Lucene search
K

139 matches found

Nuclei
Nuclei
added 12 hours ago173 views

Hoverfly < 1.10.3 - Arbitrary File Read

Hoverfly is a lightweight service virtualization/ API simulation / API mocking tool for developers and testers. The /api/v2/simulation POST handler allows users to create new simulation views from the contents of a user-specified file. This feature can be abused by an attacker to read arbitrary...

7.5CVSS6.2AI score0.55864EPSS
Exploits3References2
GithubExploit
GithubExploit
added 2026/05/27 10:54 p.m.110 views

Exploit for Improper Input Validation in Hoverfly

CVE-2025-54123 — Hoverfly Middleware API Remote Code Execution...

9.8CVSS6.1AI score0.10543EPSS
Exploits7
Packet Storm
Packet Storm
added 2026/04/23 12:0 a.m.88 views

📄 Hoverfly 1.11.3 Remote Command Execution

This Python script is an exploitation tool targeting a vulnerable Hoverfly API endpoint, specifically the /api/v2/hoverfly/middleware functionality, which allows execution of user-supplied input through a backend binary...

5.9AI score
Exploits0
GithubExploit
GithubExploit
added 2026/04/16 4:40 p.m.311 views

ffensive-playbook

HackTheBox — Writeups Collection A collection of HackTheBox m...

9.9CVSS6.4AI score0.75197EPSS
Exploits29
GithubExploit
GithubExploit
added 2026/04/16 4:40 p.m.337 views

ofensive-playbook

HackTheBox — Writeups Collection A collection of HackTheBox m...

9.9CVSS7.2AI score0.75197EPSS
Exploits29
GithubExploit
GithubExploit
added 2026/03/31 7:35 a.m.138 views

Exploit for OS Command Injection in Hoverfly

CVE-2025-54123 Hoverfly CVE RCE Usage bash python3 CVE...

9.8CVSS5.9AI score0.10543EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/03/30 10:58 p.m.204 views

Exploit for OS Command Injection in Hoverfly

CVE-2025-54123 - Hoverfly Command Injection RCE PoC CVE-2...

9.8CVSS6.4AI score0.10543EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/03/28 11:15 p.m.376 views

Exploit for OS Command Injection in Hoverfly

CVE-2025-54123 A PoC demonstrating a RCE in Hoverfly version...

9.8CVSS5.8AI score0.10543EPSS
Exploits7
GithubExploit
GithubExploit
added 2026/03/28 9:49 p.m.321 views

Exploit for OS Command Injection in Hoverfly

CVE-2025-54123 Exploit Hoverfly Authenticated Middleware Comm...

9.8CVSS6.2AI score0.10543EPSS
Exploits7
Nuclei
Nuclei
added 2026/02/04 7:0 a.m.34 views

Hoverfly <= 1.11.3 - Remote Code Execution

Hoverfly versions 1.11.3 and below are vulnerable to remote code execution RCE via command injection in the middleware API endpoint /api/v2/hoverfly/middleware. Insufficient validation of the 'binary' and 'script' parameters allows an unauthenticated attacker to execute arbitrary commands on the...

9.8CVSS9AI score0.10543EPSS
Exploits7References2
OSV
OSV
added 2025/11/12 3:4 a.m.6 views

MAL-2025-138916 Malicious code in original-lavender-hoverfly (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1a7cff724291031461ab159ba45bb2ac32653ad7f88919277281836ad9fda92a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score
Exploits0
EUVD
EUVD
added 2025/11/12 3:4 a.m.3 views

EUVD-2025-117307

Malicious code in inc-tomato-hoverfly npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 3:4 a.m.3 views

EUVD-2025-117315

Malicious code in icy-lavender-hoverfly npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/12 3:4 a.m.6 views

EUVD-2025-117186

Malicious code in original-lavender-hoverfly npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:46 p.m.6 views

EUVD-2025-101182

Malicious code in usualhoverflyz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:46 p.m.6 views

EUVD-2025-101875

Malicious code in thickhoverflyz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:11 p.m.5 views

EUVD-2025-94883

Malicious code in supposedhoverflyz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:11 p.m.6 views

EUVD-2025-95859

Malicious code in parallelhoverflyz3n npm...

6.6AI score
Exploits0
EUVD
EUVD
added 2025/11/11 8:11 p.m.6 views

EUVD-2025-94813

Malicious code in sympathetichoverflyz3n npm...

6.6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/11 8:11 p.m.8 views

Malicious code in silent_hoverfly_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1f55ea8cd9ca4e9970ad081e83e278111f7e329c3756fa66e1915737232829c4 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score
Exploits0
Rows per page
Query Builder