Updated by KhulnaSoft [BOT] 🤖

docs/README.md

@@ -2,7 +2,7 @@
 
 > Automatic monitor github cve using Github Actions
 
-Last generated: 2024-11-13 02:14:38.729669
+Last generated: 2024-11-14 02:15:29.783221
 
 | CVE | Name | Description | Date |
 |---|---|---|---|
@@ -17,6 +17,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2024-9224](https://www.cve.org/CVERecord?id=CVE-2024-9224) | [RandomRobbieBF/CVE-2024-9224](https://github.com/RandomRobbieBF/CVE-2024-9224) | Hello World <= 2.1.1 - Authenticated (Subscriber+) Arbitrary File Read | 2024-10-11T09:17:20Z |
 | [CVE-2024-9166](https://www.cve.org/CVERecord?id=CVE-2024-9166) | [Andrysqui/CVE-2024-9166](https://github.com/Andrysqui/CVE-2024-9166) | A vulnerability scanner that searches for the CVE-2024-9166 vulnerability on websites, more info about this vulnerability here: https://www.tenable.com/cve/CVE-2024-9166 | 2024-09-26T23:21:06Z |
 | [CVE-2024-9106](https://www.cve.org/CVERecord?id=CVE-2024-9106) | [RandomRobbieBF/CVE-2024-9106](https://github.com/RandomRobbieBF/CVE-2024-9106) | Wechat Social login <= 1.3.0 - Authentication Bypass | 2024-10-01T10:28:08Z |
+| [CVE-2024-9061](https://www.cve.org/CVERecord?id=CVE-2024-9061) | [RandomRobbieBF/CVE-2024-9061](https://github.com/RandomRobbieBF/CVE-2024-9061) | WP Popup Builder – Popup Forms and Marketing Lead Generation <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via wp_ajax_nopriv_shortcode_Api_Add | 2024-10-16T07:57:48Z |
 | [CVE-2024-9014](https://www.cve.org/CVERecord?id=CVE-2024-9014) | [EQSTLab/CVE-2024-9014](https://github.com/EQSTLab/CVE-2024-9014) | Proof-of-Concept for CVE-2024-9014 | 2024-09-26T10:34:34Z |
 | [CVE-2024-8949](https://www.cve.org/CVERecord?id=CVE-2024-8949) | [fa-rrel/CVE-2024-8949-POC](https://github.com/fa-rrel/CVE-2024-8949-POC) | SourceCodester Online Eyewear Shop Remote File Inclusion Vulnerability | 2024-09-28T15:58:54Z |
 | [CVE-2024-8752](https://www.cve.org/CVERecord?id=CVE-2024-8752) | [D3anSPGDMS/CVE-2024-8752](https://github.com/D3anSPGDMS/CVE-2024-8752) | poc of cve-2024-8752(WebIQ 2.15.9) | 2024-09-19T02:20:48Z |
@@ -69,6 +70,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2024-6782](https://www.cve.org/CVERecord?id=CVE-2024-6782) | [zangjiahe/CVE-2024-6782](https://github.com/zangjiahe/CVE-2024-6782) | Calibre 远程代码执行（CVE-2024-6782）Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution. | 2024-08-06T15:31:48Z |
 | [CVE-2024-6782](https://www.cve.org/CVERecord?id=CVE-2024-6782) | [jdpsl/CVE-2024-6782](https://github.com/jdpsl/CVE-2024-6782) | Improper access control in Calibre 6.9.0 ~ 7.14.0 allow unauthenticated attackers to achieve remote code execution. | 2024-08-09T06:25:03Z |
 | [CVE-2024-6782](https://www.cve.org/CVERecord?id=CVE-2024-6782) | [R4idB0Y/CVE-2024-6782-PoC](https://github.com/R4idB0Y/CVE-2024-6782-PoC) | Unauthenticated remote code execution via Calibre’s content server in Calibre <= 7.14.0. | 2024-09-15T18:45:44Z |
+| [CVE-2024-6778](https://www.cve.org/CVERecord?id=CVE-2024-6778) | [ading2210/CVE-2024-6778-POC](https://github.com/ading2210/CVE-2024-6778-POC) | A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. | 2024-09-10T06:27:59Z |
 | [CVE-2024-6769](https://www.cve.org/CVERecord?id=CVE-2024-6769) | [fortra/CVE-2024-6769](https://github.com/fortra/CVE-2024-6769) | Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769) | 2024-08-29T16:40:49Z |
 | [CVE-2024-6768](https://www.cve.org/CVERecord?id=CVE-2024-6768) | [fortra/CVE-2024-6768](https://github.com/fortra/CVE-2024-6768) | no description | 2024-07-18T07:52:46Z |
 | [CVE-2024-6704](https://www.cve.org/CVERecord?id=CVE-2024-6704) | [codeb0ss/CVE-2024-6704](https://github.com/codeb0ss/CVE-2024-6704) | CVE-2024-6704 - [Wordpress wpDiscuz_Plugin] < Unauthenticated HTML Injection Exploiter | 2024-08-03T22:33:57Z |
@@ -442,6 +444,8 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2024-40892](https://www.cve.org/CVERecord?id=CVE-2024-40892) | [xen0bit/fwbt](https://github.com/xen0bit/fwbt) | Proof of Concept code for interaction with Firewalla via Bluetooth Low-Energy and exploitation of CVE-2024-40892 / CVE-2024-40893 | 2024-08-21T17:27:21Z |
 | [CVE-2024-40725](https://www.cve.org/CVERecord?id=CVE-2024-40725) | [TAM-K592/CVE-2024-40725-CVE-2024-40898](https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898) | CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web servers worldwide, potentially leading to source code disclosure and server-side request forgery (SSRF) attacks. | 2024-07-19T03:51:54Z |
 | [CVE-2024-40711](https://www.cve.org/CVERecord?id=CVE-2024-40711) | [watchtowrlabs/CVE-2024-40711](https://github.com/watchtowrlabs/CVE-2024-40711) | Pre-Auth Exploit for CVE-2024-40711 | 2024-09-15T17:25:32Z |
+| [CVE-2024-40711](https://www.cve.org/CVERecord?id=CVE-2024-40711) | [realstatus/CVE-2024-40711-Exp](https://github.com/realstatus/CVE-2024-40711-Exp) | CVE-2024-40711-exp | 2024-10-16T05:02:27Z |
+| [CVE-2024-40676](https://www.cve.org/CVERecord?id=CVE-2024-40676) | [Aakashmom/frameworks_base_accounts_CVE-2024-40676](https://github.com/Aakashmom/frameworks_base_accounts_CVE-2024-40676) | no description | 2024-10-17T11:29:33Z |
 | [CVE-2024-40658](https://www.cve.org/CVERecord?id=CVE-2024-40658) | [nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-40658](https://github.com/nidhihcl75/frameworks_av_AOSP10_r33_CVE-2024-40658) | no description | 2024-07-23T05:04:03Z |
 | [CVE-2024-40617](https://www.cve.org/CVERecord?id=CVE-2024-40617) | [KyssK00L/CVE-2024-40617](https://github.com/KyssK00L/CVE-2024-40617) | CVE-2024-40617 Exploit PoC | 2024-07-30T11:50:45Z |
 | [CVE-2024-40512](https://www.cve.org/CVERecord?id=CVE-2024-40512) | [Jansen-C-Moreira/CVE-2024-40512](https://github.com/Jansen-C-Moreira/CVE-2024-40512) | OpenPetra v.2023.02 CVE-2024-40512 | 2024-07-13T22:06:16Z |
