Lucene search
K

1185 matches found

GithubExploit
GithubExploit
added 2025/12/14 9:52 a.m.158 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell – Advanced Discovery & Exploitation Framework An...

10CVSS7.4AI score0.99562EPSS
Exploits388
GithubExploit
GithubExploit
added 2025/12/13 3:42 a.m.162 views

Exploit for Deserialization of Untrusted Data in Facebook React

next88 - React Server Components RCE Scanner High-performance...

10CVSS7.5AI score0.99562EPSS
Exploits388
GithubExploit
GithubExploit
added 2025/12/12 8:43 a.m.157 views

Exploit for Deserialization of Untrusted Data in Facebook React

react2shell-scanner A command-line tool for detecting CVE-202...

10CVSS7.8AI score0.99562EPSS
Exploits388
GithubExploit
GithubExploit
added 2025/12/11 4:33 a.m.162 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Exploitation Tool A comprehensive security res...

10CVSS8.2AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2025/12/09 10:26 a.m.147 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell A scanner for detecting and exploiting Next.js...

10CVSS7.3AI score0.99562EPSS
Exploits388
GithubExploit
GithubExploit
added 2025/12/09 9:53 a.m.157 views

Exploit for Deserialization of Untrusted Data in Facebook React

react2shell-C...

10CVSS7AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2025/12/09 6:41 a.m.161 views

Exploit for Deserialization of Untrusted Data in Facebook React

⚡ CVE-2025-55182 – Auto Exploit Toolkit Precision Engine...

10CVSS7.2AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2025/12/07 3:22 p.m.153 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182-poc-tool A powerful exploit tool for detecting...

10CVSS8.3AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2025/12/06 2:36 p.m.154 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Advanced Scanner A comprehensive command-line...

10CVSS7.9AI score0.99562EPSS
Exploits374
GithubExploit
GithubExploit
added 2025/12/06 10:4 a.m.165 views

Exploit for Deserialization of Untrusted Data in Facebook React

Chain Reaction High-Performance Rust Scanner for React Serv...

10CVSS8.1AI score0.99562EPSS
Exploits388
GithubExploit
GithubExploit
added 2025/12/05 3:58 a.m.247 views

Exploit for CVE-2025-55182

React2Shell Scanner High Fidelity Detection & Exploitation To...

10CVSS8.1AI score0.99562EPSS
Exploits388
Veracode
Veracode
added 2025/11/28 5:57 a.m.12 views

Server-Side Request Forgery (SSRF)

Astro is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insecure and unsanitized use of the x-forwarded-proto and x-forwarded-port headers when constructing URLs, which allows an attacker to manipulate these headers to bypass protected routes, poison caches, trigger...

6.5CVSS7.1AI score0.01112EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVE
added 2025/11/14 4:5 p.m.6 views

CVE-2025-64525

Astro is a web framework. In Astro versions 2.16.0 up to but excluding 5.15.5 which utilizeon-demand rendering, request headers x-forwarded-proto and x-forwarded-port are insecurely used, without sanitization, to build the URL. This has several consequences, the most important of which are:...

6.5CVSS6.9AI score0.01112EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/13 10:46 p.m.9 views

EUVD-2025-175298

Astro vulnerable to URL manipulation via headers, leading to middleware and CVE-2025-61925 bypass...

6.5CVSS6.3AI score0.01112EPSS
Exploits2References5
CVE
CVE
added 2025/11/13 3:58 p.m.23 views

CVE-2025-64525

Summary: Astro 2.16.0 to before 5.15.5 is vulnerable to header-based URL manipulation due to insecure use of unsanitized x-forwarded-proto and x-forwarded-port when building URLs. What’s affected: Astro’s server-side URL construction path uses the header values to compose the request URL in code ...

6.5CVSS6.1AI score0.01112EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/11/13 3:58 p.m.13 views

CVE-2025-64525 Astro: URL manipulation via unsanitized headers leads to path-based middleware protections bypass, potential SSRF/cache-poisoning, CVE-2025-61925 bypass

Astro is a web framework. In Astro versions 2.16.0 up to but excluding 5.15.5 which utilizeon-demand rendering, request headers x-forwarded-proto and x-forwarded-port are insecurely used, without sanitization, to build the URL. This has several consequences, the most important of which are:...

6.5CVSS0.01112EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/11/13 12:0 a.m.7 views

PT-2025-46860

Name of the Vulnerable Software and Affected Versions Astro versions 2.16.0 through 5.15.4 Description Astro, a web framework, contains a flaw in its on-demand rendering feature where the x-forwarded-proto and x-forwarded-port request headers are used without proper sanitization when constructing...

6.5CVSS5.6AI score0.01112EPSS
Exploits1References11
RedhatCVE
RedhatCVE
added 2025/10/16 2:51 p.m.6 views

CVE-2025-54858

When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End o...

8.7CVSS6.8AI score0.00317EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/15 3:30 p.m.7 views

EUVD-2025-34632

When a BIG-IP Advanced WAF or BIG-IP ASM Security Policy is configured with a JSON content profile that has a malformed JSON schema, and the security policy is applied to a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End o...

8.7CVSS6.3AI score0.00317EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/15 3:19 p.m.3 views

CVE-2025-61935 BIG-IP Advanced WAF and ASM vulnerability

When a BIG IP Advanced WAF or ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.4AI score0.0032EPSS
Exploits0References1
Rows per page
Query Builder