MAL-2026-5120 Malicious code in redteam-qxz7-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 855b67c0cf1aaed6f5e0ce3a67478a20cd4244c56424002feeeb0dea1a875848 During installation, the package exfiltrates cloud tokens from the environment. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

Malicious code in redteam-qxz7-utils (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 855b67c0cf1aaed6f5e0ce3a67478a20cd4244c56424002feeeb0dea1a875848 During installation, the package exfiltrates cloud tokens from the environment. --- Category: MALICIOUS - The campaign has clearly malicious intent, like...

CVE-2026-45616

creationtimestamp| type| source ---|---|--- 2026-05-13 14:00:05+00:00| seen| https://t.me/GithubRedTeam/84084 2026-05-13 21:00:04+00:00| published-proof-of-concept| Telegram/O41s4ZacceniC-zmRdA20LKtlUfLN8dJaI2Rmc1hsAXigiA...

Malicious code in cicd-ppe-redteam-test02 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 14adb6733ca8f958770b9766a7f255fbd8562886dce3b42cee772eac50e52d0f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-1064 Malicious code in cicd-ppe-redteam-test02 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 14adb6733ca8f958770b9766a7f255fbd8562886dce3b42cee772eac50e52d0f Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-1063 Malicious code in cicd-ppe-redteam-test01 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5ff0b643e9e96817244b6499fdbcfd26b6c26cf366980909a6461e4c15b389fd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

Malicious code in cicd-ppe-redteam-test01 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5ff0b643e9e96817244b6499fdbcfd26b6c26cf366980909a6461e4c15b389fd Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

CVE-2025-43960

creationtimestamp| type| source ---|---|--- 2025-08-23 15:08:15+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/48792...

Exploit for Deserialization of Untrusted Data in Microsoft

🔐 Bluefire Redteam – SharePoint CVE-2025-53770 Detection & Rem...

Shopware Vulnerable to Blind SQL-injection in DAL aggregations

Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this...

GHSA-8G35-7RMW-7F59 Shopware Vulnerable to Blind SQL-injection in DAL aggregations

Impact The Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the “aggregations” object. The ‘name’ field in this...

CVE-2024-2026

creationtimestamp| type| source ---|---|--- 2024-07-19 09:15:30+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8024...

Exploit for Incorrect Authorization in Pydio Cells

PoC for CVE-2023-32749 This is a quick and dirty PoC I wrote...

CVE-2023-54436

creationtimestamp| type| source ---|---|--- 2023-11-17 03:01:24+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5843...

Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware

CVE-2023-20198 CVE-2023-20198 Checkscript based on: - Technica...

CVE-2023-4281

creationtimestamp| type| source ---|---|--- 2023-09-24 12:27:29+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5198 2023-09-24 13:31:46+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5199...

CVE-2023-33243

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become be...

Design/Logic Flaw

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become be...

CVE-2023-33243

RedTeam Pentesting discovered that the web interface of STARFACE as well as its REST API allows authentication using the SHA512 hash of the password instead of the cleartext password. While storing password hashes instead of cleartext passwords in an application's database generally has become be...

STARFACE 7.3.0.10 - Authentication with Password Hash Possible

Exploit Title: STARFACE 7.3.0.10 - Authentication with Password Hash Possible Affected Versions: 7.3.0.10 and earlier versions Fixed Versions: - Vulnerability Type: Broken Authentication Security Risk: low Vendor URL: https://www.starface.de Vendor Status: notified Advisory URL:...