@@ -454,6 +458,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2024-40500](https://www.cve.org/CVERecord?id=CVE-2024-40500) | [nitipoom-jar/CVE-2024-40500](https://github.com/nitipoom-jar/CVE-2024-40500) | no description | 2024-08-08T17:12:58Z |
 | [CVE-2024-40498](https://www.cve.org/CVERecord?id=CVE-2024-40498) | [Dirac231/CVE-2024-40498](https://github.com/Dirac231/CVE-2024-40498) | no description | 2024-07-29T10:13:15Z |
 | [CVE-2024-40492](https://www.cve.org/CVERecord?id=CVE-2024-40492) | [minendie/POC_CVE-2024-40492](https://github.com/minendie/POC_CVE-2024-40492) | no description | 2024-07-13T04:57:48Z |
+| [CVE-2024-40431](https://www.cve.org/CVERecord?id=CVE-2024-40431) | [SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN](https://github.com/SpiralBL0CK/CVE-2024-40431-CVE-2022-25479-EOP-CHAIN) | CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK) | 2024-09-17T06:28:17Z |
 | [CVE-2024-40422](https://www.cve.org/CVERecord?id=CVE-2024-40422) | [alpernae/CVE-2024-40422](https://github.com/alpernae/CVE-2024-40422) | no description | 2024-07-03T21:43:15Z |
 | [CVE-2024-40422](https://www.cve.org/CVERecord?id=CVE-2024-40422) | [codeb0ss/CVE-2024-40422-PoC](https://github.com/codeb0ss/CVE-2024-40422-PoC) | Mass Exploit < [CVE-2024-40422 - Devika v1] - Path Traversal | 2024-08-05T22:21:06Z |
 | [CVE-2024-40422](https://www.cve.org/CVERecord?id=CVE-2024-40422) | [j3r1ch0123/CVE-2024-40422](https://github.com/j3r1ch0123/CVE-2024-40422) | Found this on exploit-db, decided to make my own for practice. This exploit will search out the passwd file and print the contents on a vulnerable system. | 2024-08-06T07:09:47Z |
@@ -1025,6 +1030,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2024-30491](https://www.cve.org/CVERecord?id=CVE-2024-30491) | [truonghuuphuc/CVE-2024-30491-Poc](https://github.com/truonghuuphuc/CVE-2024-30491-Poc) | CVE-2024-30491 ProfileGrid <= 5.7.8 - Authenticated (Subscriber+) SQL Injection | 2024-05-04T14:22:15Z |
 | [CVE-2024-30270](https://www.cve.org/CVERecord?id=CVE-2024-30270) | [Alchemist3dot14/CVE-2024-30270-PoC](https://github.com/Alchemist3dot14/CVE-2024-30270-PoC) | The script exploits Mailcow vulnerabilities via XSS and RCE, emphasizing the need for robust security measures and responsible usage to enhance web application security. | 2024-06-21T04:47:48Z |
 | [CVE-2024-30212](https://www.cve.org/CVERecord?id=CVE-2024-30212) | [Fehr-GmbH/blackleak](https://github.com/Fehr-GmbH/blackleak) | CVE-2024-30212 | 2024-06-11T09:13:16Z |
+| [CVE-2024-30090](https://www.cve.org/CVERecord?id=CVE-2024-30090) | [Dor00tkit/CVE-2024-30090](https://github.com/Dor00tkit/CVE-2024-30090) | CVE-2024-30090 - LPE PoC | 2024-10-17T08:38:47Z |
 | [CVE-2024-30088](https://www.cve.org/CVERecord?id=CVE-2024-30088) | [tykawaii98/CVE-2024-30088](https://github.com/tykawaii98/CVE-2024-30088) | no description | 2024-06-24T10:37:26Z |
 | [CVE-2024-30088](https://www.cve.org/CVERecord?id=CVE-2024-30088) | [NextGenPentesters/CVE-2024-30088-](https://github.com/NextGenPentesters/CVE-2024-30088-) | 🆘New Windows Kernel Priviledge Escalation Vulnerability | 2024-06-27T07:05:46Z |
