.9.9.5 vulnerable to CVE-2022-46604. | 2023-02-03T08:56:16Z |
 | [CVE-2022-46463](https://www.cve.org/CVERecord?id=CVE-2022-46463) | [404tk/CVE-2022-46463](https://github.com/404tk/CVE-2022-46463) | harbor unauthorized detection | 2023-03-21T10:40:19Z |
+| [CVE-2022-46395](https://www.cve.org/CVERecord?id=CVE-2022-46395) | [Pro-me3us/CVE_2022_46395_Gazelle](https://github.com/Pro-me3us/CVE_2022_46395_Gazelle) | CVE-2022-46395 POC for FireTV 3rd gen Cube (gazelle) | 2023-06-29T18:54:27Z |
 | [CVE-2022-46196](https://www.cve.org/CVERecord?id=CVE-2022-46196) | [dpgg101/CVE-2022-46196](https://github.com/dpgg101/CVE-2022-46196) | no description | 2023-04-30T18:23:41Z |
 | [CVE-2022-46169](https://www.cve.org/CVERecord?id=CVE-2022-46169) | [antisecc/CVE-2022-46169](https://github.com/antisecc/CVE-2022-46169) | no description | 2023-05-21T06:43:17Z |
 | [CVE-2022-46169](https://www.cve.org/CVERecord?id=CVE-2022-46169) | [ariyaadinatha/cacti-cve-2022-46169-exploit](https://github.com/ariyaadinatha/cacti-cve-2022-46169-exploit) | This is poc of CVE-2022-46169 authentication bypass and remote code execution | 2023-03-11T19:39:44Z |
@@ -3255,6 +3263,7 @@ Last generated: 2024-09-09 02:13:08.551992
 | [CVE-2022-46169](https://www.cve.org/CVERecord?id=CVE-2022-46169) | [a1665454764/CVE-2022-46169](https://github.com/a1665454764/CVE-2022-46169) | CVE-2022-46169 | 2023-08-30T14:03:41Z |
 | [CVE-2022-46169](https://www.cve.org/CVERecord?id=CVE-2022-46169) | [copyleftdev/PricklyPwn](https://github.com/copyleftdev/PricklyPwn) | An advanced RCE tool tailored for exploiting a vulnerability in Cacti v1.2.22. Crafted with precision, this utility aids security researchers in analyzing and understanding the depth of the CVE-2022-46169 flaw. Use responsibly and ethically. | 2023-09-10T17:00:50Z |
 | [CVE-2022-46169](https://www.cve.org/CVERecord?id=CVE-2022-46169) | [0xZon/CVE-2022-46169-Exploit](https://github.com/0xZon/CVE-2022-46169-Exploit) | no description | 2023-09-10T06:03:22Z |
+| [CVE-2022-46169](https://www.cve.org/CVERecord?id=CVE-2022-46169) | [0xN7y/CVE-2022-46169](https://github.com/0xN7y/CVE-2022-46169) | Exploit for CVE-2022-46169 | 2023-11-23T17:36:20Z |
 | [CVE-2022-4616](https://www.cve.org/CVERecord?id=CVE-2022-4616) | [ahanel13/CVE-2022-4616-POC](https://github.com/ahanel13/CVE-2022-4616-POC) | This Python script aids in exploiting CVE-2022-46169 by automating payload delivery and response handling. It starts an HTTP server, listens for requests, and enables command input for real-time interaction with a vulnerable target. | 2023-05-12T01:20:15Z |
 | [CVE-2022-4616](https://www.cve.org/CVERecord?id=CVE-2022-4616) | [ZephrFish/NotProxyShellScanner](https://github.com/ZephrFish/NotProxyShellScanner) | Python implementation for NotProxyShell aka CVE-2022-40140 &amp; CVE-2022-41082 | 2022-10-07T08:10:00Z |
 | [CVE-2022-4616](https://www.cve.org/CVERecord?id=CVE-2022-4616) | [oppsec/WSOB](https://github.com/oppsec/WSOB) | 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. | 2022-04-24T18:25:26Z |