Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-48322 PoC — run.codes 安全漏洞

Source
https://github.com/trqt/CVE-2024-48322
Associated Vulnerability
Title:run.codes 安全漏洞 (CVE-2024-48322)
Description:UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability.
Readme
# CVE-2024-48322

You need to have an account in the RunCodes instance, any privilege.
Install with poetry and run providing the base url of the instance.

```sh
$ python pay.py <...>
```

Look at your email inbox, the password should be there.
File Snapshot

 [4.0K]  /data/pocs/9e0413e4d51a7cf596b3bf1415b928d9f98a5973
├── [1.4K]  pay.py
├── [5.2K]  poetry.lock
├── [ 324]  pyproject.toml
└── [ 245]  README.md

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →