CVE-2026-42853

creationtimestamp| type| source ---|---|--- 2026-05-13 19:29:14+00:00| published-proof-of-concept| https://github.com/apostrophecms/apostrophe/security/advisories/GHSA-hcwq-x9fw-8cfq...

CVE-2026-31815

creationtimestamp| type| source ---|---|--- 2026-03-09 10:58:20+00:00| published-proof-of-concept| https://github.com/django-commons/django-unicorn/security/advisories/GHSA-ffv6-jj46-x367...

CVE-2026-1337

creationtimestamp| type| source ---|---|--- 2026-02-06 15:31:03+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-xr72-g735-4vwp...

SUSE: Security Advisory (SUSE-SU-2025:02275-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-303787

creationtimestamp| type| source ---|---|--- 2025-05-13 16:58:56+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0155...

CVE-2025-277447

creationtimestamp| type| source ---|---|--- 2025-04-08 16:50:53+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0107...

Carel pCOWeb HVAC Modbus Interface Authentication Bypass

Advisory: Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC As part of it's features, the Carel pCOWeb card exposes a Modbus interface to the network. By design, Modbus does not provide authentication, allowing to control the affected system. Details ======= Product: HVAC units usin...

CentOS Control Web Panel 0.9.8.836 - Authentication Bypass Vulnerability

Exploit for linux platform in category web applications Exploit Title: CWP CentOS Control Web Panel ||/us...

Cisco RV130W 1.0.3.44 - Remote Stack Overflow Exploit

!/usr/bin/python Exploit Title: Cisco RV130W Remote Stack Overflow Google Dork: n/a Date: Advisory Published: Feb 2019 Exploit Author: @0x00string Vendor Homepage: cisco.com Software Link: https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html Version...

F5 BIG-IP 11.6 SSL Virtual Server - 'Ticketbleed' Memory Disclosure

-- coding: utf-8 -- !/usr/bin/python Exploit Title: Ticketbleed Google Dork: n/a Date: Exploit: 02/13/17, Advisory Published: 02/09/17 Exploit Author: @0x00string Vendor Homepage: https://f5.com/ Software Link: https://support.f5.com/csp/article/K05121675 Version: see software link for versions...

Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload

Exploit for php platform in category web applications Unauthenticated File Upload in Relay Ajax Directory Manager may Lead to Remote Command Execution A vulnerability within the Relay Ajax Directory Manager web application allows unauthenticated attackers to upload arbitrary files to the web serv...

ImPAX Agility 1.1074.RC.b122.20150602 Cross Site Scripting

ImPAX Agility Multiple Cross Site Scripting Vulnerabilities Tested versions: 1.1074.RC.b122.20150602 http://www.agfahealthcare.com/ Credits to: vesp3r / [email protected] About the Product ------------------ IMPAX Agility is designed to achieve clinical productivity and improve affordability. I...

ShopSystem SQL Injection vulnerability

No description provided by source. Exploit Title: ShopSystem SQL Injection vulnerability Date: 05.04.2010 Author: Valentin Category: webapps/0day :: General information :: ShopSystem SQL Injection vulnerability :: by Valentin Hoebel :: [email protected] :: Product information :: Name =...

Python CGIHTTPServer Encoded Path Traversal Vulnerability

The CGIHTTPServer Python module does not properly handle URL-encoded path separators in URLs. This may enable attackers to disclose a CGI script's source code or execute arbitrary CGI scripts in the server's document root. The CGIHTTPServer Python module does not properly handle URL-encoded path...

Wapkul Beta 3 SQL Injection Vulnerability

Exploit for php platform in category web applications / \ / | / \ /000000 | 00 | /000000 | 00 \00/ / \ / \ / \ 00 \ / / \ / \ 00 \00/ / \ / | 00 \ 000000 |/000000 |000000 |0000000 |000000 0000 | 000000 | 00 \ /000000 |/0000000/ 000000 | / 00 |00 | 00/ / 00 |00 | 00 |00 | 00 | 00 | / 00 | 000000...

Sony PC Companion 2.1 (DownloadURLToFile()) Stack-based BOF

The vulnerability is caused due to a boundary error in WebServices.dll when handling the value assigned to the 'bstrFile' item in the DownloadURLToFile function and can be exploited to cause a stack-based buffer overflow via an overly long string which may lead to execution of arbitrary code on t...

Hexamail Server 4.4.5 - Persistent Cross-Site Scripting

Title: Hexamail Server meal.txt XSS pop up alert'Hi, what is this?'; root@bt:/ Send email to the victim: root@bt:/ sendemail -f [email protected] -t [email protected] -xu [email protected] \ -xp bob123 -u "Want some meal..?" -o message-file=meal.txt -s mail.example.com Vendor time...

Matthew Tom-Wolverton SQL Injection

========================================================================= Matthew Tom-Wolverton Mtwstudios.com SQL-i Vulnerability ========================================================================== +=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+= +=+=+= +=+=+...

Membership Site Script - SQL Injection

:::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: General Information Advisory/Exploit Title = Membership Site Script SQL Injection Vulnerability Author = Valentin Hoebel Contact = [email protected] :::::::::::::::::::::::::::::::::::::: 0x2...

Lyrics Script SQL Injection and XSS Vulnerabilities

Exploit for php platform in category web applications =================================================== Lyrics Script SQL Injection and XSS Vulnerabilities =================================================== :::::::::::::::::::::::::::::::::::::: 0x1 :::::::::::::::::::::::::::::::::::::: Gener...