 | [CVE-2024-30088](https://www.cve.org/CVERecord?id=CVE-2024-30088) | [Zombie-Kaiser/CVE-2024-30088-Windows-poc](https://github.com/Zombie-Kaiser/CVE-2024-30088-Windows-poc) | 该漏洞存在于 NtQueryInformationToken 函数中，特别是在处理AuthzBasepCopyoutInternalSecurityAttributes 函数时，该漏洞源于内核在操作对象时对锁定机制的不当管理，这一失误可能导致恶意实体意外提升权限。 | 2024-07-05T16:02:56Z |
@@ -1688,6 +1694,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2024-1709](https://www.cve.org/CVERecord?id=CVE-2024-1709) | [jacobadodge/Spring2024_CVENG_8160](https://github.com/jacobadodge/Spring2024_CVENG_8160) | no description | 2024-01-19T18:49:59Z |
 | [CVE-2024-1709](https://www.cve.org/CVERecord?id=CVE-2024-1709) | [codeb0ss/CVE-2024-1709-PoC](https://github.com/codeb0ss/CVE-2024-1709-PoC) | Mass - CVE-2024-1709 - WP_Wzone < Unauthenticated SQL Injection | 2024-05-24T12:02:11Z |
 | [CVE-2024-1709](https://www.cve.org/CVERecord?id=CVE-2024-1709) | [AhmedMansour93/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-](https://github.com/AhmedMansour93/Event-ID-229-Rule-Name-SOC262-CVE-2024-1709-) | Event ID 229 Rule Name SOC262 ScreenConnect Authentication Bypass Exploitation Detected (CVE-2024-1709) | 2024-09-12T20:31:19Z |
+| [CVE-2024-1709](https://www.cve.org/CVERecord?id=CVE-2024-1709) | [AMRICHASFUCK/Mass-CVE-2024-1709](https://github.com/AMRICHASFUCK/Mass-CVE-2024-1709) | ScreenConnect AuthBypass Mass RCE | 2024-10-16T08:05:35Z |
 | [CVE-2024-1708](https://www.cve.org/CVERecord?id=CVE-2024-1708) | [cjybao/CVE-2024-1709-and-CVE-2024-1708](https://github.com/cjybao/CVE-2024-1709-and-CVE-2024-1708) | no description | 2024-04-02T04:58:38Z |
 | [CVE-2024-1698](https://www.cve.org/CVERecord?id=CVE-2024-1698) | [codeb0ss/CVE-2024-1698-PoC](https://github.com/codeb0ss/CVE-2024-1698-PoC) | Mass Exploit CVE-2024-1698 - Wordpress NotificationX <= 2.8.2 - SQL Injection | 2024-03-19T14:22:45Z |
 | [CVE-2024-1698](https://www.cve.org/CVERecord?id=CVE-2024-1698) | [kamranhasan/CVE-2024-1698-Exploit](https://github.com/kamranhasan/CVE-2024-1698-Exploit) | This is an exploit script to find out wordpress admin's username and password hash by exploiting CVE-2024-1698. | 2024-03-29T04:11:06Z |
@@ -3088,6 +3095,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2023-30861](https://www.cve.org/CVERecord?id=CVE-2023-30861) | [JawadPy/CVE-2023-30861-Exploit](https://github.com/JawadPy/CVE-2023-30861-Exploit) | Explaining how to exploit CVE-2023-30861 | 2023-10-13T08:27:03Z |
 | [CVE-2023-30845](https://www.cve.org/CVERecord?id=CVE-2023-30845) | [himori123/-CVE-2023-30845](https://github.com/himori123/-CVE-2023-30845) | Explore CVE 2023-30845 automatically across multiple subdomains | 2023-09-22T01:14:20Z |
 | [CVE-2023-30800](https://www.cve.org/CVERecord?id=CVE-2023-30800) | [griffinsectio/CVE-2023-30800_PoC](https://github.com/griffinsectio/CVE-2023-30800_PoC) | Proof of concept for CVE-2023-30800 | 2024-07-17T06:24:41Z |
