MAL-2025-191730 Malicious code in flask-auth-sys (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a241889bfae20aee5395660063d13f337aa9733c14b02bf2edb004d6d36e1d41 On importing the module, the code attempts to span a reverse shell. In the current version, the remote domain does not exist --- Category: MALICIOUS - The...

Exploit for CVE-2025-1974

CVE-2025-1974: Kubernetes Ingress Nginx Controller 취약점 분석 및 Po...

Exploit for Out-of-bounds Write in Gibbonedu Gibbon

CVE-2023-45878 GibbonEdu Arbitrary File Write to Web Shell...

Exploit for Out-of-bounds Write in Gibbonedu Gibbon

CVE-2023-45878 to RCE !cve-2023-45878torcehttps://github...

Exploit for CVE-2025-1974

PoC exploit for CVE-2025-1974, an Ingress RCE vulnerability. The...

Malicious npm Package Modifies Local 'ethers' Library to Launch Reverse Shell Attacks

Cybersecurity researchers have discovered two malicious packages on the npm registry that are designed to infect another locally installed package, underscoring the continued evolution of software supply chain attacks targeting the open-source ecosystem. The packages in question are...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

It is an offensive tool for web application exploitation. The re...

MAL-2025-191818 Malicious code in prmduc193 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 766c3df26ad3e62a1923e1c6879348aba96deafb8bf62a1555c589b57cd91fc0 Importing the package starts a revshell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-03-prmduc193...

Malicious code in prmduc193 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 766c3df26ad3e62a1923e1c6879348aba96deafb8bf62a1555c589b57cd91fc0 Importing the package starts a revshell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-03-prmduc193...

Exploit for Out-of-bounds Write in Gibbonedu Gibbon

CVE-2023-45878-POC CVE-2023-45878 poc for gibbon LMS on xampp...

CVE-2024-8156

A command injection vulnerability exists in the workflow-checker.yml workflow of significant-gravitas/autogpt. The untrusted user input github.head.ref is used insecurely, allowing an attacker to inject arbitrary commands. This vulnerability affects versions up to and including the latest version...

CVE-2024-8156

CVE-2024-8156 describes a command injection in the workflow-checker.yml of significant-gravitas/autogpt. The vulnerability arises from insecure use of untrusted input github.head.ref, allowing an attacker to inject arbitrary commands. Affected: significant-gravitas/autogpt, all versions up to the...

CVE-2024-8156 Command Injection in significant-gravitas/autogpt

A command injection vulnerability exists in the workflow-checker.yml workflow of significant-gravitas/autogpt. The untrusted user input github.head.ref is used insecurely, allowing an attacker to inject arbitrary commands. This vulnerability affects versions up to and including the latest version...

Exploit for OS Command Injection in Magnussolution Magnusbilling

Magnus Billing System v7 Exploit This Python script automates...

WinTr Scada 5.5.9 Command Injection

WinTr Scada version 5.5.9 suffers from a command injection vulnerability. Exploit Title: WinTr Scada v5.5.9 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Discovered Date: 17.04.2024 Vendor Homepage: http://www.wintr.com.tr Software Link:...

Sam Spade 1.14 SEH Overflow / DLL Injection

Sam Spade version 1.14 SEH overflow exploit that leverages DLL injection. Exploit Title: Sam Spade 1.14 - SEH Overflow via Arbitrary DLL Injection Date: 14.03.2024 Software Link: https://www.majorgeeks.com/files/details/samspade.html Exploit Author: Ahmet Ümit BAYRAM Tested Version: 1.14 Tested o...

ZesleCP 3.1.20 Privilege Escalation

ZesleCP version 3.1.20 remote privilege escalation exploit that leverages cron to achieve root level privileges. Exploit Title: ZesleCP v3.1.20 - Privilege Escalation Exploit Author: Ahmet Ümit BAYRAM Date: 09.11.2024 Vendor Homepage: https://zeslecp.com Tested on: Ubuntu 20.04 Privilege Escalati...

XMedia Recode 3.5.8.4 Command Injection

XMedia Recode version 3.5.8.4 suffers from a command injection vulnerability. Exploit Title: XMedia Recode v3.5.8.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Discovered Date: 16.09.2023 Vendor Homepage: https://www.xmedia-recode.de Software Link: https://www.xmedia-recode.de/downloa...

TextPad 9.3.0 Command Injection

TextPad version 9.3.0 suffers from a remote command injection vulnerability when it opens a batch file. Exploit Title: TextPad v9.3.0 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Discovered Date: 17.09.2023 Vendor Homepage: https://www.textpad.com Software Link:...

Webmin 2.202 Remote Command Execution

Webmin version 2.202 remote command execution exploit that provides a reverse shell. ============================================================================================================================================= | Title : Webmin 2.202 Reverse Shell attack | | Author : indoushka | |...