1321 matches found
Exploit for Injection in Vm2_Project Vm2
CVE-2023-30547 Vulnerability de...
Milesight UR5X / UR32L / UR32 / UR35 / UR41 Credential Leakage
!/usr/bin/env python3 -- coding: utf-8 -- """ Title: Credential Leakage Through Unprotected System Logs and Weak Password Encryption CVE: CVE-2023-43261 Script Author: Bipin Jitiya @win3zz Vendor: Milesight IoT - https://www.milesight-iot.com/ Formerly Xiamen Ursalink Technology Co., Ltd...
Exploit for Command Injection in Ivanti Connect_Secure
Introduction 🌐 This repository contains a Python script desi...
Exploit for Cross-Site Request Forgery (CSRF) in Moxa Iologik_E1210_Firmware
This repository contains a Python script and a nuclei template d...
Exploit for Code Injection in Craftcms Craft_Cms
This python script exploits the Remote Code Execution vulnerabil...
Exploit for Path Traversal in Jenkins
CVE-2024-23897 | Jenkins -p -f or bash python CVE-...
Exploit for CVE-2023-47400
CVE-2023-47400 Proof of Concept for the CVE-2023-47400 Aut...
Exploit for Heap-based Buffer Overflow in Gnu Glibc
GNU C Library's Dynamic Loader Vulnerability CVE-2023-4911...
Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
Description The plugin is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an...
Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
Description The plugin is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site, such as an...
Exploit for Weak Password Recovery Mechanism for Forgotten Password in Gitlab
CVE-2023-7028 | Account-Take-Over Gitlab Disclamer This co...
Exploit for Insufficient Verification of Data Authenticity in Postfix
PoC for CVE-2023-51764 SMTP SMUGGLING Postfix CVE-2023-51...
Exploit for Server-Side Request Forgery in Resf Rocky_Linux
CVE-2021-40438 - Apache = 2.4.48 - SSRF Python exploit A craf...
WP Go Maps < 9.0.28 - Unauthenticated Stored XSS
Description The plugin does not properly protect most of its REST API routes, which attackers can abuse to store malicious HTML/Javascript on the site. Run the following Python script, then visit https://vulnerable-site.tld/wp-admin/admin.php?page=wp-google-maps-menu&action=edit&mapid=1...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Minio
CVE-2023-28432 CVE-2023-28432 Minio Information isclosure Exp...
Exploit for Code Injection in Qodeinteractive Qode_Essential_Addons
CVE-2023-47840 Qode Essential Addons = 1.5.2 - Missing Aut...
Exploit for OS Command Injection in Vsftpd_Project Vsftpd
CVE-2011-2523-poc This is a python3 script to exploit the CVE...
Exploit for Unrestricted Upload of File with Dangerous Type in Royal-Elementor-Addons Royal_Elementor_Addons
CVE-2023-5360 An Open-source EXPLOIT for The Royal Elementor...
Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center
CVE-2023-22518 Improper Authorization Vulnerability in Conflue...
Exploit for Classic Buffer Overflow in Draytek Vigor3910_Firmware
CVE-2022-32548-RCE-POC DrayTek unauthenticated remote code exe...