Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-48322 PoC — run.codes 安全漏洞

Source
https://github.com/trqt/CVE-2024-48322
Associated Vulnerability
Title:run.codes 安全漏洞 (CVE-2024-48322)
Description:run.codes是run.codes开源的一个服务器软件。 run.codes 1.5.2及之前版本存在安全漏洞,该漏洞源于文件UsersController.php中存在重置密码竞争条件漏洞。
Readme
# CVE-2024-48322

You need to have an account in the RunCodes instance, any privilege.
Install with poetry and run providing the base url of the instance.

```sh
$ python pay.py <...>
```

Look at your email inbox, the password should be there.
File Snapshot

 [4.0K]  /data/pocs/9e0413e4d51a7cf596b3bf1415b928d9f98a5973
├── [1.4K]  pay.py
├── [5.2K]  poetry.lock
├── [ 324]  pyproject.toml
└── [ 245]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.