WP资源下载管理 Security Vulnerabilities
6.9AI Score
0.001EPSS
Exploit for Expression Language Injection in Atlassian Confluence Server
confluence rce (CVE-2021-26084, CVE-2022-26134,...
7.3AI Score
Exploit for Incorrect Authorization in Vmware Spring Security
CVE-2022-22978-demo CVE-2022-22978漏洞示例代码 利用条件...
7AI Score
0.009EPSS
1Panel's password verification is suspected to have a timing attack vulnerability
Summary 源码中密码校验处使用 != 符号,而不是hmac.Equal,这可能导致产生计时攻击漏洞,从而爆破密码。 建议使用 hmac.Equal 比对密码。 Details https://github.com/1Panel-dev/1Panel/blob/dev/backend/app/service/auth.go#L81C5-L81C26 PoC Impact...
7.2AI Score
0.0004EPSS
1Panel's password verification is suspected to have a timing attack vulnerability
Summary 源码中密码校验处使用 != 符号,而不是hmac.Equal,这可能导致产生计时攻击漏洞,从而爆破密码。 建议使用 hmac.Equal 比对密码。 Details https://github.com/1Panel-dev/1Panel/blob/dev/backend/app/service/auth.go#L81C5-L81C26 PoC Impact...
7.2AI Score
0.0004EPSS
1Panel's password verification is suspected to have a timing attack vulnerability
源码中密码校验处使用 != 符号,而不是hmac.Equal,这可能导致产生计时攻击漏洞,从而爆破密码。 建议使用 hmac.Equal...
3.9CVSS
7.2AI Score
0.0004EPSS
9.7AI Score
0.133EPSS
9.6AI Score
0.133EPSS
7.2AI Score
0.0004EPSS
8.8CVSS
7AI Score
0.006EPSS
Exploit for Vulnerability in Rarlab Winrar
eval-winrar evil-winrar,cve-2023-38831漏洞利用和社会工程学攻击框架...
7.3AI Score
ESAFENET CDG - Arbitrary File Download
ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability via the fileName parameter in download.jsp because the InstallationPack parameter is mishandled in a /CDGServer3/ClientAjax...
7.6AI Score
0.054EPSS
Exploit for Vulnerability in Microsoft
CVE-2024-21412_Water-Hydra 通过 CVE-2024-21412 传递恶意软件...
7.2AI Score
0.002EPSS
Exploit for Vulnerability in Microsoft
CVE-2024-21412_Water-Hydra 通过 CVE-2024-21412 传递恶意软件...
7.3AI Score
0.002EPSS
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Solr
Apache-Solr-RCE_CVE-2023-50386_POC Apache Solr Backup/Restore...
7.3AI Score
0.871EPSS
7.1AI Score
0.005EPSS
7.4AI Score
0.975EPSS
Exploit for Injection in Atlassian Confluence Data Center
CVE-2023-22527-Godzilla-MEMSHELL Usage **ps:...
9.9AI Score
0.975EPSS
Exploit for OS Command Injection in Hikvision Intercom Broadcast System
CVE-2023-6895 漏洞扫描器 这是一个简单的 Python 脚本,用于扫描网站以检查是否存在...
7.1AI Score
0.902EPSS
Exploit for Injection in Jeecg Jimureport
CVE-2023-4450-Attack 用于攻击JimuReport的CVE-2023-4450漏洞的自动化工具...
7.1AI Score
0.005EPSS
Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc
【漏洞复现】CVE-2024-21626 docker runc逃逸漏洞 1、漏洞简介 | 漏洞名称 |...
8.7AI Score
0.051EPSS
Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc
CVE-2024-21626-POC 使用说明 仅供教育/研究使用,任何与教育/研究无关的行为所产生的风险自行负责...
8.8AI Score
0.051EPSS
Exploit for Exposure of Resource to Wrong Sphere in Linuxfoundation Runc
CVE-2024-21626-POC 使用说明 仅供教育/研究使用,任何与教育/研究无关的行为所产生的风险自行负责...
8.8AI Score
0.051EPSS
9.1AI Score
0.959EPSS
Exploit for Injection in Atlassian Confluence Data Center
CVE-2023-22527 Atlassian Confluence - Remote Code Execution...
10AI Score
0.975EPSS
A vulnerability, which was classified as critical, has been found in 个人开源 mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has.....
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2024-0738 个人开源 mldong DecisionModel.java ExpressionEngine code injection
A vulnerability, which was classified as critical, has been found in 个人开源 mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has.....
10AI Score
0.001EPSS
SQL Injection Vulnerability in Ruiyou Tianyi Application Virtualization System
Xi'an Ruiyou Information Technology Co., Ltd. is a professional virtualization and cloud computing solution provider. A SQL injection vulnerability exists in Ruiyou Skywing Application Virtualization System, which can be exploited by attackers to obtain database information and execute...
7.9AI Score
7.8AI Score
0.894EPSS
CloudMirror Network Asset Vulnerability Scanning System is a new generation of vulnerability risk management products independently developed by DeepSense, combining years of practical experience in vulnerability mining and security services, to help users check the vulnerability risks of assets...
7AI Score
7.3AI Score
0.894EPSS
Exploit for Code Injection in Apache Ofbiz
OFBiz-Attack A Tool For CVE-2023-49070/CVE-2023-51467 Attack...
7.5AI Score
Electronic document security management system is a controllable authorization of electronic document security sharing management system, using real-time dynamic encryption and decryption protection technology and real-time rights recovery mechanism, to provide all kinds of electronic documents...
7.1AI Score
Exploit for SQL Injection in Jeecg Jeecg-Boot
JeecgBoot SQL(CVE-2023-1454)exp 1.漏洞详情 jeecg-boot...
7AI Score
0.087EPSS
6.9AI Score
0.932EPSS
8AI Score
0.339EPSS
Exploit for Cross-site Scripting in Helpsystems Cobalt Strike
Gui-poc-test A testing tool for...
7.4AI Score
Exploit for Incorrect Authorization in Atlassian Confluence Data Center
CVE-2023-22518 Confluence CVE-2023-22518 Description ...
7.4AI Score
0.966EPSS
Exploit for Out-of-bounds Read in Polkit Project Polkit
Polkit-Permission-promotion-compiled Polkit提权包 CVE-2021-4034...
8.1AI Score
Exploit for Out-of-bounds Read in Polkit Project Polkit
Polkit-Permission-promotion-compiled Polkit提权包 CVE-2021-4034...
8.1AI Score
Exploit for Out-of-bounds Read in Polkit Project Polkit
Polkit-Permission-promotion-compiled Polkit提权包 CVE-2021-4034...
8.1AI Score
Exploit for Vulnerability in Google Chrome
工具简介 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞...
8.5AI Score
0.002EPSS
Exploit for Vulnerability in Google Chrome
工具简介 全球首款单文件利用 CVE-2023-4357 Chrome XXE 漏洞...
8.5AI Score
0.002EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
1、进入activemq/bin,选择x64或x32,以管理员权限执行activemq.bin...
9.8AI Score
0.973EPSS
Zhengzhou Zhengda Information Technology Co., Ltd. is a supply chain-industrial chain digitization and financial service solution provider. Zhengzhou Zhengda Information Technology Co., Ltd. mobile service management backend has a SQL injection vulnerability, which can be exploited by attackers to....
7.5AI Score
8.2AI Score
Cross-Site Request Forgery (CSRF) vulnerability in 闪电博 多合一搜索自动推送管理插件-支持Baidu/Google/Bing/IndexNow/Yandex/头条 plugin <= 4.2.7...
7.1AI Score
0.001EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
项目参考 本项目是参考 https://github.com/X1r0z/ActiveMQ-RCE 项目的 exp...
9.7AI Score
0.973EPSS
Exploit for Deserialization of Untrusted Data in Apache Activemq
⚙️ 工具简介 (Welcome star 🌟) **CVE-2023-46604 之 ActiveMQ RCE...
9.4AI Score
0.973EPSS
6.9AI Score
0.0004EPSS