diff --git a/exploits/2023/CVE-2023-20944.json b/exploits/2023/CVE-2023-20944.json index 9975db8..260a81e 100644 --- a/exploits/2023/CVE-2023-20944.json +++ b/exploits/2023/CVE-2023-20944.json @@ -7,14 +7,5 @@ "stargazers_count": 0, "forks_count": 0, "created_at": "2023-04-03T12:12:17Z" - }, - { - "name": "platform_frameworks_base_AOSP10_r33_CVE-2023-20944", - "full_name": "hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20944", - "html_url": "https://github.com/hshivhare67/platform_frameworks_base_AOSP10_r33_CVE-2023-20944", - "description": null, - "stargazers_count": 0, - "forks_count": 0, - "created_at": "2023-04-04T12:07:19Z" } ] \ No newline at end of file diff --git a/exploits/2025/CVE-2025-2596.json b/exploits/2025/CVE-2025-2596.json index 28379e8..bd6b63b 100644 --- a/exploits/2025/CVE-2025-2596.json +++ b/exploits/2025/CVE-2025-2596.json @@ -5,7 +5,7 @@ "html_url": "https://github.com/Sudo-Sakib/CVE-2025-25964", "description": "A critical SQL Injection vulnerability (CVE-2025-25964) discovered in the School Information Management System v1.0", "stargazers_count": 2, - "forks_count": 1, + "forks_count": 2, "created_at": "2025-02-15T15:22:34Z" }, { @@ -17,15 +17,6 @@ "forks_count": 0, "created_at": "2025-02-19T05:12:03Z" }, - { - "name": "CVE-2025-25965", - "full_name": "Sudo-Sakib/CVE-2025-25965", - "html_url": "https://github.com/Sudo-Sakib/CVE-2025-25965", - "description": "CVE-2025-25965 is a newly discovered CSRF vulnerability in the Phpgurukul Online Banquet Booking System v1.2, allowing remote attackers to change a user’s email address without their consent by exploiting an authenticated session.", - "stargazers_count": 0, - "forks_count": 0, - "created_at": "2025-02-15T16:03:11Z" - }, { "name": "CVE-2025-25967", "full_name": "padayali-JD/CVE-2025-25967", @@ -34,5 +25,14 @@ "stargazers_count": 0, "forks_count": 0, "created_at": "2025-02-25T15:02:52Z" + }, + { + "name": "CVE-2025-25965", + "full_name": "Sudo-Sakib/CVE-2025-25965", + "html_url": "https://github.com/Sudo-Sakib/CVE-2025-25965", + "description": "CVE-2025-25965 is a newly discovered CSRF vulnerability in the Phpgurukul Online Banquet Booking System v1.2, allowing remote attackers to change a user’s email address without their consent by exploiting an authenticated session.", + "stargazers_count": 0, + "forks_count": 0, + "created_at": "2025-02-15T16:03:11Z" } ] \ No newline at end of file diff --git a/exploits/2025/CVE-2025-2601.json b/exploits/2025/CVE-2025-2601.json new file mode 100644 index 0000000..e911c1a --- /dev/null +++ b/exploits/2025/CVE-2025-2601.json @@ -0,0 +1,11 @@ +[ + { + "name": "CVE-2025-26014", + "full_name": "vigilante-1337/CVE-2025-26014", + "html_url": "https://github.com/vigilante-1337/CVE-2025-26014", + "description": "A Remote Code Execution (RCE) vulnerability in Loggrove v.1.0 allows a remote attacker to execute arbitrary code via the path parameter. The manipulation of the argument path from read.py file leads to os command injection. The attack can be launched remotely. ", + "stargazers_count": 0, + "forks_count": 0, + "created_at": "2025-04-29T08:50:56Z" + } +] \ No newline at end of file diff --git a/exploits/2025/CVE-2025-26125.json b/exploits/2025/CVE-2025-26125.json index 0ac9fe9..5a95889 100644 --- a/exploits/2025/CVE-2025-26125.json +++ b/exploits/2025/CVE-2025-26125.json @@ -4,8 +4,8 @@ "full_name": "ZeroMemoryEx/CVE-2025-26125", "html_url": "https://github.com/ZeroMemoryEx/CVE-2025-26125", "description": "(0day) Local Privilege Escalation in IObit Malware Fighter", - "stargazers_count": 126, - "forks_count": 18, + "stargazers_count": 139, + "forks_count": 22, "created_at": "2025-01-08T05:50:07Z" } ] \ No newline at end of file diff --git a/exploits/2025/CVE-2025-29927.json b/exploits/2025/CVE-2025-29927.json new file mode 100644 index 0000000..9b3e332 --- /dev/null +++ b/exploits/2025/CVE-2025-29927.json @@ -0,0 +1,272 @@ +[ + { + "name": "CVE-2025-29927", + "full_name": "aydinnyunus/CVE-2025-29927", + "html_url": "https://github.com/aydinnyunus/CVE-2025-29927", + "description": "CVE-2025-29927 Proof of Concept", + "stargazers_count": 78, + "forks_count": 24, + "created_at": "2025-03-23T12:13:35Z" + }, + { + "name": "CVE-2025-29927-POC", + "full_name": "MuhammadWaseem29/CVE-2025-29927-POC", + "html_url": "https://github.com/MuhammadWaseem29/CVE-2025-29927-POC", + "description": "Authorization