SpringShell
PoC-CVE-2022-30190
SpringShell | PoC-CVE-2022-30190 | |
---|---|---|
2 | 1 | |
128 | 156 | |
- | - | |
1.8 | 2.6 | |
about 2 years ago | almost 2 years ago | |
Python | Python | |
- | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SpringShell
-
Spring Core on JDK9 is vulnerable to remote code execution
I'll ask my engineers to post the one he wrote. He did put more details into the article, so go check that. Here is a repo with a POC though: https://github.com/TheGejr/SpringShell
PoC-CVE-2022-30190
What are some alternatives?
hackerone-reports - Top disclosed reports from HackerOne
DogWalk-rce-poc - š¾Dogwalk PoC (using diagcab file to obtain RCE on windows)
Spring4Shell-POC - Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965
tomcat-jmxproxy-rce-exp - Apache Tomcat JMXProxy RCE
apache-tomcat-8.0.26-src - Tomcat Source Code
Egyscan - Egyscan The Best web vulnerability scanner; it's a multifaceted security powerhouse designed to fortify your web applications against malicious threats. Let's delve into the tasks and functions that make Egyscan an indispensable tool in your security arsenal:
spring-rce-war
Dossify
faraday - Open Source Vulnerability Management Platform
CVE-2022-26134 - CVE-2022-26134 - Atlassian Confluence unauthenticated OGNL injection vulnerability (RCE).