CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-02-12 18:42:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
CVEs-PoC/2021/CVE-2021-3129.md
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

184 lines
8.2 KiB
Markdown
Raw Permalink Blame History

### [CVE-2021-3129](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3129)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)
### Description
Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.
### POC
#### Reference
- http://packetstormsecurity.com/files/162094/Ignition-2.5.1-Remote-Code-Execution.html
- http://packetstormsecurity.com/files/165999/Ignition-Remote-Code-Execution.html
#### Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0day666/Vulnerability-verification
- https://github.com/0nion1/CVE-2021-3129
- https://github.com/0x0d3ad/CVE-2021-3129
- https://github.com/0x7n6/OSCP
- https://github.com/0xD13/OSCP-Prep-Guide
- https://github.com/0xMarcio/cve
- https://github.com/0xStrygwyr/OSCP-Guide
- https://github.com/0xZipp0/OSCP
- https://github.com/0xaniketB/HackTheBox-Horizontall
- https://github.com/0xsyr0/OSCP
- https://github.com/1111one/laravel-CVE-2021-3129-EXP
- https://github.com/20142995/Goby
- https://github.com/20142995/nuclei-templates
- https://github.com/20142995/sectool
- https://github.com/4ra1n/poc-runner
- https://github.com/AMatheusFeitosaM/OSCP-Cheat
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ArrestX/--POC
- https://github.com/Awrrays/FrameVul
- https://github.com/Axianke/CVE-2021-3129
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/Dheia/sc-main
- https://github.com/EdgeSecurityTeam/Vulnerability
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/EnriqueSanchezdelVillar/NotesHck
- https://github.com/Erikten/CVE-2021-3129
- https://github.com/EssenceCyber/Exploit-List
- https://github.com/Faizan-Khanx/OSCP
- https://github.com/FunPhishing/Laravel-8.4.2-rce-CVE-2021-3129
- https://github.com/GhostTroops/TOP
- https://github.com/GodOfServer/CVE-2021-3129
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/HimmelAward/Goby_POC
- https://github.com/J1ezds/Vulnerability-Wiki-page
- https://github.com/JERRY123S/all-poc
- https://github.com/JacobEbben/CVE-2021-3129
- https://github.com/Joe-zsc/GAP
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/Ly0nt4r/OSCP
- https://github.com/M00nBack/vulnerability
- https://github.com/MadExploits/Laravel-debug-Checker
- https://github.com/Maskhe/evil_ftp
- https://github.com/MelvinM8/OSCP
- https://github.com/MiracleAnameke/Cybersecurity-Vulnerability-and-Exposure-Report
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Mr-Tree-S/POC_EXP
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/NyxAzrael/Goby_POC
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/Prabesh01/hoh4
- https://github.com/ReflectedThanatos/OSCP-cheatsheet
- https://github.com/SNCKER/CVE-2021-3129
- https://github.com/SYRTI/POC_to_review
- https://github.com/SantoriuHen/NotesHck
- https://github.com/SecPros-Team/laravel-CVE-2021-3129-EXP
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/SexyBeast233/SecBooks
- https://github.com/SirElmard/ethical_hacking
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/VishuGahlyan/OSCP
- https://github.com/W-zrd/UniXploit
- https://github.com/WhooAmii/POC_to_review
- https://github.com/XiaomingX/awesome-poc-for-red-team
- https://github.com/XuCcc/VulEnv
- https://github.com/Y0s9/CVE-2021-3129
- https://github.com/Z0fhack/Goby_POC
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/Zoo1sondv/CVE-2021-3129
- https://github.com/ajisai-babu/CVE-2021-3129-exp
- https://github.com/alsigit/nobi-sectest
- https://github.com/ambionics/laravel-exploits
- https://github.com/aurelien-vilminot/ENSIMAG_EXPLOIT_CVE2_3A
