Update CVE sources 2024-06-07 17:53

2011/CVE-2011-2523.md

@@ -73,6 +73,7 @@ vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which
 - https://github.com/sponkmonk/Ladon_english_update
 - https://github.com/sunzu94/vsftpd_2.3.4_Exploit
 - https://github.com/tarikemal/exploit-ftp-samba
+- https://github.com/thanawut2903/Port-21-tcp-vsftpd-2.3.4-exploit
 - https://github.com/vaishnavucv/CVE-2011-2523
 - https://github.com/vasanth-tamil/ctf-writeups
 - https://github.com/vmmaltsev/13.1

2012/CVE-2012-1823.md

@@ -14,6 +14,7 @@ No PoCs from references.
 
 #### Github
 - https://github.com/0xl0k1/CVE-2012-1823
+- https://github.com/0xsyr0/OSCP
 - https://github.com/1060275195/Covid-v2-Botnet
 - https://github.com/404tk/lazyscan
 - https://github.com/ARPSyndicate/cvemon

2012/CVE-2012-1876.md

@@ -16,6 +16,7 @@ Microsoft Internet Explorer 6 through 9, and 10 Consumer Preview, does not prope
 #### Github
 - https://github.com/ExploitCN/CVE-2012-1876-win7_x86_and_win7x64
 - https://github.com/WizardVan/CVE-2012-1876
+- https://github.com/ernestang98/win-exploits
 - https://github.com/migraine-sudo/Arsenal
 - https://github.com/ricew4ng/BrowserSecurity
 - https://github.com/ser4wang/BrowserSecurity

2013/CVE-2013-3900.md

@@ -29,6 +29,7 @@ No PoCs from references.
 - https://github.com/ellikt1/Vulnerability-Assessment
 - https://github.com/florylsk/SignatureGate
 - https://github.com/hiba-ahmad1/NessusVulnManagement
+- https://github.com/hibahmad30/NessusVulnManagement
 - https://github.com/izj007/wechat
 - https://github.com/jason-klein/signed-nsis-exe-append-payload
 - https://github.com/lau1010/Packer_VMware_Win19_UEFI_secure_boot_with_Updates

2014/CVE-2014-0130.md

@@ -15,6 +15,7 @@ Directory traversal vulnerability in actionpack/lib/abstract_controller/base.rb
 #### Github
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/omarkurt/cve-2014-0130
 - https://github.com/rubysec/ruby-advisory-db

2014/CVE-2014-0160.md

@@ -18,6 +18,7 @@ The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p
 - https://hackerone.com/reports/6626
 
 #### Github
+- https://github.com/00xNetrunner/Shodan_Cheet-Sheet
 - https://github.com/0day404/vulnerability-poc
 - https://github.com/0x0d3ad/Kn0ck
 - https://github.com/0x90/CVE-2014-0160

2014/CVE-2014-0224.md

@@ -26,6 +26,7 @@ OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not pr
 - https://kc.mcafee.com/corporate/index?page=content&id=SB10075
 
 #### Github
+- https://github.com/00xNetrunner/Shodan_Cheet-Sheet
 - https://github.com/0nopnop/qualysparser
 - https://github.com/1N3/MassBleed
 - https://github.com/84KaliPleXon3/a2sv

2014/CVE-2014-1234.md

@@ -16,4 +16,5 @@ No PoCs from references.
 - https://github.com/Haifisch/dayswithoutansslexploit
 - https://github.com/fhightower/ioc-finder
 - https://github.com/guilhermeG23/manual_suricata_simples
+- https://github.com/xssec/xshodan
 

2014/CVE-2014-6271.md

@@ -29,6 +29,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://www.exploit-db.com/exploits/42938/
 
