CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1327 matches found

GithubExploit•added 2023/08/01 11:40 a.m.•375 views

Exploit for Cross-site Scripting in Ninjaforms Ninja_Forms

CVE-2023-37979 Exploit !Python Versionhttps://img.shields...

7.1CVSS6.4AI score0.0601EPSS

Exploits6

Exploit DB•added 2023/07/31 12:0 a.m.•283 views

Uvdesk v1.1.3 - File Upload Remote Code Execution (RCE) (Authenticated)

Exploit Title: Uvdesk v1.1.3 - File Upload Remote Code Execution RCE Authenticated Date: 28/07/2023 Exploit Author: Daniel Barros @cupc4k3d - Hakai Offensive Security Vendor Homepage: https://www.uvdesk.com Software Link: https://github.com/uvdesk/community-skeleton Version: 1.1.3 Example: python...

7.8CVSS7.8AI score0.01091EPSS

Exploits4

Kitploit•added 2023/07/19 12:30 p.m.•117 views

Network_Assessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the network you monitor. This Python script analyzes network traffic in a given .pcap file and attempts to detect the following suspicious network activities and attack...

7.1AI score

Exploits0References2

0day.today•added 2023/07/19 12:0 a.m.•298 views

Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution Exploit

Exploit Title: Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution Exploit Author: Thurein Soe CVE : CVE-2022-28171 Vendor Homepage: https://www.hikvision.com Software Link: N/A Refence Link: https://cve.report/CVE-2022-28171 Version: Filmora 12: Ds-a71024 Firmware, Ds-a71024...

9.8CVSS9.7AI score0.49858EPSS

Exploits6

GithubExploit•added 2023/07/18 4:9 p.m.•519 views

Exploit for Double Free in Xhttp_Project Xhttp

CVE-2023-38434 xHTTP commit 72f812d and below suffers from a...

7.5CVSS7.7AI score0.009EPSS

Exploits2

Exploit DB•added 2023/07/15 12:0 a.m.•345 views

Icinga Web 2.10 - Authenticated Remote Code Execution

!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Authenticated Remote Code Execution Date: 8/07/2023 Exploit Author: Dante CoronaAka. cxdxnt Software Link: https://github.com/Icinga/icingaweb2 Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version:...

8.8CVSS8.7AI score0.1467EPSS

Exploits5

GithubExploit•added 2023/07/12 1:1 p.m.•656 views

Exploit for Improper Access Control in Citrix Sharefile_Storage_Zones_Controller

ShareFile RCE CVE-2023-24489 This is a Python script that e...

9.8CVSS10AI score0.95076EPSS

Exploits2

GithubExploit•added 2023/07/07 7:48 a.m.•377 views

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315-POC CVE-2023-32315-Openfire-Bypass-Py O...

8.6CVSS7.4AI score0.99998EPSS

Exploits15

The Hacker News•added 2023/07/05 9:0 a.m.•46 views

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. "A npm package's manifest is...

9.8CVSS6.8AI score0.85689EPSS

Exploits10

GithubExploit•added 2023/06/27 8:29 a.m.•475 views

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889 Text4Shell Testing Script This repository co...

9.8CVSS9.1AI score0.99931EPSS

Exploits41

Huntr•added 2023/06/25 9:28 p.m.•8 views

Dos via Document Comments

Description An attacker can abuse the document comment functionality, handled by the /api/comments.create API endpoint, since there is not size check or validation of the comment contents, which allows an attacker to send a comment with almost an unlimited number of characters1MB max POST size...

6.7AI score

Exploits0

GithubExploit•added 2023/06/19 11:56 p.m.•311 views

Exploit for Special Element Injection in Rocket.Chat

CVE-2021-22911 If you have already registered...

9.8CVSS9.5AI score0.95242EPSS

Exploits16

GithubExploit•added 2023/06/17 6:57 a.m.•740 views

Exploit for Buffer Underflow in Fortinet Fortiweb

CVE-2023-25610 Insufficient heap memory in the FortiOS manage...

9.8CVSS7.8AI score0.99474EPSS

Exploits11

0day.today•added 2023/06/08 12:0 a.m.•318 views

Microsoft Windows PowerShell Remote Command Execution Exploit

This python script mints a .ps1 file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. This is an updated exploit to work with Python3. from base64 import b64encode import argparse,sys,os PSTrojanFile.py By hyp3rlinx c 2023 ApparitionSec...

7.4AI score

Exploits0

Kitploit•added 2023/06/07 12:30 p.m.•27 views

LinkedInDumper - Tool To Dump Company Employees From LinkedIn API

Python 3 script to dump company employees from LinkedIn API Description LinkedInDumper is a Python 3 script that dumps employee data from the LinkedIn social networking platform. The results contain firstname, lastname, position title, location and a user's profile link. Only 2 API calls are...

6.9AI score

Exploits0References1

GithubExploit•added 2023/06/03 12:36 p.m.•582 views

Exploit for Double Free in Openbsd Openssh

CVE-2023-25136 POC POC For A Pre Auth Double Free Vulnerability...

6.5CVSS6.9AI score0.89955EPSS

Exploits10

GithubExploit•added 2023/05/12 1:20 a.m.•394 views

Exploit for Command Injection in Deltaww Dx-3021L9_Firmware

CVE-2022-46169 Pseudo Shell Description This Python script...

9.8CVSS9.9AI score0.99826EPSS

Exploits48