1826 matches found
CVE-2025-50286
A Remote Code Execution RCE vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access...
CVE-2025-50286
A Remote Code Execution RCE vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access...
CVE-2025-23317
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information...
CVE-2025-23317
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information...
CVE-2025-23317
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information...
CVE-2025-23317
NVIDIA Triton Inference Server contains a vulnerability in the HTTP server, where an attacker could start a reverse shell by sending a specially crafted HTTP request. A successful exploit of this vulnerability might lead to remote code execution, denial of service, data tampering, or information...
CVE-2025-50286
A Remote Code Execution RCE vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access...
CVE-2025-50286
A Remote Code Execution RCE vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access...
CVE-2025-50286
A Remote Code Execution RCE vulnerability in Grav CMS v1.7.48 allows an authenticated admin to upload a malicious plugin via the /admin/tools/direct-install interface. Once uploaded, the plugin is automatically extracted and loaded, allowing arbitrary PHP code execution and reverse shell access...
Exploit for Improper Access Control in Webmin
Webmin-CVE-2022-0824-Enhanced-Exploit !IMPORTANT Enhan...
Exploit for Code Injection in Xwiki
XWiki CVE-2025-24893 Proof of Concept Authors: Net.Doge...
Exploit for Code Injection in Xwiki
CVE-2025-24893 - XWiki Platform Remote Code Execution A Pytho...
Malicious code in web3dummycti (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9a702a53b1f08d4ee8e06e9dc19f6c942ee7bd755274f898a2ff737796557316 If the method from the module is called, it attempts to download a malicious code identified as msf payload and save it locally. In the analysed version, the...
MAL-2025-191928 Malicious code in web3dummycti (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 9a702a53b1f08d4ee8e06e9dc19f6c942ee7bd755274f898a2ff737796557316 If the method from the module is called, it attempts to download a malicious code identified as msf payload and save it locally. In the analysed version, the...
Exploit for Code Injection in Ispconfig
CVE-2023-46818 PoC This is a python implemntation of the PoC p...
Exploit for Insufficiently Protected Credentials in Rpc.Py_Project Rpc.Py
rpc.py RCE Exploit CVE-2022-35411 This is an updated and im...
PT-2025-30952 · Unknown · Apache Airflow +1
Name of the Vulnerable Software and Affected Versions: dag-factory versions 0.23.0a8 and below Description: dag-factory is a library for Apache Airflow® used to construct DAGs declaratively via configuration files. A high-severity issue exists in the cicd.yml workflow within the...
📄 Wifi Mouse 1.9.0.8 Remote Code Execution
WiFi Mouse Server version 1.9.0.8 allows unauthenticated remote code execution by simulating keyboard input over TCP port 1978. This exploit connects to the server and simulates a keystroke to delivery a reverse shell. Exploit Title: Wifi Mouse version 1.9.0.8 - Remote Code Execution Date:...
MAL-2025-191683 Malicious code in aphorism-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 95f15b2b497431703ff51667a4055e8172f9202aeeea0f725b0b0550812f3299 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...
Malicious code in aphorism-lib (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 95f15b2b497431703ff51667a4055e8172f9202aeeea0f725b0b0550812f3299 Importing the module starts a telegram bot that connects to a chat and executes provided commands --- Category: MALICIOUS - The campaign has clearly malicious...