javokhir-sec/CVE-PoC-Hub

GitHub: javokhir-sec/CVE-PoC-Hub

一个精选且经验证测试的 CVE 概念验证利用程序集合,涵盖多种 Web 漏洞类型并附带批量执行工具。

Stars: 1 | Forks: 0

# 🔬 CVE-PoC-Hub — 精选的 PoC 利用程序

## ⚠️ 免责声明 **所有 PoC 仅用于教育和授权测试。** 每个利用程序都在隔离的实验室环境中进行了测试。 **未经明确许可,请勿用于攻击系统。** ## 📂 仓库结构 ``` CVE-PoC-Hub/ ├── README.md ├── CVE-2026-XXXXX/ # Each CVE gets its own folder │ ├── README.md # Description + steps │ ├── exploit.py # Working PoC │ └── screenshot.png # Proof of exploitation ├── templates/ │ └── poc-template.py # Standard PoC template └── poc-runner.py # Bulk PoC runner ``` ## 🔥 最新 CVE (2026) | CVE | 产品 | 类型 | CVSS | PoC | |-----|---------|------|------|-----| | CVE-2026-PENDING | 299Ko CMS | 反射型 XSS | 6.1 | [PoC](./CVE-2026-299Ko-XSS/) | | CVE-2026-PENDING | Toner Management | BAC | 8.2 | [PoC](./CVE-2026-Toner-BAC/) | | CVE-2026-PENDING | Inventory Mgmt | SQLi 认证绕过 | 9.8 | [PoC](./CVE-2026-Inventory-SQLi/) | | CVE-2026-PENDING | Simple Inventory | SQLi ×5 | 9.8 | [PoC](./CVE-2026-SimpleInv-SQLi/) | | CVE-2026-PENDING | HC Store | 认证绕过 | 9.8 | [PoC](./CVE-2026-HCStore-Auth/) | | CVE-2026-PENDING | Marketplace Mgmt | 文件上传 RCE | 9.0 | [PoC](./CVE-2026-Marketplace-RCE/) | | CVE-2026-PENDING | MobiMart | BAC | 9.1 | [PoC](./CVE-2026-MobiMart-BAC/) | | CVE-2026-PENDING | Premium Property | SQLi ×3 + 认证 | 9.8 | [PoC](./CVE-2026-PremiumProp-SQLi/) | | CVE-2026-PENDING | CampusHub | SQLi ×7 + XSS | 9.8 | [PoC](./CVE-2026-CampusHub/) | | CVE-2026-PENDING | Public Utility | SQLi ×2 + XSS ×2 | 9.8 | [PoC](./CVE-2026-PublicUtil/) | | CVE-2026-PENDING | DAGD | SSRF ×2 + XSS | 7.5 | [PoC](./CVE-2026-DAGD-SSRF/) | | CVE-2026-PENDING | BoidCMS | XSS + 数据暴露 | 9.8 | [PoC](./CVE-2026-BoidCMS/) | *CVE ID 正在等待 MITRE 分配。当 CVE 公开后将发布 PoC。* ## 🚀 快速开始 ``` git clone https://github.com/javokhir-sec/CVE-PoC-Hub.git cd CVE-PoC-Hub # 列出所有可用的 PoC python poc-runner.py --list # 运行特定的 PoC(在实验环境中) python poc-runner.py --cve CVE-2026-XXXXX --target http://lab-target.local ``` ## 📋 PoC 模板 将此模板用于您自己的 PoC:[`templates/poc-template.py`](templates/poc-template.py) ``` #!/usr/bin/env python3 """ CVE-YYYY-XXXXX: [Vulnerability Type] in [Product] CVSS: X.X | Severity: Critical/High/Medium/Low Author: @javokhir-sec """ import requests import sys TARGET = sys.argv[1] if len(sys.argv) > 1 else "http://localhost" def exploit(target): """Execute the exploit and return True if vulnerable.""" print(f"[*] Testing {target} for CVE-YYYY-XXXXX") # Step 1: Send malicious request payload = "" r = requests.get(f"{target}/search?q={payload}") # Step 2: Verify exploitation if payload in r.text: print(f"[+] VULNERABLE! Payload reflected in response.") return True else: print(f"[-] Not vulnerable.") return False if __name__ == "__main__": exploit(TARGET) ``` ## 🛠️ 批量 PoC 运行器 ``` # 针对目标运行所有 XSS PoC python poc-runner.py --category xss --target http://lab.local # 运行所有 SQLi PoC python poc-runner.py --category sqli --target http://lab.local # 运行特定的 severity level python poc-runner.py --severity critical --target http://lab.local ``` ## 📊 统计数据 | 类别 | 数量 | |----------|-------| | SQL 注入 | 5 | | XSS (反射型/存储型) | 4 | | 访问控制失效 | 3 | | 认证绕过 | 2 | | SSRF | 1 | | 文件上传 RCE | 1 | | **总计** | **12** | ## 📜 许可证 MIT © [Javokhir Tursunboyev](https://github.com/javokhir-sec)
标签:CISA项目, Maven, PoC, Web报告查看器, 暴力破解, 漏洞验证, 逆向工具