mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-24 11:44:02 +02:00
0xMarcio
3.6 KiB
3.6 KiB
CVE-2020-9496
Description
XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
POC
Reference
- http://packetstormsecurity.com/files/158887/Apache-OFBiz-XML-RPC-Java-Deserialization.html
- http://packetstormsecurity.com/files/161769/Apache-OFBiz-XML-RPC-Java-Deserialization.html
- http://packetstormsecurity.com/files/163730/Apache-OfBiz-17.12.01-Remote-Command-Execution.html
Github
- https://github.com/0xT11/CVE-POC
- https://github.com/0xaniketB/HackTheBox-Monitors
- https://github.com/20142995/Goby
- https://github.com/20142995/sectool
- https://github.com/360quake/papers
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/AdeliaNitzsche/Java-Deserialization-Cheat-Sheet
- https://github.com/BrittanyKuhn/javascript-tutorial
- https://github.com/Drajoncr/AttackWebFrameworkTools
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/GrrrDog/Java-Deserialization-Cheat-Sheet
- https://github.com/HimmelAward/Goby_POC
- https://github.com/JulianWu520/DriedMango
- https://github.com/Ly0nt4r/CVE-2020-9496
- https://github.com/MrMeizhi/DriedMango
- https://github.com/NyxAzrael/Goby_POC
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Shadowven/Vulnerability_Reproduction
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/Vulnmachines/apache-ofbiz-CVE-2020-9496
- https://github.com/XiaomingX/awesome-poc-for-red-team
- https://github.com/Z0fhack/Goby_POC
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/ambalabanov/CVE-2020-9496
- https://github.com/amcai/myscan
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/birdlinux/CVE-2020-9496
- https://github.com/cyber-niz/CVE-2020-9496
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/dwisiswant0/CVE-2020-9496
- https://github.com/g33xter/CVE-2020-9496
- https://github.com/gaorenyusi/JavaSec
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/ismailmazumder/SL7CVELabsBuilder
- https://github.com/merlinepedra/AttackWebFrameworkTools-5.0
- https://github.com/merlinepedra/nuclei-templates
- https://github.com/merlinepedra25/AttackWebFrameworkTools-5.0
- https://github.com/merlinepedra25/nuclei-templates
- https://github.com/mishmashclone/GrrrDog-Java-Deserialization-Cheat-Sheet
- https://github.com/n0-traces/cve_monitor
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/peiqiF4ck/WebFrameworkTools-5.1-main
- https://github.com/peiqiF4ck/WebFrameworkTools-5.5
- https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/ranhn/Goby-Poc
- https://github.com/s4dbrd/CVE-2020-9496
- https://github.com/securelayer7/CVE-Analysis
- https://github.com/securelayer7/Research
- https://github.com/shengshengli/AttackWebFrameworkTools-5.0
- https://github.com/sobinge/nuclei-templates
- https://github.com/soosmile/POC
- https://github.com/tanjiti/sec_profile
- https://github.com/yuaneuro/ofbiz-poc