Lucene search
K

61 matches found

Gitee
Gitee
added 2025/09/13 5:45 p.m.145 views

JNDIExploit

This is a Java-based exploit tool for JNDI Java Naming and Directory Interface injection vulnerabilities. The tool is designed to inject a payload into the JNDI repository, allowing an attacker to execute arbitrary code on the target system. The tool is based on the Rogue JNDI project and support...

8.7AI score
Exploits0
Gitee
Gitee
added 2025/09/06 4:33 a.m.97 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

SMBGhost Simple scanner for CVE-2020-0796 - SMBv3 RCE. The scanner is for meant only for testing whether a server is vulnerable. It is not meant for research or development, hence the fixed payload. It checks for SMB dialect 3.1.1 and compression capability through a negotiate request. A network...

10CVSS9AI score0.9981EPSS
Exploits125
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.10 views

PT-2025-35522

Name of the Vulnerable Software and Affected Versions MobSF version 4.4.0 Description MobSF is a mobile application security testing tool. An authenticated user who uploaded a specially prepared one.a file could write arbitrary files to any directory writable by the user of the MobSF process. Thi...

6.5CVSS6.1AI score0.0056EPSS
Exploits1References14
CNNVD
CNNVD
added 2025/08/08 12:0 a.m.5 views

LMeterX 路径遍历漏洞

LMeterX is an open source professional load testing program for any LLM API by MigoXLab. A path traversal vulnerability exists in LMeterX version 1.2.0, which stems from incorrect manipulation of the parameter taskid in the file backend/service/uploadservice.py resulting in path traversal...

9.1CVSS6.5AI score0.00657EPSS
Exploits1References8
GithubExploit
GithubExploit
added 2025/05/23 9:4 p.m.319 views

Exploit for Authentication Bypass by Primary Weakness in Crushftp

CVE-2025-31161 - CrushFTP User Creation Authentication Bypass...

9.8CVSS9.5AI score0.99947EPSS
Exploits18
GithubExploit
GithubExploit
added 2025/05/23 1:8 p.m.904 views

Exploit for CVE-2025-0133

CVE-2025-0133 Reflected XSS Detection Tool Author: Derek...

6.9CVSS5.3AI score0.44444EPSS
Exploits8
OSV
OSV
added 2025/05/05 7:32 p.m.16 views

GHSA-C5VG-26P8-Q8CR Mobile Security Framework (MobSF) Allows Web Server Resource Exhaustion via ZIP of Death Attack

Vulnerable MobSF Versions: = v4.3.2 Details: MobSF is a widely adopted mobile application security testing tool used by security teams across numerous organizations. Typically, MobSF is deployed on centralized internal or cloud-based servers that also host other security tools and web application...

6.8CVSS6.8AI score0.00411EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2025/04/30 1:39 p.m.453 views

Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver

CVE-2025-31324-File-Upload A totally unauthenticated file-uplo...

10CVSS9.5AI score0.99359EPSS
Exploits18
OSV
OSV
added 2025/03/12 4:15 p.m.4 views

CVE-2025-25568

SoftEtherVPN 5.02.5187 is vulnerable to Use after Free in the Command.c file via the CheckNetworkAcceptThread function. NOTE: the Supplier disputes this because the use-after-free is not in the VPN software, but is instead in a separate tool that has no untrusted input and runs under the user's o...

9.8CVSS5.8AI score0.00543EPSS
Exploits1References2
OSV
OSV
added 2023/11/14 11:15 a.m.5 views

CVE-2023-43504

A vulnerability has been identified in COMOS All versions V10.4.4. Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler SEH based buffer overflow. This could allow an attacker to execute arbitrary code on the target...

9.8CVSS6.4AI score0.00851EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2022/10/25 12:55 a.m.20 views

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CMS-Made-Simple-2.2.10---SQL-Injection-Exploit-com-corre-o-de-...

8.1CVSS8.2AI score0.55958EPSS
Exploits38
hivepro
hivepro
added 2022/04/26 12:44 p.m.51 views

Newly patched VMware vulnerability exploited by Iranian espionage group, Rocket Kitten

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as Rocket Kitten has began delivering the Core Impact penetration testing tool on susceptible computers by exploiting a newly fixed severe vulnerability in VMware Workspace ONE...

10CVSS1.3AI score0.99997EPSS
Exploits25
CNNVD
CNNVD
added 2021/11/10 12:0 a.m.6 views

Intel VTune Profiler 安全漏洞

Intel VTune Profiler is a performance testing tool for optimized software from Intel USA. The software performs performance testing of IoT embedded applications, media software, Java applications, and high-performance computing applications. A security vulnerability exists in Intel VTune Profiler...

7.8CVSS7.4AI score0.00208EPSS
Exploits0References4
Kitploit
Kitploit
added 2021/11/09 11:30 a.m.28 views

Ddosify - High-performance Load Testing Tool

Features Protocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other protocols are on the way. Scenario-Based - Create your flow in a JSON file. Without a line of code! Different Load Types - Test your system's limits across different load types. Installation ddosify is available via...

6.9AI score
Exploits0References7
ThreatPost
ThreatPost
added 2021/05/14 5:36 p.m.164 views

FIN7 Backdoor Masquerades as Ethical Hacking Tool

The notorious FIN7 cybercrime gang, a financially motivated group, is spreading a backdoor called Lizar under the guise of being a Windows pen-testing tool for ethical hackers. According to the BI.ZONE Cyber Threats Research Team, FIN7 is pretending to be a legitimate organization that hawks a...

6.1AI score
Exploits0References9
CNVD
CNVD
added 2021/03/04 12:0 a.m.7 views

Unspecified Vulnerability in HCL OneTest

HCL OneTest is a software testing tool from HCL India that provides multiple testing options. The software supports API testing, functional testing, UI testing, performance testing and service virtualization to support software automation testing. A security vulnerability exists in HCL OneTest...

6.5CVSS6.8AI score0.00669EPSS
Exploits0References1
Gitee
Gitee
added 2020/11/26 10:12 a.m.5 views

vulhub

It is an offensive tool for web application security testing. The repository contains a collection of pre-built vulnerable docker environments, allowing users to test web application security without requiring prior knowledge of docker. The tool is designed to be easy to use, with a simple...

8AI score
Exploits0
Gitee
Gitee
added 2020/10/22 4:40 p.m.8 views

Exploit for Argument Injection in Php

This repository is an exploit module for CVE-2018-19518, a vulnerability in the PHPMailer library. The exploit is written in Python and targets the PHPMailer library's use of the "mail" function to send emails. The vulnerability allows an attacker to inject malicious code into the email body, whi...

8.5CVSS7.8AI score0.9523EPSS
Exploits6
Kitploit
Kitploit
added 2020/09/07 2:38 a.m.218 views

SQLMap v1.4.9 - Automatic SQL Injection And Database Takeover Tool

SQLMap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lastin...

8.5AI score
Exploits0References9
Gitee
Gitee
added 2020/08/07 12:45 p.m.2 views

metasploit-framework

This is a Metasploit Framework repository, a widely used penetration testing tool. The framework is used for identifying and exploiting vulnerabilities in computer systems and applications. The primary target of this framework is the Metasploit Framework itself, which is a Ruby-based framework fo...

8.3AI score
Exploits0
Rows per page
Query Builder