198 matches found
EUVD-2021-7561
Malicious code in bioql PyPI...
EUVD-2024-54340
Malicious code in bioql PyPI...
Delta Electronics DIALink Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Delta Electronics DIALink. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DataCenter service, which listens on TCP port 7631 by default. The issue...
Exploit for Code Injection in Xwiki
exploit-scripts...
PT-2025-33841
Name of the Vulnerable Software and Affected Versions: AllSky version 2023.05.01 04 Description: A path traversal flaw exists in AllSky version 2023.05.01 04 that allows an unauthenticated attacker to create a webshell and achieve remote code execution. The issue is located in the /includes/save...
CVE-2012-10054
Umbraco CMS
CVE-2025-34153
Hyland OnBase versions prior to 17.0.2.87 other versions may be affected are vulnerable to unauthenticated remote code execution via insecure deserialization on the .NET Remoting TCP channel. The service registers a listener on port 6031 with the URI endpoint TimerServer, implemented in...
📄 Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated Remote Code Execution
Shenzhen Aitemi M300 Wi-Fi Repeater suffers from a remote code execution vulnerability. package main import "flag" "fmt" "io" "net/http" "net/url" "os" "strings" / Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE CVE-2025-34152 - does not require authentication even when the login panel is...
PT-2025-32394 · Unknown · Wan Emulator
Name of the Vulnerable Software and Affected Versions: WAN Emulator version 2.3 Description: WAN Emulator version 2.3 contains two unauthenticated command execution vulnerabilities. The result.php script calls the shell exec function with unsanitized input from the pc POST parameter, allowing...
Exploit for CVE-2025-34085
📂 Simple File List – Unauthenticated RCE Exploit CVE-2025-340...
Exploit for Injection in Cisco Identity_Services_Engine
CVE-2025-20281 — Cisco ISE ERS API Unauthenticated RCE Exploit...
Exploit for Injection in Cisco Identity_Services_Engine
CVE-2025-20281-2-Cisco-ISE-RCE Unauthenticated Python PoC for...
Unauthenticated Remote Code Execution (RCE)
github.com/kro-run/kro is vulnerable to Unauthenticated Remote code execution RCE. The vulnerability is due to a confused-deputy scenario, where users with permission to create or modify ResourceGraphDefinition resources can supply arbitrary container images that kro's controllers deploy and run ...
CVE-2024-40110
Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code Execution RCE vulnerability via the productimage parameter at /farm/product.php...
CVE-2023-37170
TOTOLINK A3300R V17.0.0cu.557B20221024 was discovered to contain an unauthenticated remote code execution RCE vulnerability via the lang parameter in the setLanguageCfg function...
CVE-2024-6198 SNORE Interface Unauthenticated Remote Code Execution
The device exposes a web interface on ports TCP/3030 and TCP/9882. This web service runs lighttpd, which implements the “SNORE” interface. This interface is affected by a stack buffer overflow vulnerability due to insecure path parsing. An attacker with access to the LAN network interface could u...
Tatsu 3.3.11 - Unauthenticated RCE
Exploit Title:Tatsu 3.3.11 - Unauthenticated RCE Date: 2025-04-16 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Product: Tatsu wordpress plugin = 3.3.11 CVE:...
CVE-2024-13804
Unauthenticated RCE in HPE Insight Cluster Management Utility...
Linux Distros Unpatched Vulnerability : CVE-2023-26035
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33...
Metasploit Weekly Wrap-Up: 02/28/2025
New module content 5 mySCADA myPRO Manager Credential Harvester CVE-2025-24865 and CVE-2025-22896 Author: Michael Heinzl Type: Auxiliary Pull request: 19878 contributed by h4x-x0r Path: admin/scada/mypromgrcreds AttackerKB reference: CVE-2025-22896 Description: This module adds credential...