unsafe.sh - 不安全

twseptian/cve-2021-38314 Unauthenticated Sensitive Information Disclosure
Create: 2022-05-15 10:10:01 +0800 CST Push: 2022-05-15 10:10:02 +0800 CST |

ahsentekdemir/CVE-2022-28346 An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.
Create: 2022-05-15 08:24:19 +0800 CST Push: 2022-05-15 08:24:19 +0800 CST |

PsychoSec2/CVE-2022-1388-POC An improved Proof of Concept for CVE-2022-1388 w/ Interactive Shell
Create: 2022-05-15 03:23:16 +0800 CST Push: 2022-05-15 03:23:16 +0800 CST |

LudovicPatho/CVE-2022-26923_AD_Certificate_services In essence, the vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.
Create: 2022-05-14 17:27:06 +0800 CST Push: 2022-05-14 17:39:48 +0800 CST |

LudovicPatho/CVE-2022-26923_AD_Certate_services In essence, the vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.
Create: 2022-05-14 17:27:06 +0800 CST Push: 2022-05-14 17:27:27 +0800 CST |

LudovicPatho/CVE-2022-26923_AD-Certificate-Services In essence, the vulnerability allowed a low-privileged user to escalate privileges to domain administrator in a default Active Directory environment with the Active Directory Certificate Services (AD CS) server role installed.
Create: 2022-05-14 17:27:06 +0800 CST Push: 2022-05-14 17:42:26 +0800 CST |

Exploitables/CVE-2022-26927 A proof-of-concept font with a write-up attached.
Create: 2022-05-14 12:12:23 +0800 CST Push: 2022-05-14 12:12:57 +0800 CST |

savior-only/CVE-2022-30525 Zyxel 防火墙未经身份验证的远程命令注入
Create: 2022-05-14 02:16:31 +0800 CST Push: 2022-05-14 02:16:32 +0800 CST |

testaross4/CVE-2007-2447
Create: 2022-05-13 22:15:28 +0800 CST Push: 2022-05-13 22:15:29 +0800 CST |

shuai06/CVE-2022-30525 Zyxel 防火墙远程命令注入漏洞（CVE-2022-30525）批量检测脚本
Create: 2022-05-13 20:58:43 +0800 CST Push: 2022-05-13 20:58:44 +0800 CST |

Henry4E36/CVE-2022-30525 Zyxel 防火墙远程命令注入漏洞（CVE-2022-30525）
Create: 2022-05-13 20:03:28 +0800 CST Push: 2022-05-13 20:03:29 +0800 CST |

Phineas09/CVE-2021-44228 Log4Shell Proof-Of-Concept derived from https://github.com/kozmer/log4j-shell-poc
Create: 2022-05-13 19:35:22 +0800 CST Push: 2022-05-13 19:35:23 +0800 CST |

justakazh/CVE-2022-1388 Tool for CVE-2022-1388
Create: 2022-05-13 18:18:29 +0800 CST Push: 2022-05-13 18:18:30 +0800 CST |

itstarsec/CVE-2020-0618 Melissa
Create: 2022-05-13 16:58:16 +0800 CST Push: 2022-05-13 16:58:17 +0800 CST |

giuseppe-toscano/cve-2018-6574
Create: 2022-05-13 15:33:37 +0800 CST Push: 2022-05-13 15:33:38 +0800 CST |

V35HR4J/CVE-2022-1051 WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields
Create: 2022-05-13 14:50:25 +0800 CST Push: 2022-05-13 14:50:26 +0800 CST |

kuznyJan1972/CVE-2022-23121-RCE NETATALK-AFP-PROTO RCE :| This CVE-2022-23121 allows remote malicious users to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root.
Create: 2022-05-13 04:58:01 +0800 CST Push: 2022-05-13 04:58:02 +0800 CST |

kejaly/CVE-2022-23121-nmap CVE-2022-23121 中使用到的自定义 nmap 脚本，以及 docker 环境
Create: 2022-05-13 01:07:08 +0800 CST Push: 2022-05-13 01:07:09 +0800 CST |

Zeyad-Azima/CVE-2022-1388 F5 BIG-IP iControl REST vulnerability RCE exploit with Java
Create: 2022-05-13 00:54:52 +0800 CST Push: 2022-05-13 01:35:09 +0800 CST |

nettitude/CVE-2022-23253-PoC CVE-2022-23253 PoC
Create: 2022-05-12 21:18:47 +0800 CST Push: 2022-05-12 21:18:48 +0800 CST |