{"id":13845278,"url":"https://github.com/CLincat/vulcat","last_synced_at":"2025-07-12T01:32:31.907Z","repository":{"id":37751352,"uuid":"480022314","full_name":"CLincat/vulcat","owner":"CLincat","description":"vulcat可用于扫描Web端常见的CVE、CNVD等编号的漏洞,发现漏洞时会返回Payload信息。部分漏洞还支持命令行交互模式,可以持续利用漏洞","archived":false,"fork":false,"pushed_at":"2023-12-04T06:43:07.000Z","size":2656,"stargazers_count":123,"open_issues_count":4,"forks_count":17,"subscribers_count":5,"default_branch":"main","last_synced_at":"2024-11-21T18:39:20.036Z","etag":null,"topics":["cnvd","cnvd-2021-28277","cve","cve-2018-7602","cve-2019-15642","cve-2020-10204","cve-2020-9483","cve-2021-21234","cve-2021-22205","cve-2021-3223","cve-2021-35042","cve-2021-42013","cve-2021-43798","cve-2022-1388","cve-2022-26134","exp","poc","scanner","security","vulnerability"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CLincat.png","metadata":{"files":{"readme":"README.en-us.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-04-10T13:14:02.000Z","updated_at":"2024-11-19T16:11:43.000Z","dependencies_parsed_at":"2024-11-21T18:33:18.197Z","dependency_job_id":"8bdc6d8d-3650-4b2c-8e38-37e7d1c5db2b","html_url":"https://github.com/CLincat/vulcat","commit_stats":null,"previous_names":[],"tags_count":23,"template":false,"template_full_name":null,"purl":"pkg:github/CLincat/vulcat","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CLincat%2Fvulcat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CLincat%2Fvulcat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CLincat%2Fvulcat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CLincat%2Fvulcat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CLincat","download_url":"https://codeload.github.com/CLincat/vulcat/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CLincat%2Fvulcat/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":264923075,"owners_count":23683717,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cnvd","cnvd-2021-28277","cve","cve-2018-7602","cve-2019-15642","cve-2020-10204","cve-2020-9483","cve-2021-21234","cve-2021-22205","cve-2021-3223","cve-2021-35042","cve-2021-42013","cve-2021-43798","cve-2022-1388","cve-2022-26134","exp","poc","scanner","security","vulnerability"],"created_at":"2024-08-04T17:03:18.640Z","updated_at":"2025-07-12T01:32:31.441Z","avatar_url":"https://github.com/CLincat.png","language":"Python","funding_links":[],"categories":["LLM分析过程","Python"],"sub_categories":[],"readme":"# vulcat\n\n[![python](https://img.shields.io/badge/Python-3-blue?logo=python)](https://shields.io/)\n[![version](https://img.shields.io/badge/Version-2.0.0-blue)](https://shields.io/)\n[![license](https://img.shields.io/badge/LICENSE-GPL-yellow)](https://shields.io/)\n[![stars](https://img.shields.io/github/stars/CLincat/vulcat?color=red)](https://shields.io/)\n[![forks](https://img.shields.io/github/forks/CLincat/vulcat?color=red)](https://shields.io/)\n\n**[中文版本(Chinese version)](/README.md)**\n\n* **document:https://carsaid.github.io/docs/vulcat/**\n\n(Monthly update)\u003cbr\u003e\n* Vulcat can be used to scan for vulnerabilities on the Web side. When a vulnerability is discovered, the target URL and Payload are prompted. Users can manually verify the vulnerability according to the prompt\u003cbr/\u003e\n* Users can also write their own POC and add it to vulcat for scanning, You are also welcome to contribute your POC to the project\n* If you have any ideas, suggestions, or bugs, you can issue\n\n## Code of Conduct and Disclaimer\n* **Before using this tool, ensure that your actions comply with local laws and regulations and that you have obtained relevant authorization.**\n\n* **This tool is only for enterprises and individuals with legal authorization and is intended to enhance cyberspace security.**\n\n* **If you commit any illegal acts or cause any serious consequences during the use of the tool, you shall bear the corresponding liabilities by yourself, and we will not assume any legal and joint liability.