- https://github.com/badigervijay/AI-Based-Threat-Intelligence-Platform
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/banyaksepuh/Mass-CVE-2021-3129-Scanner
- https://github.com/bfengj/CTF
- https://github.com/carlosevieira/larasploit
- https://github.com/casagency/metasploit-CVE
- https://github.com/cc3305/CVE-2021-3129
- https://github.com/cc8700619/poc
- https://github.com/chav00ooo/CYB333-Final-VulnerabilityScanner
- https://github.com/codebyebrahim/laravel-vuln-checker
- https://github.com/crisprss/Laravel_CVE-2021-3129_EXP
- https://github.com/crowsec-edtech/larasploit
- https://github.com/cuongtop4598/CVE-2021-3129-Script
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/daltonmeridio/WriteUpHorizontall
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/e-hakson/OSCP
- https://github.com/eljosep/OSCP-Guide
- https://github.com/exfilt/CheatSheet
- https://github.com/fazilbaig1/oscp
- https://github.com/flxnzz/UniXploit
- https://github.com/g1san/Agents-for-Vulnerable-Dockers-and-related-Benchmarks
- https://github.com/hktalent/TOP
- https://github.com/hupe1980/CVE-2021-3129
- https://github.com/iBotPeaches/ctf-2021
- https://github.com/idea-oss/laravel-CVE-2021-3129-EXP
- https://github.com/iskww/larasploit
- https://github.com/jagat-singh-chaudhary/Latest-One-Liner-Bug-Bounty-Cheat-Sheet-JAGAT
- https://github.com/jbmihoub/all-poc
- https://github.com/jitmondal1/OSCP
- https://github.com/joshuavanderpoll/CVE-2021-3129
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/karimmuya/laravel-exploit-tricks
- https://github.com/keyuan15/CVE-2021-3129
- https://github.com/kgwanjala/oscp-cheatsheet
- https://github.com/knqyf263/CVE-2021-3129
- https://github.com/lanmarc77/CVE-2021-33831
- https://github.com/leoambrus/CheckersNomisec
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/lukwagoasuman/CVE-2021-3129---Laravel-RCE
- https://github.com/manas3c/CVE-POC
- https://github.com/miko550/CVE-2021-3129
- https://github.com/mstxq17/SecurityArticleLogger
- https://github.com/mzrismuarf/AntiSlotV8
- https://github.com/n0-traces/cve_monitor
- https://github.com/n3masyst/n3masyst
- https://github.com/nitishbadole/oscp-note-3
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/nth347/CVE-2021-3129_exploit
- https://github.com/oscpname/OSCP_cheat
- https://github.com/oxMdee/Cybersecurity-Vulnerability-and-Exposure-Report
- https://github.com/parth45/cheatsheet
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/piperpwn/CVE-2021-3129-
- https://github.com/piperpwn/CVE-2021-3129-piperpwn
- https://github.com/qingchenhh/Tools-collection
- https://github.com/qiuluo-oss/Tiger
- https://github.com/qiushan996/PentestWriteups
- https://github.com/r3volved/CVEAggregate
- https://github.com/ramimac/aws-customer-security-incidents
- https://github.com/randolphcyg/nuclei-plus
- https://github.com/revanmalang/OSCP
- https://github.com/shadowabi/Laravel-CVE-2021-3129
- https://github.com/simonlee-hello/CVE-2021-3129
- https://github.com/soosmile/POC
- https://github.com/trganda/starrlist
- https://github.com/trhacknon/Pocingit
- https://github.com/txuswashere/OSCP
- https://github.com/tzwlhack/Vulnerability
- https://github.com/wKayaa/xSeKaya
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoforget/CVE-POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/withmasday/CVE-2021-3129
- https://github.com/wmasday/CVE-2021-3129
- https://github.com/xhref/OSCP
- https://github.com/xsxtw/larasploit
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yogsec/OneLinerBounty
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve
- https://github.com/zhzyker/CVE-2021-3129
- https://github.com/zhzyker/vulmap
Reference in New Issue View Git Blame Copy Permalink