38 matches found
Server-Side Request Forgery (SSRF)
PowerJob is vulnerable to Server-Side Request Forgery SSRF. The vulnerability is due to insufficient validation of the targetIp and targetPort parameters in the checkConnectivity function of PingPongUtils, allowing attackers to trigger server-side network requests to arbitrary destinations...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the checkConnectivity function in the Network Request Handler component when processing the targetIp or targetPort arguments. An attacker can access internal resources or perform unauthorized network...
CVE-2025-14518
A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to...
CVE-2025-14518 PowerJob Network Request PingPongUtils.java checkConnectivity server-side request forgery
A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to...
CVE-2025-14518
PowerJob
PowerJob 安全漏洞
PowerJob is an open source distributed computing and job scheduling framework from PowerJob Open Source that allows developers to easily schedule tasks in their applications. A security vulnerability exists in PowerJob 5.1.2 and earlier versions, which originates in the function in the file...
[SECURITY] Fedora 41 Update: turbo-attack-0.1.0-3.fc41
A turbo traffic generator pentesting tool to generate random traffic with random mac and ip addresses in addition to random sequence numbers to a particular ip and port...
DEBIAN-CVE-2022-50129
In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Fix a use-after-free Change the LIO port members inside struct srptport from regular members into pointers. Allocate the LIO port data structures from inside srptmaketport and free these from inside srptmaketport. Keep...
📄 RemotePC Remote Code Execution
RemotePC suffers from an unauthenticated remote code execution vulnerability. The release for this on github offers no version information. Exploit Title: RemotePC - Unauthenticated RCE Date: 2025-04-14 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://github.com/akoc95/RemotePC Version: latest...
SMB Group Policy Preference Saved Passwords Enumeration
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SMB Group Policy Preference Saved Passwords Enumeration', 'Description' = %Q This module enumerates files from target domain controllers and...
Mirage firewall for QubesOS 0.8.0-0.8.3 Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Mirage firewall for QubesOS 0.8.0-0.8.3 Denial of Service DoS Exploit', 'Description' = %q This module allows remote attackers to cause a denial ...
Exploit for Incorrect Authorization in Apache Ofbiz
CVE-2024-38856 For Ethical Usage only, Any harmful or malicio...
Exploit for Improper Access Control in Apache Hugegraph
CVE-2024-27348 For Ethical Usages only, Any harmful or malic...
Viessmann Vitogate 300 2.1.3.0 - Remote Code Execution (RCE)
Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...
Exploit for Code Injection in Realtimelogic Fuguhub
Description This script is a Proof of Concept PoC exploit I...
WebHMI 4.1.1 Remote Code Execution Exploit
Exploit Title: WebHMI 4.1.1 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Cuomo arkantolo Vendor Homepage: https://webhmi.com.ua/en/ Version: WebHMI 4.1.1.7662 Tested on: WebHMI-4.1.1.7662 !/usr/bin/python import sys import re import argparse import requests import time import...
VMware vCenter Server Remote Code Execution Vulnerability
VMware vCenterServer provides a scalable, extensible platform for centrally managing VMware vSphere environments with optimized resource allocation and plug-in extensions. The VMware vCenter Server remote code execution vulnerability can be exploited by an attacker to send a malicious construct...
ChurchRota 2.6.4 - RCE (Authenticated)
Exploit Title: ChurchRota 2.6.4 - RCE Authenticated Date: 1/19/2021 Exploit Author: Rob McCarthy @slixperi Vendor Homepage: https://github.com/Little-Ben/ChurchRota Software Link: https://github.com/Little-Ben/ChurchRota Version: 2.6.4 Tested on: Ubuntu import requests from pwn import listen...
Oracle GoldenGate 12.1.2.0.0 - Unauthenticated Remote Code Execution Exploit
Exploit for multiple platform in category remote exploits !/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with:...
Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution
Oracle GoldenGate 12.1.2.0.0 - Remote Code Execution !/usr/bin/env python Sources: https://silentsignal.hu/docs/S2OracleGoldenGateGOLDENSHOWER.py https://blog.silentsignal.eu/2017/05/08/fools-of-golden-gate/ GOLDENSHOWER - Oracle GoldenGate unauthenticated RCE by Silent Signal Tested with: Versio...