Lucene search
+L

466 matches found

OSV
OSV
added 2026/01/29 9:53 p.m.9 views

CVE-2026-25117 pwn.college DOJO vulnerable to sandbox escape leading to arbitrary javascript execution

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit e33da14449a5abcff507e554f66e2141d6683b0a, missing sandboxing on /workspace/ routes allows challenge authors to inject arbitrary javascript which runs on the same origin as http://dojo.website. This is a sandbox...

8.3CVSS6.1AI score0.00559EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/01/29 12:0 a.m.8 views

DOJO Cross-Site Scripting Vulnerabilities

DOJO is a JavaScript toolkit open source by pwn.college. pwn.college’s DOJO has a cross-site scripting vulnerability; this vulnerability stems from the lack of sandbox isolation, which may lead to sandbox escape and arbitrary JavaScript execution...

8.3CVSS5.8AI score0.00559EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2025/10/26 12:25 p.m.211 views

Exploit for CVE-2025-62376

Improper Authentication in pwn.college DOJO Education Platform...

9.5CVSS6.7AI score0.00566EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/10/16 9:51 a.m.241 views

Exploit for CVE-2025-62376

CVE-2025-62376: Local Privilege Escalation Exploit for Sudo...

9.5CVSS6.8AI score0.00566EPSS
Exploits2
Cvelist
Cvelist
added 2025/10/14 9:58 p.m.48 views

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS0.00566EPSS
Exploits2References2
CVE
CVE
added 2025/10/14 9:58 p.m.24 views

CVE-2025-62376

The CVE-2025-62376 issue affects the pwn.college DOJO platform’s /workspace endpoint. The view_desktop flow retrieves the user via a URL parameter without confirming administrative privileges, enabling an attacker to specify any user ID and an arbitrary password to impersonate that user. When req...

9.5CVSS6.6AI score0.00566EPSS
Exploits2References2
OSV
OSV
added 2025/10/14 9:58 p.m.20 views

CVE-2025-62376 pwn.college DOJO vulnerable to improper authentication in workspace endpoint allowing unauthorized Windows VM access

pwn.college DOJO is an education platform for learning cybersecurity. Prior to commit 467db0b9ea0d9a929dc89b41f6eb59f7cfc68bef, the /workspace endpoint contains an improper authentication vulnerability that allows an attacker to access any active Windows VM without proper authorization. The...

9.5CVSS6.9AI score0.00566EPSS
Exploits2References4
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.7 views

DOJO 授权问题漏洞

DOJO is an open source JavaScript toolkit from pwn.college. DOJO suffers from an authorization issue vulnerability that stems from improper authentication of the /workspace endpoint, which could lead to unauthorized access to a Windows virtual machine...

9.5CVSS6.5AI score0.00566EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2006-3555

Malware in sbrugna...

7.5CVSS6.4AI score0.01267EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-0702

Malware in sbrugna...

4.3CVSS6.2AI score0.01082EPSS
Exploits1References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-6082

Malware in sbrugna...

4.3CVSS6.4AI score0.01357EPSS
Exploits0References9
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-2286

Malware in sbrugna...

10CVSS9AI score0.03153EPSS
Exploits0References14
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2010-2284

Malware in sbrugna...

10CVSS6.2AI score0.01323EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-1205

Malware in sbrugna...

4.3CVSS6.1AI score0.02224EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8744

Malware in sbrugna...

4.3CVSS9.2AI score0.0206EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2007-2371

Malware in sbrugna...

5CVSS6.4AI score0.01557EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-0349

Malware in sbrugna...

7.7CVSS6.3AI score0.0399EPSS
Exploits1References18
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-0543

Malware in sbrugna...

9.8CVSS9.2AI score0.02611EPSS
Exploits2References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-4566

Malware in sbrugna...

5CVSS6.4AI score0.01229EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2012-2175

Malware in sbrugna...

5CVSS6.4AI score0.02802EPSS
Exploits0References4
Rows per page
Query Builder