Lucene search
K

274572 matches found

GithubExploit
GithubExploit
added 2025/12/19 12:1 p.m.163 views

Exploit for Improper Access Control in Papercut Papercut_Mf

No d...

9.8CVSS7AI score0.99999EPSS
Exploits24
GithubExploit
GithubExploit
added 2025/12/19 11:40 a.m.169 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell: CVE-2025-55182 – Comprehensive Vulnerability Scan...

10CVSS7.3AI score0.99562EPSS
Exploits372
GithubExploit
GithubExploit
added 2025/12/19 11:19 a.m.550 views

Exploit for CVE-2025-68461

CVE-2025-68461 Roundcube Webmail before 1.5.12 and 1.6 befor...

7.2CVSS6.4AI score0.19769EPSS
Exploits1
GithubExploit
GithubExploit
added 2025/12/19 10:52 a.m.133 views

Exploit for Code Injection in Xwiki

CVE-2025-24893 Remote Code Execution exploit for XWikihttp...

9.8CVSS7.2AI score0.99898EPSS
Exploits50
GithubExploit
GithubExploit
added 2025/12/19 10:49 a.m.268 views

Exploit for CVE-2025-13486

CVE-2025-13486 exploit ACF Extended WordPress Plugin — Re...

9.8CVSS8AI score0.73557EPSS
Exploits10
GithubExploit
GithubExploit
added 2025/12/19 10:49 a.m.136 views

shopz---h4ck-this-website-

No d...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/19 10:17 a.m.137 views

Exploit for Deserialization of Untrusted Data in Facebook React

Next.js React2Shell CVE-2025-55182 Exploit Tool A proof-of-...

10CVSS8.1AI score0.99562EPSS
Exploits386
GithubExploit
GithubExploit
added 2025/12/19 10:1 a.m.207 views

Exploit for CVE-2025-68055

CVE-2025-68055 Authenticated SQL injection in Hydra Booking...

8.5CVSS8.1AI score0.00286EPSS
Exploits1
GithubExploit
GithubExploit
added 2025/12/19 8:22 a.m.133 views

public_cve_report

p...

7.1AI score
Exploits0
GithubExploit
GithubExploit
added 2025/12/19 7:26 a.m.147 views

Exploit for Improper Restriction of XML External Entity Reference in Apache Tika

CVE-2025-66516: Minimized Verification Environment This proje...

10CVSS7.3AI score0.79807EPSS
Exploits5
GithubExploit
GithubExploit
added 2025/12/19 4:1 a.m.174 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 POC This repository contains a proof of conce...

10CVSS7AI score0.99562EPSS
Exploits372
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.500 views

📄 Dahua TPC-AEBF5201 P2P Camera ToolsComplete Security Analysis Suite

This PHP proof-of-concept provides defensive tooling to analyze DH-P2P / Easy4IP behaviors observed during DFIR activities. It includes routines to decrypt Account1SecEData, derive device-specific cryptographic keys, and reproduce authentication code generation logic. The project is intended to...

6.8CVSS7.2AI score0.00275EPSS
Exploits1
Saint
Saint
added 2025/12/19 12:0 a.m.110 views

HPE OneView id-pools command execution

Added: 12/19/2025 Background HPE OneView is integrated IT infrastructure management software. Problem A vulnerability in the id-pools feature allow remote attackers to execute arbitrary commands by sending a PUT request to the executeCommand API endpoint. Resolution Apply the hotfix referenced in...

10CVSS5.9AI score0.89733EPSS
Exploits8
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.144 views

📄 LibreNMS 24.9.1 Code Injection

LibreNMS version 24.9.1 suffers from a remote command execution vulnerability. ============================================================================================================================================= | Title : LibreNMS 24.9.1 PHP Code Injection Vulnerability | | Author :...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.219 views

📄 WordPress ACF 0.9.1.1 Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Advanced Custom Fields: Extended ACF Extended WordPress plugin versions 0.9.0.5 through 0.9.1.1. The vulnerability exists in the prepareform function of the acfemoduleformfrontrender class, which accepts...

9.8CVSS8.6AI score0.73557EPSS
Exploits10
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.147 views

📄 Lepton CMS 7.4.0 Cross Site Scripting / Code Execution

Lepton CMS version 7.4.0 has a vulnerability which allows for a persistent cross site scripting payload to escalate into PHP execution through the droplet engine...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.175 views

📄 libtransmission 2.93 Integer Overflow

libtransmission versions 2.93 and below suffer from multiple integer overflows. A remote attacker could create a specially crafted .torrent file which may be small when compressed that exploits these overflows when a victim loads it via Transmission or its command-line interface transmission-cli...

9.8CVSS7AI score0.05827EPSS
Exploits6
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.135 views

📄 Institute Admission Software 2.5 Shell Upload

Institute Admission Software version 2.5 fails to properly validate and restrict uploaded files in the gallery upload functionality within the admin panel. =============================================================================================================================================...

7.1AI score
Exploits0
Saint
Saint
added 2025/12/19 12:0 a.m.152 views

HPE OneView id-pools command execution

Added: 12/19/2025 Background HPE OneView is integrated IT infrastructure management software. Problem A vulnerability in the id-pools feature allow remote attackers to execute arbitrary commands by sending a PUT request to the executeCommand API endpoint. Resolution Apply the hotfix referenced in...

10CVSS7.7AI score0.89733EPSS
Exploits8
Packet Storm
Packet Storm
added 2025/12/19 12:0 a.m.152 views

📄 Cisco ISE API 3.2 Command Injection

Proof of concept exploit for a command injection vulnerability in Cisco ISE API version 3.2. ============================================================================================================================================= | Title : Cisco ISE API 3.2 command injection Exploits | |...

10CVSS7.9AI score0.96732EPSS
Exploits10
Rows per page
Query Builder