Remote Sunrise Helper for Windows 2026.14 - Remote Code Execution

Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated Remote Code Execution Date: 2026-04-20 Exploit Author: Chokri Hammedi Software: https://rs.ltd/latest.php?os=win Vendor: https://rs.ltd/ Version: 2026.14 Tested on: Windows 10 / Windows 11 !/usr/bin/env python3 import...

CVE-2026-7073 itsourcecode Construction Management System execute.php sql injection

A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

📄 Remote Sunrise Helper for Windows 2026.14 UAC Bypass

Remote Sunrise Helper for Windows version 2026.14 suffers from an unauthenticated UAC bypass vulnerability that enables remote code execution via /api/executeScript. !/usr/bin/env python3 Exploit Title: Remote Sunrise Helper for Windows 2026.14 - Unauthenticated UAC Bypass Elevated CMD Date:...

PT-2026-33081

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate...

CVE-2025-27380 HTML Injection Leading to Script Execution in Altium Enterprise Server

HTML injection in Project Release in Altium Enterprise Server AES 7.0.3 on all platforms allows an authenticated attacker to execute arbitrary JavaScript in the victim’s browser via crafted HTML content...

Malicious code in telebot-bot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 ae13454f920b5cce1011546e4802ed263ce8218d4b484ef8471142abb42c3f3e The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

EUVD-2020-24827

Malware in sbrugna...

EUVD-2003-0717

Malware in sbrugna...

EUVD-2002-0316

Malware in sbrugna...

EUVD-2002-0327

Malware in sbrugna...

EUVD-2002-1708

Malware in sbrugna...

EUVD-2021-7049

Malicious code in bioql PyPI...

EUVD-2022-25896

Malicious code in bioql PyPI...

Roo Code 操作系统命令注入漏洞

Roo Code is an AI-based autonomous coding agent from Roo Code. An operating system command injection vulnerability exists in Roo Code 3.25.23 and earlier versions, which stems from the npm install auto-execute script and could lead to arbitrary code execution...

CVE-2025-5680

A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected by this vulnerability is the function executeScript of the file /src/main/java/com/dstz/sys/rest/controller/SysScriptController.java of the component Groovy Script...

📄 Remote for Mac 2025.6 Remote Code Execution

Remote for Mac version 2025.6 suffers from an unauthenticated remote code execution vulnerability. Exploit Title: Remote for Mac 2025.6 - Unauthenticated RCE Date: 2025-05-26 Exploit Author: Chokri Hammedi Vendor Homepage: https://cherpake.com/ Software Link: https://cherpake.com/latest.php?os=ma...

CVE-2022-34486

Path traversal vulnerability in PukiWiki versions 1.4.5 to 1.5.3 allows a remote authenticated attacker with an administrative privilege to execute a malicious script via unspecified vectors...

CVE-2025-20116

A vulnerability in the web UI of Cisco APIC could allow an authenticated, remote attacker to perform a stored XSS attack on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper input validation in the web...

Moderate: Red Hat Security Advisory: libreoffice security update

An update for libreoffice is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

CVE-2023-20248

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite TMS Software could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient input validation by the...