Lucene search
K

6 matches found

GithubExploit
GithubExploit
•added 2025/07/29 2:24 p.m.•380 views

Exploit for Deserialization of Untrusted Data in Microsoft

OurSharePoint - CVE-2025-53770 PoC This is a simple C tool...

9.8CVSS9.8AI score0.99982EPSS
Exploits41
GithubExploit
GithubExploit
•added 2025/07/24 5:59 p.m.•356 views

Exploit for Deserialization of Untrusted Data in Microsoft

OurSharePoint - CVE-2025-53770 PoC This is a simple C tool...

9.8CVSS9.1AI score0.99982EPSS
Exploits41
The Hacker News
The Hacker News
•added 2023/06/16 1:54 p.m.•92 views

ChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnC

The threat actor known as ChamelGang has been observed using a previously undocumented implant to backdoor Linux systems, marking a new expansion of the threat actor's capabilities. The malware, dubbed ChamelDoH by Stairwell, is a C++-based tool for communicating via DNS-over-HTTPS DoH tunneling...

7AI score
Exploits0
The Hacker News
The Hacker News
•added 2023/01/12 2:46 p.m.•40 views

IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours

A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. "Throughout the attack, the attacker followed a...

2.3AI score
Exploits0
Hacker One
Hacker One
•added 2017/04/20 3:43 p.m.•207 views

Pornhub: Mixed Reflected-Stored XSS on pornhub.com (without user interaction) in the playlist playing section

The researcher discovered a temporarily cached stored XSS using the playlist function of the website. I discovered a Reflected XSS under the PornHub playlists and reported it. Some time after, I noticed, that Reflected XSS using the pkey parameter of the playlist, e.g...

6AI score
Exploits0
Hacker One
Hacker One
•added 2017/01/31 6:45 p.m.•80 views

Grab: Two-factor authentication bypass on Grab Android App

Description I found the endpoint using android app https://p.grabtaxi.com/api/passenger/v2/profiles/edit which allow me to bypass 2FA sms code due to lack of rate limiting\code expiration after unsuccessful attempts. The root cause of the problem it that facts: no rate limiting+ no code expiratio...

7.4AI score
Exploits0
Rows per page
Query Builder