Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433 분석 포트폴리오 Erlang/OTP SSH 사전인증 원격 코드 실행 취약점 분석...

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

CVE-2023-43208 — Mirth Connect Pre-Auth RCE Pre-authenticated...

EUVD-2022-1523

Malicious code in bioql PyPI...

EUVD-2021-8626

Malicious code in bioql PyPI...

CVE-2021-21243

OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, a Kubernetes REST endpoint exposes two methods that deserialize untrusted data from the request body. These endpoints do not enforce any authentication or authorization checks. This issue may lead to pre-auth RCE. This issue...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Ivanti Endpoint_Manager_Mobile

CVE-2025-4427 and CVE-2025-4428 Ivanti EPMM Chain Ivanti EPMM...

CVE-2024-47557

CVE-2024-47557 affects Xerox FreeFlow Core. The root cause is a path traversal flaw that enables pre-auth remote code execution . PT-2024-32656 corroborates a pre-auth RCE via path traversal but provides no specific affected versions or fix information. Exploitation details are not provided in th...

CVE-2024-47556

CVE-2024-47556 relates to Xerox FreeFlow Core and is described as a Pre-Auth RCE via Path Traversal. The provided documents indicate: affected product is Xerox FreeFlow Core (vague on specific versions) and the underlying issue is a path traversal condition enabling pre-auth remote code execution...

QNAP QTS and Photo Station Local File Inclusion

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'QNAP QTS and Photo Station Local File Inclusion', 'Description' = %q This module exploits a local file inclusion in QNAP QTS and Photo Station th...

Netgear R7000 Backup.cgi Heap Overflow Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Netgear R7000 backup.cgi Heap Overflow RCE', 'Description' = %q This module exploits a heap buffer overflow in the genie.cgi?backup.cgi page of...

Exploit for Code Injection in Apache Ofbiz

CVE-2023-49070 Pre-auth RCE in Apache Ofbiz!!...

CVE-2023-49070 Pre-auth RCE in Apache Ofbiz 18.12.09 due to XML-RPC still present

Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10...

CVE-2023-49070

CVE-2023-49070 is a pre-auth RCE in Apache OFBiz up to version 18.12.09, caused by an unused XML-RPC component that remains present. Affected product: Apache OFBiz before 18.12.10 (and related CVE-2023-51467 authentication-bypass vector). The severity is high (CVSS v3.1 base score 9.8) with netwo...

Exploit for CVE-2023-38646

CVE-2023-38646 Python script to exploit CVE-2023-38646 Metabas...

Exploit for CVE-2023-38646

Metabase Pre-Auth RCE CVE-2023-38646 POC This is a script w...

Exploit for CVE-2023-38646

CVE-2023-38646 The original script originates from securezer...

CVE-2023-38204 Bypass APSB23-41 (CVE-2023-38203) - Pre-Auth RCE ColdFusion 2021 Update 8

Adobe ColdFusion versions 2018u18 and earlier, 2021u8 and earlier and 2023u2 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction...

Exploit for CVE-2023-38646

CVE-2023-38646 - Metabase Pre-auth RCE !Untitled presentatio...

Exploit for CVE-2023-38646

For educational purposes only Inspired by Assetnote resea...

CVE-2023-38203 Analysis CVE-2023-29300 Bypass: Adobe ColdFusion Pre-Auth RCE

Adobe ColdFusion versions 2018u17 and earlier, 2021u7 and earlier and 2023u1 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction...