Lucene search
K

41 matches found

OSV
OSV
added 3 days ago5 views

PYSEC-2026-316 cobbler allows anyone to connect to cobbler XML-RPC server with known password and make changes

Summary utils.getsharedsecret always returns -1 - allows anyone to connect to cobbler XML-RPC as user '' password -1 and make any changes. Details utils.py getsharedsecret: def getsharedsecret - Unionstr, int: """ The 'web.ss' file is regenerated each time cobblerd restarts and is used to agree o...

9.8CVSS7.3AI score0.03948EPSS
Exploits6References7
GithubExploit
GithubExploit
added 2026/05/06 5:44 p.m.101 views

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

CVE-2026-0073 PoC Wireless ADB TLS Auth Bypass This directo...

8.8CVSS6AI score0.00541EPSS
Exploits12
GithubExploit
GithubExploit
added 2026/03/21 8:11 a.m.258 views

Exploit for CVE-2026-33017

CVE-2026-33017 — Langflow Unauthenticated RCE PoC !CVEhttp...

9.8CVSS7.8AI score0.99968EPSS
Exploits49
GithubExploit
GithubExploit
added 2026/03/08 4:59 p.m.187 views

Exploit for Code Injection in Craftcms Craft_Cms

CVE-Public - Vulnerability Proof-of-Concept Script Library...

10CVSS7.7AI score0.99803EPSS
Exploits16
GithubExploit
GithubExploit
added 2026/02/27 6:58 a.m.156 views

Exploit for CVE-2023-24012

DDS Security Test This is a ROS 2 DDS security testing enviro...

8.2CVSS5.8AI score0.00271EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/02/26 6:35 p.m.146 views

Exploit for Improper Verification of Cryptographic Signature in Pysaml2_Project Pysaml2

CVE-2021-21239 This is a poc script to explot the xmlsec vu...

6.5CVSS5.7AI score0.0118EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.271 views

CodeCanyon Rise CRM 3.7.0 SQL Injection

CodeCanyon Rise CRM version 3.7.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. PROOF OF CONCEPT CVE: CVE-2024-8945 Exploit Title: RISE Ultimate Project Manager 3.7 sql injection POC Google Dork: N/A Date: September 19, 2024 Exploit Author: Jobyer Ahmed...

5.3CVSS8.4AI score0.14545EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/01/01 6:25 p.m.167 views

Exploit for CVE-2024-42327

Zabbix-CVE-2024-42327 RCE PoC...

9.9CVSS8.5AI score0.78831EPSS
Exploits13
GithubExploit
GithubExploit
added 2024/09/04 7:59 p.m.184 views

Exploit for Cross-Site Request Forgery (CSRF) in Concretecms Concrete_Cms

CVE-2017-5638 Apache Struts 2 RCE Proof of Concept This repos...

10CVSS9.8AI score0.99999EPSS
Exploits44
GithubExploit
GithubExploit
added 2024/08/02 8:17 p.m.267 views

Exploit for Command Injection in Nikhil-Bhalerao Poultry_Farm_Management_System

PoC exploit for CVE-2024-40110, an arbitrary file upload vulnera...

9.8CVSS7.3AI score0.01909EPSS
Exploits3
GithubExploit
GithubExploit
added 2024/05/18 2:42 a.m.327 views

Exploit for Unrestricted Upload of File with Dangerous Type in Git

Poc for CVE-2024-32002, the script made from the developer's t...

9CVSS8.2AI score0.25334EPSS
Exploits32
GithubExploit
GithubExploit
added 2024/05/02 6:31 p.m.351 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL...

9.8CVSS9.4AI score0.99999EPSS
Exploits75
GithubExploit
GithubExploit
added 2024/03/06 4:11 a.m.324 views

Exploit for Unrestricted Upload of File with Dangerous Type in F-Logic Datacube3

CVE-2024-25830 and CVE-2024-25832 - DataCube3 Improper Access...

9.8CVSS9.5AI score0.2403EPSS
Exploits6
GithubExploit
GithubExploit
added 2024/01/08 9:53 p.m.301 views

Exploit for Command Injection in Hytec Hwl-2511-Ss_Firmware

CVE-2022-36553 - Hytec Inter HWL-2511-SS Unauthenticated Remo...

9.8CVSS9.5AI score0.99999EPSS
Exploits75
GithubExploit
GithubExploit
added 2023/11/07 3:57 a.m.571 views

Exploit for CVE-2023-38646

Metabase Pre-Auth RCE POC - CVE-2023-38646 Metabase open sourc...

9.8CVSS10AI score0.97924EPSS
Exploits36
GithubExploit
GithubExploit
added 2023/06/08 6:18 p.m.504 views

Exploit for Cleartext Storage of Sensitive Information in Assmann Ht-Ip211Hdp_Firmware

CVE-2023-30146 - Assmann/HooToo Webcam Exploit - Sensitive Dat...

7.5CVSS7.6AI score0.00645EPSS
Exploits2
GithubExploit
GithubExploit
added 2022/12/22 9:35 a.m.378 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell OW...

9.8CVSS8.7AI score0.99964EPSS
Exploits11
GithubExploit
GithubExploit
added 2022/11/22 2:9 p.m.152 views

Exploit for Path Traversal in Apache Http_Server

Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code...

9.8CVSS9.7AI score0.99992EPSS
Exploits173
Zero Science Lab
Zero Science Lab
added 2022/05/29 12:0 a.m.440 views

Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root Exploit

Summary The C-Bus Network Automation Controller 5500NAC and the Wiser for C-Bus Automation Controller 5500SHAC is an advanced controller from Schneider Electric. It is specifically designed to unite the C-Bus home automation solution with common household communication protocols, from lighting an...

6.3AI score
Exploits0
Gitee
Gitee
added 2020/09/23 7:34 p.m.9 views

Exploit for CVE-2020-1938

It is an exploit module for CVE-2020-1938, a Tomcat AJP LFI vulnerability. The target product/service is Apache Tomcat, and the vulnerability class/vector is Local File Inclusion LFI. The probable entry point is the poc.py script, which is typically invoked by running it with Python 2.7, specifyi...

9.8CVSS7.3AI score0.9927EPSS
Exploits45
Rows per page
Query Builder