Bypass in Next.js Middleware", + "stargazers_count": 16, + "forks_count": 4, + "created_at": "2025-03-23T21:42:09Z" + }, + { + "name": "nextjs-CVE-2025-29927", + "full_name": "6mile/nextjs-CVE-2025-29927", + "html_url": "https://github.com/6mile/nextjs-CVE-2025-29927", + "description": "A Nuclei template to detect CVE-2025-29927 the Next.js authentication bypass vulnerability", + "stargazers_count": 13, + "forks_count": 4, + "created_at": "2025-03-23T08:11:09Z" + }, + { + "name": "nextjs-cve-2025-29927-poc", + "full_name": "azu/nextjs-cve-2025-29927-poc", + "html_url": "https://github.com/azu/nextjs-cve-2025-29927-poc", + "description": "Next.js PoC for CVE-2025-29927", + "stargazers_count": 13, + "forks_count": 1, + "created_at": "2025-03-23T08:37:25Z" + }, + { + "name": "CVE-2025-29927-PoC-Exploit", + "full_name": "websecnl/CVE-2025-29927-PoC-Exploit", + "html_url": "https://github.com/websecnl/CVE-2025-29927-PoC-Exploit", + "description": "Proof-of-Concept for Authorization Bypass in Next.js Middleware", + "stargazers_count": 11, + "forks_count": 3, + "created_at": "2025-03-23T19:41:05Z" + }, + { + "name": "vulnerable-nextjs-14-CVE-2025-29927", + "full_name": "lirantal/vulnerable-nextjs-14-CVE-2025-29927", + "html_url": "https://github.com/lirantal/vulnerable-nextjs-14-CVE-2025-29927", + "description": null, + "stargazers_count": 5, + "forks_count": 6, + "created_at": "2025-03-23T09:22:35Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "HoumanPashaei/CVE-2025-29927", + "html_url": "https://github.com/HoumanPashaei/CVE-2025-29927", + "description": "This is a CVE-2025-29927 Scanner.", + "stargazers_count": 5, + "forks_count": 0, + "created_at": "2025-04-29T08:01:08Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "Ademking/CVE-2025-29927", + "html_url": "https://github.com/Ademking/CVE-2025-29927", + "description": "Next.js Middleware Authorization Bypass", + "stargazers_count": 5, + "forks_count": 1, + "created_at": "2025-03-22T18:42:27Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "gotr00t0day/CVE-2025-29927", + "html_url": "https://github.com/gotr00t0day/CVE-2025-29927", + "description": "Next.js Middleware Bypass Scanne", + "stargazers_count": 4, + "forks_count": 2, + "created_at": "2025-04-06T20:59:10Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "RoyCampos/CVE-2025-29927", + "html_url": "https://github.com/RoyCampos/CVE-2025-29927", + "description": "CVE-2025-29927 Exploit Checker", + "stargazers_count": 4, + "forks_count": 1, + "created_at": "2025-03-24T05:07:02Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "0xWhoknows/CVE-2025-29927", + "html_url": "https://github.com/0xWhoknows/CVE-2025-29927", + "description": "Async Python scanner for Next.js CVE-2025-29927. Uses aiohttp & aiofiles to efficiently process large URL lists, detect vulnerabilities, and save results. Features connection pooling, caching, and chunked processing for fast performance", + "stargazers_count": 3, + "forks_count": 2, + "created_at": "2025-03-24T19:18:20Z" + }, + { + "name": "POC-CVE-2025-29927", + "full_name": "Eve-SatOrU/POC-CVE-2025-29927", + "html_url": "https://github.com/Eve-SatOrU/POC-CVE-2025-29927", + "description": "CVE-2025-29927 Proof of Concept", + "stargazers_count": 3, + "forks_count": 0, + "created_at": "2025-03-24T11:42:14Z" + }, + { + "name": "exploit-CVE-2025-29927", + "full_name": "UNICORDev/exploit-CVE-2025-29927", + "html_url": "https://github.com/UNICORDev/exploit-CVE-2025-29927", + "description": "Exploit for CVE-2025-29927 (Next.js) - Authorization Bypass", + "stargazers_count": 3, + "forks_count": 0, + "created_at": "2025-04-14T15:12:13Z" + }, + { + "name": "CVE-2025-29927-check", + "full_name": "c0dejump/CVE-2025-29927-check", + "html_url": "https://github.com/c0dejump/CVE-2025-29927-check", + "description": "script to check cve \"CVE-2025-29927\" while waiting to add it to HExHTTP", + "stargazers_count": 3, + "forks_count": 1, + "created_at": "2025-03-25T18:02:18Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "Oyst3r1ng/CVE-2025-29927", + "html_url": "https://github.com/Oyst3r1ng/CVE-2025-29927", + "description": "Next.js Middleware Auth Bypass", + "stargazers_count": 2, + "forks_count": 0, + "created_at": "2025-03-24T13:27:13Z" + }, + { + "name": "cve-2025-29927-demo", + "full_name": "t3tra-dev/cve-2025-29927-demo", + "html_url": "https://github.com/t3tra-dev/cve-2025-29927-demo", + "description": "Next.js における認可バイパスの脆弱性 CVE-2025-29927 を再現するデモです。", + "stargazers_count": 2, + "forks_count": 0, + "created_at": "2025-03-23T16:41:47Z" + }, + { + "name": "next-CVE-2025-29927", + "full_name": "arvion-agent/next-CVE-2025-29927", + "html_url": "https://github.com/arvion-agent/next-CVE-2025-29927", + "description": "CVE-2025-29927 Authorization Bypass in Next.js Middleware", + "stargazers_count": 2, + "forks_count": 0, + "created_at": "2025-03-24T13:23:46Z" + }, + { + "name": "test-cve-2025-29927", + "full_name": "yugo-eliatrope/test-cve-2025-29927", + "html_url": "https://github.com/yugo-eliatrope/test-cve-2025-29927", + "description": null, + "stargazers_count": 2, + "forks_count": 0, + "created_at": "2025-03-26T00:47:44Z" + }, + { + "name": "CVE-2025-29927-exploit", + "full_name": "Nekicj/CVE-2025-29927-exploit", + "html_url": "https://github.com/Nekicj/CVE-2025-29927-exploit", + "description": "next.js CVE-2025-29927 vulnerability exploit ", + "stargazers_count": 2, + "forks_count": 0, + "created_at": "2025-03-27T08:42:03Z" + }, + { + "name": "poc-cve-2025-29927", + "full_name": "kOaDT/poc-cve-2025-29927", + "html_url": "https://github.com/kOaDT/poc-cve-2025-29927", + "description": "This repository contains a proof of concept (POC) and an exploit script for CVE-2025-29927, a critical vulnerability in Next.js that allows attackers to bypass authorization checks implemented in middleware.", + "stargazers_count": 1, + "forks_count": 2, + "created_at": "2025-03-26T00:12:41Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "0xnxt1me/CVE-2025-29927", + "html_url": "https://github.com/0xnxt1me/CVE-2025-29927", + "description": null, + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-04-08T09:29:48Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "rubbxalc/CVE-2025-29927", + "html_url": "https://github.com/rubbxalc/CVE-2025-29927", + "description": null, + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-04-29T10:44:45Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "alastair66/CVE-2025-29927", + "html_url": "https://github.com/alastair66/CVE-2025-29927", + "description": "Next.js Middleware Bypass Vulnerability ", + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-04-01T15:30:21Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "EQSTLab/CVE-2025-29927", + "html_url": "https://github.com/EQSTLab/CVE-2025-29927", + "description": "Next.js middleware bypass exploit", + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-04-25T08:51:52Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "emadshanab/CVE-2025-29927", + "html_url": "https://github.com/emadshanab/CVE-2025-29927", + "description": "New nuclei CVE ", + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-03-26T07:56:23Z" + }, + { + "name": "CVE-2025-29927", + "full_name": "lem0n817/CVE-2025-29927", + "html_url": "https://github.com/lem0n817/CVE-2025-29927", + "description": "Next.js 中间件授权绕过漏洞测试环境 (CVE-2025-29927)", + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-03-24T15:25:22Z" + }, + { + "name": "CVE-2025-29927-test", + "full_name": "kuzushiki/CVE-2025-29927-test", + "html_url": "https://github.com/kuzushiki/CVE-2025-29927-test", + "description": "CVE-2025-29927の検証", + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-03-24T16:27:17Z" + }, + { + "name": "CVE-2025-29927-Testing", + "full_name": "TheresAFewConors/CVE-2025-29927-Testing", + "html_url": "https://github.com/TheresAFewConors/CVE-2025-29927-Testing", + "description": "PowerShell script to test if a web app is vulnerable to CVE-2025-29927", + "stargazers_count": 1, + "forks_count": 1, + "created_at": "2025-03-25T11:39:14Z" + }, + { + "name": "poc-cve-2025-29927", + "full_name": "KamalideenAK/poc-cve-2025-29927", + "html_url": "https://github.com/KamalideenAK/poc-cve-2025-29927", + "description": null, + "stargazers_count": 1, + "forks_count": 0, + "created_at": "2025-06-15T15:10:03Z" + }, + { + "name": "CVE-2025-29927-scanner", + "full_name": "nocomp/CVE-2025-29927-scanner", + "html_url": "https://github.com/nocomp/CVE-2025-29927-scanner", + "description": "python script for evaluate if you are vulnerable or not to next.js CVE-2025-29927", + "stargazers_count": 1, + "forks_count": 1, + "created_at": "2025-03-27T14:11:09Z" + } +] \ No newline at end of file