+| [CVE-2023-30800](https://www.cve.org/CVERecord?id=CVE-2023-30800) | [griffinsectio/CVE-2023-30800_PoC_go](https://github.com/griffinsectio/CVE-2023-30800_PoC_go) | no description | 2024-07-22T09:03:35Z |
 | [CVE-2023-3079](https://www.cve.org/CVERecord?id=CVE-2023-3079) | [mistymntncop/CVE-2023-3079](https://github.com/mistymntncop/CVE-2023-3079) | no description | 2023-08-15T04:16:46Z |
 | [CVE-2023-30777](https://www.cve.org/CVERecord?id=CVE-2023-30777) | [Alucard0x1/CVE-2023-30777](https://github.com/Alucard0x1/CVE-2023-30777) | Proof of Concept (PoC) URL generator for a reflected XSS vulnerability in the Advanced Custom Fields WordPress plugin. | 2023-06-17T12:43:51Z |
 | [CVE-2023-30765](https://www.cve.org/CVERecord?id=CVE-2023-30765) | [0xfml/CVE-2023-30765](https://github.com/0xfml/CVE-2023-30765) | CVE-2023-30765 / ZDI-23-905 -  Delta Electronics Infrasuite Device Master Privilege Escalation | 2023-07-19T14:21:15Z |
@@ -4102,6 +4110,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2022-1203](https://www.cve.org/CVERecord?id=CVE-2022-1203) | [RandomRobbieBF/CVE-2022-1203](https://github.com/RandomRobbieBF/CVE-2022-1203) | Content Mask < 1.8.4 - Subscriber+ Arbitrary Options Update | 2023-08-03T09:39:15Z |
 | [CVE-2022-1068](https://www.cve.org/CVERecord?id=CVE-2022-1068) | [webraybtl/CVE-2022-1068](https://github.com/webraybtl/CVE-2022-1068) | Modbus Slave缓冲区溢出漏洞CVE-2022-1068分析与复现 | 2023-01-09T08:23:37Z |
 | [CVE-2022-1040](https://www.cve.org/CVERecord?id=CVE-2022-1040) | [Cyb3rEnthusiast/CVE-2022-1040](https://github.com/Cyb3rEnthusiast/CVE-2022-1040) | New exploitation of 2020 Sophos vuln | 2023-09-26T07:26:42Z |
+| [CVE-2022-1040](https://www.cve.org/CVERecord?id=CVE-2022-1040) | [xMr110/CVE-2022-1040](https://github.com/xMr110/CVE-2022-1040) | no description | 2024-02-05T07:35:41Z |
 | [CVE-2022-1026](https://www.cve.org/CVERecord?id=CVE-2022-1026) | [ac3lives/kyocera-cve-2022-1026](https://github.com/ac3lives/kyocera-cve-2022-1026) | An unauthenticated data extraction vulnerability in Kyocera printers, which allows for recovery of cleartext address book and domain joined passwords | 2023-03-15T14:23:41Z |
 | [CVE-2022-1026](https://www.cve.org/CVERecord?id=CVE-2022-1026) | [flamebarke/nmap-printer-nse-scripts](https://github.com/flamebarke/nmap-printer-nse-scripts) | NSE port of CVE-2022-1026 exploit for mass identification and exploitation | 2023-07-15T14:56:55Z |
 | [CVE-2022-1015](https://www.cve.org/CVERecord?id=CVE-2022-1015) | [wlswotmd/CVE-2022-1015](https://github.com/wlswotmd/CVE-2022-1015) | no description | 2023-02-12T07:06:40Z |
@@ -4201,6 +4210,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2021-44228](https://www.cve.org/CVERecord?id=CVE-2021-44228) | [felixslama/log4shell-minecraft-demo](https://github.com/felixslama/log4shell-minecraft-demo) | Log4Shell (CVE-2021-44228) minecraft demo. Used for education fairs | 2023-11-21T15:45:31Z |
