Lucene search
K

41 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-316 cobbler allows anyone to connect to cobbler XML-RPC server with known password and make changes

Summary utils.getsharedsecret always returns -1 - allows anyone to connect to cobbler XML-RPC as user '' password -1 and make any changes. Details utils.py getsharedsecret: def getsharedsecret - Unionstr, int: """ The 'web.ss' file is regenerated each time cobblerd restarts and is used to agree o...

9.8CVSS7.3AI score0.03948EPSS
Exploits6References7
GithubExploit
GithubExploit
added 2026/05/06 5:44 p.m.148 views

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

CVE-2026-0073 PoC Wireless ADB TLS Auth Bypass This directo...

8.8CVSS6AI score0.00541EPSS
Exploits12
GithubExploit
GithubExploit
added 2026/03/21 8:11 a.m.306 views

Exploit for CVE-2026-33017

CVE-2026-33017 — Langflow Unauthenticated RCE PoC !CVEhttp...

9.8CVSS7.8AI score0.9999EPSS
Exploits52
GithubExploit
GithubExploit
added 2026/03/08 4:59 p.m.209 views

Exploit for Code Injection in Craftcms Craft_Cms

CVE-Public - Vulnerability Proof-of-Concept Script Library...

10CVSS7.7AI score0.99803EPSS
Exploits16
GithubExploit
GithubExploit
added 2026/02/27 6:58 a.m.170 views

Exploit for CVE-2023-24012

DDS Security Test This is a ROS 2 DDS security testing enviro...

8.2CVSS5.8AI score0.00275EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/02/26 6:35 p.m.218 views

Exploit for Improper Verification of Cryptographic Signature in Pysaml2_Project Pysaml2

CVE-2021-21239 This is a poc script to explot the xmlsec vu...

6.5CVSS5.7AI score0.0118EPSS
Exploits3
Packet Storm
Packet Storm
added 2025/03/31 12:0 a.m.276 views

CodeCanyon Rise CRM 3.7.0 SQL Injection

CodeCanyon Rise CRM version 3.7.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass. PROOF OF CONCEPT CVE: CVE-2024-8945 Exploit Title: RISE Ultimate Project Manager 3.7 sql injection POC Google Dork: N/A Date: September 19, 2024 Exploit Author: Jobyer Ahmed...

5.3CVSS8.4AI score0.14545EPSS
Exploits3
GithubExploit
GithubExploit
added 2025/01/01 6:25 p.m.254 views

Exploit for CVE-2024-42327

Zabbix-CVE-2024-42327 RCE PoC...

9.9CVSS8.5AI score0.78831EPSS
Exploits13
GithubExploit
GithubExploit
added 2024/09/04 7:59 p.m.187 views

Exploit for Cross-Site Request Forgery (CSRF) in Concretecms Concrete_Cms

CVE-2017-5638 Apache Struts 2 RCE Proof of Concept This repos...

10CVSS9.8AI score0.99999EPSS
Exploits44
GithubExploit
GithubExploit
added 2024/08/02 8:17 p.m.273 views

Exploit for Command Injection in Nikhil-Bhalerao Poultry_Farm_Management_System

PoC exploit for CVE-2024-40110, an arbitrary file upload vulnera...

9.8CVSS7.3AI score0.01909EPSS
Exploits3
GithubExploit
GithubExploit
added 2024/05/18 2:42 a.m.434 views

Exploit for Unrestricted Upload of File with Dangerous Type in Git

Poc for CVE-2024-32002, the script made from the developer's t...

9CVSS8.2AI score0.25334EPSS
Exploits32
GithubExploit
GithubExploit
added 2024/05/02 6:31 p.m.353 views

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL...

9.8CVSS9.4AI score0.99999EPSS
Exploits76
GithubExploit
GithubExploit
added 2024/03/06 4:11 a.m.336 views

Exploit for Unrestricted Upload of File with Dangerous Type in F-Logic Datacube3

CVE-2024-25830 and CVE-2024-25832 - DataCube3 Improper Access...

9.8CVSS9.5AI score0.2403EPSS
Exploits6
GithubExploit
GithubExploit
added 2024/01/08 9:53 p.m.306 views

Exploit for Command Injection in Hytec Hwl-2511-Ss_Firmware

CVE-2022-36553 - Hytec Inter HWL-2511-SS Unauthenticated Remo...

9.8CVSS9.5AI score0.99999EPSS
Exploits76
GithubExploit
GithubExploit
added 2023/11/07 3:57 a.m.607 views

Exploit for CVE-2023-38646

Metabase Pre-Auth RCE POC - CVE-2023-38646 Metabase open sourc...

9.8CVSS10AI score0.97924EPSS
Exploits37
GithubExploit
GithubExploit
added 2023/06/08 6:18 p.m.519 views

Exploit for Cleartext Storage of Sensitive Information in Assmann Ht-Ip211Hdp_Firmware

CVE-2023-30146 - Assmann/HooToo Webcam Exploit - Sensitive Dat...

7.5CVSS7.6AI score0.0064EPSS
Exploits2
GithubExploit
GithubExploit
added 2022/12/22 9:35 a.m.380 views

Exploit for Deserialization of Untrusted Data in Microsoft

CVE-2022-41082-POC PoC for the CVE-2022-41082 NotProxyShell OW...

9.8CVSS8.7AI score0.9997EPSS
Exploits11
GithubExploit
GithubExploit
added 2022/11/22 2:9 p.m.152 views

Exploit for Path Traversal in Apache Http_Server

Apache HTTP-Server 2.4.49-2.4.50 Path Traversal & Remote Code...

9.8CVSS9.7AI score0.99992EPSS
Exploits175
Zero Science Lab
Zero Science Lab
added 2022/05/29 12:0 a.m.444 views

Schneider Electric C-Bus Automation Controller (5500SHAC) 1.10 Remote Root Exploit

Summary The C-Bus Network Automation Controller 5500NAC and the Wiser for C-Bus Automation Controller 5500SHAC is an advanced controller from Schneider Electric. It is specifically designed to unite the C-Bus home automation solution with common household communication protocols, from lighting an...

6.3AI score
Exploits0
Gitee
Gitee
added 2020/09/23 7:34 p.m.9 views

Exploit for CVE-2020-1938

It is an exploit module for CVE-2020-1938, a Tomcat AJP LFI vulnerability. The target product/service is Apache Tomcat, and the vulnerability class/vector is Local File Inclusion LFI. The probable entry point is the poc.py script, which is typically invoked by running it with Python 2.7, specifyi...

9.8CVSS7.3AI score0.9927EPSS
Exploits45
Rows per page
Query Builder