 #### Github
+- https://github.com/00xNetrunner/Shodan_Cheet-Sheet
 - https://github.com/0bfxgh0st/cve-2014-6271
 - https://github.com/0x00-0x00/CVE-2014-6271
 - https://github.com/0x0d3ad/Kn0ck
@@ -368,6 +369,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/francisck/shellshock-cgi
 - https://github.com/fxschaefer/ejpt
 - https://github.com/gabemarshall/shocknaww
+- https://github.com/gauss77/LaboratoriosHack
 - https://github.com/ghoneycutt/puppet-module-cve
 - https://github.com/gipi/cve-cemetery
 - https://github.com/giterlizzi/secdb-feeds
@@ -542,6 +544,7 @@ GNU Bash through 4.3 processes trailing strings after function definitions in th
 - https://github.com/riikunn1004/oscp-cheatsheet
 - https://github.com/rjdj0261/-Awesome-Hacking-
 - https://github.com/rmetzler/ansible-shellshock-fix
+- https://github.com/rodolfomarianocy/OSCP-Tricks-2023
 - https://github.com/roninAPT/pentest-kit
 - https://github.com/rrmomaya2900/0dayWriteup-THM
 - https://github.com/rrreeeyyy/cve-2014-6271-spec

2014/CVE-2014-7818.md

@@ -13,6 +13,7 @@ Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/s
 - https://puppet.com/security/cve/cve-2014-7829
 
 #### Github
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/tdunning/github-advisory-parser

2014/CVE-2014-7829.md

@@ -14,6 +14,7 @@ Directory traversal vulnerability in actionpack/lib/action_dispatch/middleware/s
 - https://puppet.com/security/cve/cve-2014-7829
 
 #### Github
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-

2015/CVE-2015-1635.md

@@ -19,6 +19,7 @@ HTTP.sys in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Wind
 - https://github.com/ACIC-Africa/metasploitable3
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Aquilao/Toy-Box
+- https://github.com/Cappricio-Securities/CVE-2015-1635
 - https://github.com/H3xL00m/CVE-2015-1635
 - https://github.com/H3xL00m/CVE-2015-1635-POC
 - https://github.com/Olysyan/MSS

2015/CVE-2015-3104.md

@@ -17,5 +17,6 @@ No PoCs from references.
 - https://github.com/BLACKHAT-SSG/EXP-401-OSEE
 - https://github.com/HaifeiLi/HardenFlash
 - https://github.com/PwnAwan/EXP-401-OSEE
+- https://github.com/ernestang98/win-exploits
 - https://github.com/gscamelo/OSEE
 

2015/CVE-2015-3306.md

@@ -45,6 +45,7 @@ The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write t
 - https://github.com/developer3000S/PoC-in-GitHub
 - https://github.com/ebantula/eHacking_LABS
 - https://github.com/firatesatoglu/shodanSearch
+- https://github.com/gauss77/LaboratoriosHack
 - https://github.com/hackarada/cve-2015-3306
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/hktalent/TOP

2015/CVE-2015-6748.md

@@ -16,4 +16,5 @@ Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3.
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/Anonymous-Phunter/PHunter
 - https://github.com/CGCL-codes/PHunter
+- https://github.com/epicosy/VUL4J-59
 

2015/CVE-2015-7576.md

@@ -14,6 +14,7 @@ No PoCs from references.
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-

2015/CVE-2015-7581.md

@@ -14,6 +14,7 @@ No PoCs from references.
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/zhangyongbo100/-Ruby-dl-handle.c-CVE-2009-5147-

2016/CVE-2016-0117.md

@@ -16,4 +16,5 @@ No PoCs from references.
 - https://github.com/0xCyberY/CVE-T4PDF
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/datntsec/WINDOWS-10-SEGMENT-HEAP-INTERNALS
+- https://github.com/ernestang98/win-exploits
 

2016/CVE-2016-0751.md

@@ -14,6 +14,7 @@ No PoCs from references.
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/jasnow/585-652-ruby-advisory-db
 - https://github.com/rubysec/ruby-advisory-db
 - https://github.com/vulsio/go-cve-dictionary

2016/CVE-2016-0752.md

@@ -18,6 +18,7 @@ Directory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.
 - https://github.com/NzKoff/shift_summer_2019
 - https://github.com/Ostorlab/KEV
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
+- https://github.com/bibin-paul-trustme/ruby_repo
 - https://github.com/dachidahu/CVE-2016-0752
 - https://github.com/forced-request/rails-rce-cve-2016-0752
 - https://github.com/jasnow/585-652-ruby-advisory-db

2016/CVE-2016-5678.md

@@ -14,5 +14,5 @@ NUUO NVRmini 2 1.0.0 through 3.0.0 and NUUO NVRsolo 1.0.0 through 3.0.0 have har
 - https://www.exploit-db.com/exploits/40200/
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/xssec/xshodan
 

2017/CVE-2017-4905.md

@@ -16,4 +16,5 @@ No PoCs from references.
 
 #### Github
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/ernestang98/win-exploits
 

2017/CVE-2017-6090.md

@@ -17,5 +17,6 @@ Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/asaotomo/FofaMap
 - https://github.com/jlk/exploit-CVE-2017-6090
 

2018/CVE-2018-17463.md

@@ -18,6 +18,7 @@ Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 al
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/Uniguri/CVE-1day
 - https://github.com/changelog2020/JSEChalls
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hwiwonl/dayone
 - https://github.com/jhalon/CVE-2018-17463
 - https://github.com/kdmarti2/CVE-2018-17463

2018/CVE-2018-20250.md

@@ -83,6 +83,7 @@ In WinRAR versions prior to and including 5.61, There is path traversal vulnerab
 - https://github.com/eastmountyxz/NetworkSecuritySelf-study
 - https://github.com/eastmountyxz/SystemSecurity-ReverseAnalysis
 - https://github.com/githuberxu/Safety-Books
+- https://github.com/gnusec/soapffzblogposts_backup
 - https://github.com/googleprojectzero/winafl
 - https://github.com/gyaansastra/Red-Team-Toolkit
 - https://github.com/hardik05/winafl-powermopt

2018/CVE-2018-9948.md

@@ -15,6 +15,7 @@ This vulnerability allows remote attackers to disclose sensitive information on
 
 #### Github
 - https://github.com/0xT11/CVE-POC
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958
 - https://github.com/orangepirate/cve-2018-9948-9958-exp

2018/CVE-2018-9958.md

@@ -17,6 +17,7 @@ This vulnerability allows remote attackers to execute arbitrary code on vulnerab
 #### Github
 - https://github.com/0xT11/CVE-POC
 - https://github.com/ARPSyndicate/cvemon
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/manojcode/Foxit-Reader-RCE-with-virualalloc-and-shellcode-for-CVE-2018-9948-and-CVE-2018-9958
 - https://github.com/t3rabyt3-zz/CVE-2018-9958--Exploit

2019/CVE-2019-0567.md

@@ -20,6 +20,7 @@ A remote code execution vulnerability exists in the way that the Chakra scriptin
 - https://github.com/EanNewton/Awesome-Reading-List
 - https://github.com/NatteeSetobol/Chakra-CVE-2019-0567
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/lnick2023/nicenice
 - https://github.com/nomi-sec/PoC-in-GitHub

2019/CVE-2019-11358.md

@@ -3134,6 +3134,7 @@ jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishan
 - https://github.com/harshidk/MilleniumFalcons2022-2023OLD
 - https://github.com/harshidk/viperftclibrary-cpp
 - https://github.com/hashgupta/StaticDischargeCode
+- https://github.com/hatchetAx/14887FTC
 - https://github.com/hatchetAxing/14887FTC
 - https://github.com/heatedmonkeytrousers/powerplay
 - https://github.com/heavydriver/ftc_jasper

2019/CVE-2019-13764.md

@@ -20,6 +20,7 @@ No PoCs from references.
 - https://github.com/KotenAngered/ZTE-Blade-A5-2019-Nae-Nae-List
 - https://github.com/OpposedDeception/ZTE-Blade-A5-2019-Nae-Nae-List
 - https://github.com/Self-Study-Committee/Skr_Learning
+- https://github.com/ernestang98/win-exploits
 - https://github.com/jfmcoronel/eevee
 - https://github.com/sslab-gatech/DIE
 - https://github.com/taielab/awesome-hacking-lists