**\n\n## Installation \u0026 Usage\nThe tool is developed based on python3. Python3.8 or later is recommended\n\n* Git: `git clone https://github.com/CLincat/vulcat.git`\n* Zip: [click me](https://github.com/CLincat/vulcat/archive/refs/heads/main.zip)\n\n```\ngit clone https://github.com/CLincat/vulcat.git\ncd vulcat\npip3 install -r requirements.txt\npython3 vulcat.py -h\n```\n```\nUsage:\nBy using this tool, you agree to the \"Code of Conduct and Disclaimer\" in \"vulcat/README.md; If you do not agree, do not use this tool.\"\n\n\nUsage: python3 vulcat.py \u003coptions\u003e\nExamples:\npython3 vulcat.py -h\npython3 vulcat.py --list\npython3 vulcat.py -u https://www.example.com/\npython3 vulcat.py -f url.txt -o html\npython3 vulcat.py -u https://www.example.com/ -v httpd --log 3\npython3 vulcat.py -u https://www.example.com/ -v cnvd-2018-24942 --shell\n```\n\n## Options\n```\nOptions:\n --version show program's version number and exit\n -h, --help show this help message and exit\n\n Target:\n Specify scan target\n\n -u URL, --url=URL A url (e.g. -u http://www.example.com/)\n -f FILE, --file=FILE\n A file containing multiple urls, one URL per line\n (e.g. -f url.txt)\n -r, --recursive Recursively scan each directory of the URL\n\n Optional:\n Optional function options\n\n -t THREAD, --thread=THREAD\n The number of threads (default: 2)\n --delay=DELAY Delay time/s (default: 1)\n --timeout=TIMEOUT Timeout/s (default: 10)\n --user-agent=UA Customize the User-Agent\n --cookie=COOKIE Add a cookie (e.g. --cookie \"PHPSESSID=123456789\")\n --auth=AUTHORIZATION\n Add a Authorization (e.g. --auth \"Basic\n YWRtaW46YWRtaW4=\")\n\n Log:\n Debug information\n\n --log=LOG The log level, Optional 1-6 (default: 1) [level 2:\n Framework name + Vulnerability number + status code]\n [level 3: Level 2 content + request method + request\n target +POST data] [level 4: Level 2 content + request\n packet] [Level 5: Level 4 content + response header]\n [level 6: Level 5 content + response content]\n\n Proxy:\n Proxy server\n\n --http-proxy=HTTP_PROXY\n The HTTP/HTTPS proxy (e.g. --http-proxy\n 127.0.0.1:8080)\n --socks4-proxy=SOCKS4_PROXY\n The socks4 proxy(e.g. --socks4-proxy 127.0.0.1:8080)\n --socks5-proxy=SOCKS5_PROXY\n The socks5 proxy(e.g. --socks5-proxy 127.0.0.1:8080 or\n admin:123456@127.0.0.1:8080)\n\n Application:\n Specify the target type for the scan\n\n -v VULN, --vuln=VULN\n Specify the vulnerability number,With -a/--application\n to scan a single vulnerability,You can use --list to\n see the vulnerability number,vulnerabilities that do\n not have a vulnerability number are not supported.The\n number does not discriminate between sizes, and the\n symbol - and _ are acceptable (e.g. -a fastjson -v\n cnVD-2019-22238 or -a Tomcat -v CVE-2017_12615)\n --shell Use with the -a and -v parameters, After the Poc scan,\n if the vulnerability exists, enter the Shell\n interaction mode of the vulnerability; You can use\n --list to see Shell support vulnerabilities. (e.g. -a\n httpd -v CVE-2021-42013 -x)\n --type=VULNTYPE Use with --shell parameter to specify the type of\n vulnerability and carry out corresponding Shell\n operations (e.g. --shell --type RCE)\n\n Api:\n The third party Api\n\n --dns=DNS DNS platform, auxiliary verification without echo\n vulnerability. ceye/dnslog-pw/dnslog-cn (e.g. --dns\n ceye) (Default: auto)\n\n Save:\n Save scan results\n\n -o OUTPUT, --output=OUTPUT\n Save the scan results in txt/json/html format, no\n vulnerability will not generate files (e.g. -o html)\n\n General:\n General operating parameter\n\n --no-waf Disable WAF detection\n --no-poc Disable scanning for security vulnerabilities\n --batch The yes/no option does not require user input. The\n default option is used\n\n Lists:\n Vulnerability list\n\n --list View all payload\n```\n\n## language\nYou can change the language of vulcat, currently only Chinese and English\n\n* Open the vulcat/config.yaml\n* Modify the value of \"language\" and save the file to switch the Vulcat language\n\n```\n# Language, default is English en-us, Chinese is zh-cn\nlanguage: en-us\n```\n\n## Dnslog\nYou can customize http://ceye.io\n\n* Open the vulcat/config.yaml\n* Find the following code, replace Null with your own domain name and token, and save the file\n```\nceye-domain: Null\nceye-token: Null\n```\n\n## Custom POC\n* How do I write my