 | [CVE-2021-44228](https://www.cve.org/CVERecord?id=CVE-2021-44228) | [puzzlepeaches/Log4jUnifi](https://github.com/puzzlepeaches/Log4jUnifi) | Exploiting CVE-2021-44228 in Unifi Network Application for remote code execution and more. | 2021-12-24T13:18:49Z |
 | [CVE-2021-44228](https://www.cve.org/CVERecord?id=CVE-2021-44228) | [scabench/l4j-tp1](https://github.com/scabench/l4j-tp1) | jee web project with log4shell (CVE-2021-44228) vulnerability | 2023-12-18T05:07:59Z |
+| [CVE-2021-44228](https://www.cve.org/CVERecord?id=CVE-2021-44228) | [scabench/l4j-fp1](https://github.com/scabench/l4j-fp1) | jee web project with sanitised log4shell (CVE-2021-44228) vulnerability | 2023-12-27T08:49:38Z |
 | [CVE-2021-44186](https://www.cve.org/CVERecord?id=CVE-2021-44186) | [0xhaggis/CVE-2021-44186](https://github.com/0xhaggis/CVE-2021-44186) | A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3. | 2023-02-08T07:30:52Z |
 | [CVE-2021-44103](https://www.cve.org/CVERecord?id=CVE-2021-44103) | [paulotrindadec/CVE-2021-44103](https://github.com/paulotrindadec/CVE-2021-44103) | no description | 2022-10-16T16:02:47Z |
 | [CVE-2021-44026](https://www.cve.org/CVERecord?id=CVE-2021-44026) | [pentesttoolscom/roundcube-cve-2021-44026](https://github.com/pentesttoolscom/roundcube-cve-2021-44026) | A demo exploit for CVE-2021-44026, a SQL injection in Roundcube | 2023-11-14T11:32:36Z |
@@ -4434,6 +4444,7 @@ Last generated: 2024-11-13 02:14:38.729669
 | [CVE-2021-3129](https://www.cve.org/CVERecord?id=CVE-2021-3129) | [s-retlaw/l4s_poc](https://github.com/s-retlaw/l4s_poc) | Log4Shell (Cve-2021-44228) Proof Of Concept | 2021-12-27T16:45:58Z |
 | [CVE-2021-3129](https://www.cve.org/CVERecord?id=CVE-2021-3129) | [DataSurgeon-ds/ds-cve-plugin](https://github.com/DataSurgeon-ds/ds-cve-plugin) | A plugin for DataSurgeon that Extracts CVE Numbers From Text (e.g: CVE-2021-56789) | 2023-07-25T17:49:53Z |
 | [CVE-2021-3129](https://www.cve.org/CVERecord?id=CVE-2021-3129) | [banyaksepuh/Mass-CVE-2021-3129-Scanner](https://github.com/banyaksepuh/Mass-CVE-2021-3129-Scanner) | no description | 2023-10-22T14:25:38Z |
+| [CVE-2021-3129](https://www.cve.org/CVERecord?id=CVE-2021-3129) | [Axianke/CVE-2021-3129](https://github.com/Axianke/CVE-2021-3129) | CVE-2021-3129 | 2024-01-15T07:12:07Z |
 | [CVE-2021-31233](https://www.cve.org/CVERecord?id=CVE-2021-31233) | [gabesolomon/CVE-2021-31233](https://github.com/gabesolomon/CVE-2021-31233) | SQL Injection vulnerability found in Fighting Cock Information System v1.0 allows a remote attacker to obtain sensitive information via the edit_breed.php parameter | 2023-05-29T14:38:58Z |
 | [CVE-2021-31233](https://www.cve.org/CVERecord?id=CVE-2021-31233) | [michaelsanford/Log4Shell-Honeypot](https://github.com/michaelsanford/Log4Shell-Honeypot) | Dockerized honeypot for CVE-2021-44228. | 2021-12-15T21:09:00Z |
 | [CVE-2021-3122](https://www.cve.org/CVERecord?id=CVE-2021-3122) | [acquiredsecurity/CVE-2021-3122-Details](https://github.com/acquiredsecurity/CVE-2021-3122-Details) | no description | 2021-02-07T16:05:49Z |