2019/CVE-2019-13768.md

@@ -16,6 +16,7 @@ No PoCs from references.
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ZwCreatePhoton/CVE-2019-5782_CVE-2019-13768
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/wh1ant/vulnjs
 - https://github.com/yuvaly0/exploits

2019/CVE-2019-18683.md

@@ -22,6 +22,7 @@ An issue was discovered in drivers/media/platform/vivid in the Linux kernel thro
 - https://github.com/IdanBanani/Linux-Kernel-VR-Exploitation
 - https://github.com/Limesss/cve-2019-18683
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/fkie-cad/nvd-json-data-feeds
 - https://github.com/hectorgie/PoC-in-GitHub
 - https://github.com/kdn111/linux-kernel-exploitation
 - https://github.com/khanhdn111/linux-kernel-exploitation

2020/CVE-2020-0674.md

@@ -49,6 +49,7 @@ A remote code execution vulnerability exists in the way that the scripting engin
 - https://github.com/binaryfigments/CVE-2020-0674
 - https://github.com/cyberanand1337x/bug-bounty-2022
 - https://github.com/developer3000S/PoC-in-GitHub
+- https://github.com/ernestang98/win-exploits
 - https://github.com/forrest-orr/DoubleStar
 - https://github.com/hasee2018/Penetration_Testing_POC
 - https://github.com/hectorgie/PoC-in-GitHub

2020/CVE-2020-0796.md

@@ -209,6 +209,7 @@ A remote code execution vulnerability exists in the way that the Microsoft Serve
 - https://github.com/gabimarti/SMBScanner
 - https://github.com/giterlizzi/secdb-feeds
 - https://github.com/githuberxu/Safety-Books
+- https://github.com/gnusec/soapffzblogposts_backup
 - https://github.com/h7ml/h7ml
 - https://github.com/hack-parthsharma/WinPwn
 - https://github.com/halsten/CVE-2020-0796

2020/CVE-2020-16040.md

@@ -21,6 +21,7 @@ Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowe
 - https://github.com/anvbis/chrome_v8_ndays
 - https://github.com/anvbis/trivialize
 - https://github.com/dongAxis/to_be_a_v8_master
+- https://github.com/ernestang98/win-exploits
 - https://github.com/hktalent/bug-bounty
 - https://github.com/joydo/CVE-Writeups
 - https://github.com/maldev866/ChExp_CVE_2020_16040

2020/CVE-2020-6368.md

@@ -0,0 +1,17 @@
+### [CVE-2020-6368](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6368)
+![](https://img.shields.io/static/v1?label=Product&message=SAP%20Business%20Planning%20and%20Consolidation&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3C750%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross%20Site%20Scripting&color=brighgreen)
+
+### Description
+
+SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users, leading to Cross Site Scripting.
+
+### POC
+
+#### Reference
+No PoCs from references.
+
+#### Github
+- https://github.com/ernestang98/win-exploits
+

2021/CVE-2021-26084.md

@@ -71,6 +71,7 @@ In affected versions of Confluence Server and Data Center, an OGNL injection vul
 - https://github.com/S3cur3Th1sSh1t/Pentest-Tools
 - https://github.com/SYRTI/POC_to_review
 - https://github.com/Sma11New/PocList
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/TesterCC/exp_poc_library
 - https://github.com/TheclaMcentire/CVE-2021-26084_Confluence
 - https://github.com/Threekiii/Awesome-POC

2021/CVE-2021-33564.md

@@ -27,6 +27,7 @@ An argument injection vulnerability in the Dragonfly gem before 1.4.0 for Ruby a
 - https://github.com/markevans/dragonfly
 - https://github.com/mlr0p/CVE-2021-33564
 - https://github.com/nomi-sec/PoC-in-GitHub
+- https://github.com/rodolfomarianocy/OSCP-Tricks-2023
 - https://github.com/soosmile/POC
 - https://github.com/trhacknon/Pocingit
 - https://github.com/zecool/cve