own vulnerability POC and add it to vulcat\n* Find vulcat/payloads/demo.py, which is a POC template in Vulcat (semi-finished) and requires the user to fill in the rest of the code\n\n* **Modify the steps:**\n1. Make a copy of demo.py and save it to prevent template loss. Then change the name of the POC (such as test.py)\n\n2. Then follow the tips in demo.py to fill in your own code and introduce POC into vulcat\n\n## Payloads List\n\u003cdetails\u003e\n\u003csummary\u003e\u003cstrong\u003evulcat Payloads List: [Click on]\u003c/strong\u003e\u003c/summary\u003e\n\n```\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| Payloads | Sh | Description |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| 74cms-v5.0.1-sqlinject | - | v5.0.1 AjaxPersonalController.class.php SQLinject |\n| 74cms-v6.0.4-xss | - | v6.0.4 help center search box-XSS |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| alibaba-druid-unauth | - | Alibaba Druid unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| alibaba-nacos-cve-2021-29441-unauth | - | Alibaba Nacos unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-airflow-cve-2020-17526-unauth | - | Apache Airflow Authentication bypass |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-apisix-cve-2020-13945-unauth | - | Apache APISIX default access token |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-druid-cve-2021-25646-rce | Y | Apache Druid Remote Code Execution |\n| apache-druid-cve-2021-36749-fileread | Y | Apache Druid arbitrary file reading |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-flink-cve-2020-17519-fileread | Y | Apache Flink Directory traversal |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-hadoop-unauth | - | Apache Hadoop YARN ResourceManager unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-httpd-cve-2021-40438-ssrf | - | Apache HTTP Server 2.4.48 mod_proxy SSRF |\n| apache-httpd-cve-2021-41773-rce-fileread | Y | Apache HTTP Server 2.4.49 Directory traversal |\n| apache-httpd-cve-2021-42013-rce-fileread | Y | Apache HTTP Server 2.4.50 Directory traversal |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-skywalking-cve-2020-9483-sqlinject | - | SkyWalking SQLinject |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-solr-cve-2017-12629-rce | - | Solr Remote code execution |\n| apache-solr-cve-2019-17558-rce | Y | Solr RCE Via Velocity Custom Template |\n| apache-solr-cve-2021-27905-ssrf-fileread | Y | Solr SSRF/FileRead |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-tomcat-cve-2017-12615-fileupload | - | Put method writes to any file |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| apache-unomi-cve-2020-13942-rce | Y | Apache Unomi Remote Express Language Code Execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| appweb-cve-2018-8715-unauth | - | AppWeb Authentication bypass |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| atlassian-confluence-cve-2015-8399-fileread-fileinclude | Y | Confluence any file include |\n| atlassian-confluence-cve-2019-3396-fileread | Y | Confluence Directory traversal \u0026\u0026 RCE |\n| atlassian-confluence-cve-2021-26084-rce | Y | Confluence OGNL expression command injection |\n| atlassian-confluence-cve-2022-26134-rce | Y | Confluence Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| cisco-cve-2020-3580-xss | - | Cisco ASA/FTD XSS |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| discuz-wooyun-2010-080723-rce | Y | Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| django-cve-2017-12794-xss | - | Django debug page XSS |\n| django-cve-2018-14574-redirect | - | Django CommonMiddleware URL Redirect |\n| django-cve-2019-14234-sqlinject | - | Django JSONfield SQLinject |\n| django-cve-2020-9402-sqlinject | - | Django GIS SQLinject |\n| django-cve-2021-35042-sqlinject | - | Django QuerySet.order_by SQLinject |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| drupal-cve-2014-3704-sqlinject | - | Drupal \u003c 7.32 Drupalgeddon SQLinject |\n| drupal-cve-2017-6920-rce | - | Drupal Core 8 PECL YAML Remote code execution |\n| drupal-cve-2018-7600-rce | Y | Drupal Drupalgeddon 2 Remote code execution |\n| drupal-cve-2018-7602-rce | - | Drupal Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| elasticsearch-cve-2014-3120-rce | Y | ElasticSearch Remote code execution |\n| elasticsearch-cve-2015-1427-rce | Y | ElasticSearch Groovy Sandbox to bypass \u0026\u0026 RCE |\n| elasticsearch-cve-2015-3337-fileread | Y | ElasticSearch Directory traversal |\n| elasticsearch-cve-2015-5531-fileread | Y | ElasticSearch Directory traversal |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| f5bigip-cve-2020-5902-rce-fileread | - | BIG-IP Remote code execution |\n| f5bigip-cve-2022-1388-unauth-rce | Y | BIG-IP Authentication bypass RCE |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| fastjson-cnvd-2017-02833-rce | Y | Fastjson \u003c= 1.2.24 deSerialization |\n| fastjson-cnvd-2019-22238-rce | Y | Fastjson \u003c= 1.2.47 deSerialization |\n| fastjson-v1.2.62-rce | Y | Fastjson \u003c= 1.2.62 deSerialization |\n| fastjson-v1.2.66-rce | Y | Fastjson \u003c= 1.2.66 deSerialization |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| gitea-unauth-fileread-rce | - | Gitea 1.4.0 unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| gitlab-cve-2021-22205-rce.py | - | GitLab Pre-Auth Remote code execution |\n| gitlab-cve-2021-22214-ssrf | Y | Gitlab CI Lint API SSRF |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| gocd-cve-2021-43287-fileread | Y | GoCD Business Continuity FileRead |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| grafana-cve-2021-43798-fileread | Y | Grafana 8.x Directory traversal |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| influxdb-unauth | - | influxdb unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| jboss-unauth | - | JBoss unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| jenkins-cve-2018-1000861-rce | Y | jenkins Remote code execution |\n| jenkins-unauth | Y | Jenkins unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| jetty-cve-2021-28164-dsinfo | - | jetty Disclosure information |\n| jetty-cve-2021-28169-dsinfo | - | jetty Servlets ConcatServlet Disclosure information |\n| jetty-cve-2021-34429-dsinfo | - | jetty Disclosure information |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| joomla-cve-2017-8917-sqlinject | - | Joomla3.7 Core com_fields SQLinject |\n| joomla-cve-2023-23752-unauth | - | Joomla unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| jupyter-unauth | - | Jupyter unAuthorized |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| keycloak-cve-2020-10770-ssrf | - | request_uri SSRF |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| landray-oa-cnvd-2021-28277-ssrf-fileread | Y | Landray-OA FileRead/SSRF |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| minihttpd-cve-2018-18778-fileread | - | mini_httpd FileRead |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| mongoexpress-cve-2019-10758-rce | Y | Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| nexus-cve-2019-5475-rce | Y | 2.x yum Remote code execution |\n| nexus-cve-2019-7238-rce | Y | 3.x Remote code execution |\n| nexus-cve-2019-15588-rce | Y | 2019-5475 Bypass |\n| nexus-cve-2020-10199-rce | Y | 3.x Remote code execution |\n| nexus-cve-2020-10204-rce | Y | 3.x Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| nodejs-cve-2017-14849-fileread | Y | Node.js Directory traversal |\n| nodejs-cve-2021-21315-rce | Y | Node.js Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| nodered-cve-2021-3223-fileread | Y | Node-RED Directory traversal |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| phpmyadmin-cve-2018-12613-fileinclude-fileread | - | phpMyadmin Scripts/setup.php Deserialization |\n| phpmyadmin-wooyun-2016-199433-unserialize | Y | phpMyadmin 4.8.1 Remote File Inclusion |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| phpunit-cve-2017-9841-rce | Y | PHPUnit Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| ruby-on-rails-cve-2018-3760-fileread | Y | Ruby on Rails Directory traversal |\n| ruby-on-rails-cve-2019-5418-fileread | Y | Ruby on Rails FileRead |\n| ruby-on-rails-cve-2020-8163-rce | - | Ruby on Rails Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| showdoc-cnvd-2020-26585-fileupload | - | ShowDoc writes to any file |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| spring-security-oauth-cve-2016-4977-rce | - | Spring Security OAuth2 Remote Command Execution |\n| spring-data-rest-cve-2017-8046-rce | - | Spring Data Rest Remote Command Execution |\n| spring-data-commons-cve-2018-1273-rce | Y | Spring Data Commons Remote Command Execution |\n| spring-cloud-config-cve-2020-5410-fileread | Y | Spring Cloud Directory traversal |\n| spring-boot-cve-2021-21234-fileread | Y | Spring Boot Directory traversal |\n| spring-cloud-gateway-cve-2022-22947-rce | - | Spring Cloud Gateway SpEl Remote code execution |\n| spring-cloud-function-cve-2022-22963-rce | Y | Spring Cloud Function SpEL Remote code execution |\n| spring-cve-2022-22965-rce | - | Spring Framework Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| supervisor-cve-2017-11610-rce | - | Supervisor Remote Command Execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| thinkphp-cve-2018-1002015-rce | Y | ThinkPHP5.x Remote code execution |\n| thinkphp-cnvd-2018-24942-rce | Y | The forced route is not enabled RCE |\n| thinkphp-cnnvd-201901-445-rce | Y | Core class Request Remote code execution |\n| thinkphp-cnvd-2022-86535-rce | - | ThinkPHP \"think-lang\" Remote code execution |\n| thinkphp-2.x-rce | - | ThinkPHP2.x Remote code execution |\n| thinkphp-5-ids-sqlinject | - | ThinkPHP5 ids SQLinject |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| ueditor-ssrf | - | Ueditor SSRF |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| uwsgiphp-cve-2018-7490-fileread | Y | uWSGI-PHP Directory traversal |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| vmware-vcenter-2020-10-fileread | Y | In 2020 VMware vCenter 6.5 Any file read |\n| vmware-vcenter-cve-2021-21972-fileupload-rce | - | VMware vSphere Client RCE |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| oracle-weblogic-cve-2014-4210-ssrf | - | Weblogic SSRF |\n| oracle-weblogic-cve-2017-10271-unserialize | - | Weblogic XMLDecoder deSerialization |\n| oracle-weblogic-cve-2019-2725-unserialize | - | Weblogic wls9_async deSerialization |\n| oracle-weblogic-cve-2020-14750-bypass | - | Weblogic Authentication bypass |\n| oracle-weblogic-cve-2020-14882-rce-unauth | Y | Weblogic Unauthorized command execution |\n| oracle-weblogic-cve-2021-2109-rce | - | Weblogic LDAP Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| webmin-cve-2019-15107-rce | Y | Webmin Pre-Auth Remote code execution |\n| webmin-cve-2019-15642-rce | Y | Webmin Remote code execution |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| yonyou-grp-u8-cnnvd-201610-923-sqlinject | - | Yonyou-GRP-U8 Proxy SQLinject |\n| yonyou-nc-cnvd-2021-30167-rce | Y | Yonyou-NC BeanShell Remote code execution |\n| yonyou-erp-nc-ncfindweb-fileread | - | Yonyou-ERP-NC NCFindWeb Directory traversal |\n| yonyou-u8-oa-getsession-dsinfo | - | Yonyou-U8-OA getSessionList.jsp Disclosure info |\n| yonyou-u8-oa-test.jsp-sqlinject | - | Yonyou-U8-OA test.jsp SQLinject |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\n| zabbix-cve-2016-10134-sqlinject | - | latest.php or jsrpc.php SQLinject |\n+----------------------------------------------------------+-----+--------------------------------------------------------------+\nvulcat-2.0.0/2023.03.15\n112/Poc\n55/Shell\n```\n\u003c/details\u003e\n\n## Thanks\n* [vulmap](https://github.com/zhzyker/vulmap)\n* [sqlmap](https://github.com/sqlmapproject/sqlmap)\n* [dirsearch](https://github.com/maurosoria/dirsearch)\n* [HackRequests](https://github.com/boy-hack/hack-requests)\n* [vulhub](https://github.com/vulhub/vulhub)\n* [vulfocus](https://github.com/fofapro/vulfocus)\n* [ttkbootstrap](https://github.com/israel-dryer/ttkbootstrap/)\n* [Xray](github.com/chaitin/xray)\n\n## Document\n\n[document](https://carsaid.github.io/docs/vulcat/)\n\n## Star History\n[![Star History Chart](https://api.star-history.com/svg?repos=CLincat/vulcat\u0026type=Timeline)](https://star-history.com/#Ashutosh00710/github-readme-activity-graph\u0026Timeline)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCLincat%2Fvulcat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FCLincat%2Fvulcat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FCLincat%2Fvulcat/lists"}