CVE-2018-1273

This repository contains a working proof-of-concept exploit for CVE-2018-1273, a remote code execution vulnerability in Spring Data Commons. The exploit leverages SpEL injection to execute arbitrary commands on the target system.

This repository contains a functional proof-of-concept for CVE-2018-1273, demonstrating a property binder vulnerability in Spring Data Commons that allows unauthenticated remote code execution via crafted request parameters.

This repository provides a Dockerized environment to exploit CVE-2018-1273, a SpEL injection vulnerability in Spring Data Commons. The PoC demonstrates remote code execution (RCE) via crafted HTTP requests targeting the `/users/` endpoint.

This repository contains a functional PoC for CVE-2018-1273, a Spring Data Commons vulnerability allowing unauthorized access to data via crafted requests. The vulnerable controller demonstrates the flaw by exposing an endpoint that processes unvalidated input.

This repository contains a functional proof-of-concept for CVE-2018-1273, a property binder vulnerability in Spring Data Commons. The exploit demonstrates remote code execution via crafted request parameters targeting Spring Data REST endpoints.

This repository contains a functional proof-of-concept for CVE-2018-1273, demonstrating a property binder vulnerability in Spring Data Commons that allows remote code execution via crafted request parameters. The PoC includes a vulnerable Spring Boot application and curl commands to exploit it.

This repository contains a minimal script to run a vulnerable Spring Data REST application in a loop, but lacks actual exploit code or details. It is part of a vulnerable container management tool (Cved).

This repository contains only the source code of Spring Data Commons, specifically the vulnerable version (dc85837) related to CVE-2018-1273. It lacks any exploit code, proof-of-concept, or technical analysis of the vulnerability itself.