2021/CVE-2021-34473.md

@@ -33,6 +33,7 @@ Microsoft Exchange Server Remote Code Execution Vulnerability
 - https://github.com/CVEDB/PoC-List
 - https://github.com/CVEDB/awesome-cve-repo
 - https://github.com/CVEDB/top
+- https://github.com/Dheerajmadhukar/karma_v2
 - https://github.com/DiedB/caldera-precomp
 - https://github.com/FDlucifer/Proxy-Attackchain
 - https://github.com/GhostTroops/TOP

2021/CVE-2021-38003.md

@@ -18,6 +18,7 @@ No PoCs from references.
 - https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
 - https://github.com/SpiralBL0CK/Chrome-V8-RCE-CVE-2021-38003
 - https://github.com/anvbis/chrome_v8_ndays
+- https://github.com/ernestang98/win-exploits
 - https://github.com/kestryix/tisc-2023-writeups
 - https://github.com/numencyber/Vulnerability_PoC
 - https://github.com/wh1ant/vulnjs

2021/CVE-2021-43798.md

@@ -77,6 +77,7 @@ Grafana is an open-source platform for monitoring and observability. Grafana ver
 - https://github.com/anonymous364872/Rapier_Tool
 - https://github.com/apif-review/APIF_tool_2024
 - https://github.com/asaotomo/CVE-2021-43798-Grafana-Exp
+- https://github.com/asaotomo/FofaMap
 - https://github.com/aymenbouferroum/CVE-2021-43798_exploit
 - https://github.com/b4zinga/Raphael
 - https://github.com/bigblackhat/oFx

2022/CVE-2022-0149.md

@@ -15,4 +15,5 @@ The WooCommerce Stored Exporter WordPress plugin before 2.7.1 was affected by a
 #### Github
 - https://github.com/ARPSyndicate/cvemon
 - https://github.com/ARPSyndicate/kenzer-templates
+- https://github.com/asaotomo/FofaMap
 

2022/CVE-2022-1134.md

@@ -13,5 +13,5 @@ Type confusion in V8 in Google Chrome prior to 100.0.4896.60 allowed a remote at
 - http://packetstormsecurity.com/files/172851/Chrome-Renderer-Type-Confusion-Remote-Code-Execution.html
 
 #### Github
-No PoCs found on GitHub currently.
+- https://github.com/ernestang98/win-exploits
 

2022/CVE-2022-1388.md

@@ -78,6 +78,7 @@ On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.
 - https://github.com/Stonzyy/Exploit-F5-CVE-2022-1388
 - https://github.com/Str1am/my-nuclei-templates
 - https://github.com/SudeepaShiranthaka/F5-BIG-IP-Remote-Code-Execution-Vulnerability-CVE-2022-1388-A-Case-Study
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/Threekiii/Awesome-POC
 - https://github.com/TomArni680/CVE-2022-1388-POC
 - https://github.com/TomArni680/CVE-2022-1388-RCE

2022/CVE-2022-22947.md

@@ -74,6 +74,7 @@ In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are v
 - https://github.com/Sec-Fork/mullet2
 - https://github.com/SiJiDo/CVE-2022-22947
 - https://github.com/Summer177/Spring-Cloud-Gateway-CVE-2022-22947
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/SummerSec/learning-codeql
 - https://github.com/Tas9er/SpringCloudGatewayRCE
 - https://github.com/Threekiii/Awesome-Exploit

2022/CVE-2022-22963.md

@@ -68,6 +68,7 @@ In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, w
 - https://github.com/SirElmard/ethical_hacking
 - https://github.com/SnailDev/github-hot-hub
 - https://github.com/SourM1lk/CVE-2022-22963-Exploit
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/Threekiii/Awesome-Exploit
 - https://github.com/Threekiii/Awesome-POC
 - https://github.com/Threekiii/Awesome-Redteam

2022/CVE-2022-22965.md

@@ -97,6 +97,7 @@ A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable t
 - https://github.com/Snip3R69/spring-shell-vuln
 - https://github.com/Sparrow-Co-Ltd/real_cve_examples
 - https://github.com/SummerSec/BlogPapers
+- https://github.com/SummerSec/SpringExploit
 - https://github.com/SummerSec/SummerSec
 - https://github.com/TheGejr/SpringShell
 - https://github.com/Threekiii/Awesome-Exploit