unSafe.sh - 不安全

rehan6658/CVE-2023-40028
Create: 2025-02-02 15:52:28 +0000 UTC Push: 2025-02-02 15:52:29 +0000 UTC |

Nxploited/CVE-2024-6366-PoC User Profile Builder <= 3.11.7 - Unauthenticated Media Upload
Create: 2025-02-02 15:37:14 +0000 UTC Push: 2025-02-02 15:37:14 +0000 UTC |

DRAGOWN/CVE-2024-56903 CVE-2024-56903 - Geovision GV-ASManager web application with the version 6.1.1.0 or less allows attackers to modify POST requests with GET in critical functionalities, such as account management. This vulnerability is used in chain with CVE-2024-56901 for a successful CSRF attack.
Create: 2025-02-02 15:04:25 +0000 UTC Push: 2025-02-02 15:04:25 +0000 UTC |

DRAGOWN/CVE-2024-56901 CVE-2024-56901 - A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASManager web application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Admin accounts via a crafted POST request.
Create: 2025-02-02 15:04:22 +0000 UTC Push: 2025-02-02 15:04:23 +0000 UTC |

joaomorenorf/CVE-2014-3704 This code is taken from "Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)" and was converted to Python 3 to suit the exercise in Academy for Module "Attacking Commoon Applications" and section "Attacking Drupal".
Create: 2025-02-02 14:46:18 +0000 UTC Push: 2025-02-02 14:46:18 +0000 UTC |

DRAGOWN/CVE-2024-56902 CVE-2024-56902 - Information disclosure vulnerability in GeoVision ASManager web application version v6.1.0.0 or less.
Create: 2025-02-02 14:16:34 +0000 UTC Push: 2025-02-02 14:16:35 +0000 UTC |

tankist0x01/CVE-2017-8869 CVE-2017-8869 - MediaCoder 0.8.48.5888 - Local Buffer Overflow (SEH)
Create: 2025-02-02 12:45:16 +0000 UTC Push: 2025-02-02 12:46:01 +0000 UTC |

drake044/SOC274-Palo-Alto-Networks-PAN-OS-Command-Injection-Vulnerability-Exploitation-CVE-2024-3400
Create: 2025-02-02 09:42:41 +0000 UTC Push: 2025-02-02 09:42:41 +0000 UTC |

Shreyas-Penkar/CVE-2024-38399 PoC for CVE-2024-38399
Create: 2025-02-02 09:42:07 +0000 UTC Push: 2025-09-25 16:56:22 +0000 UTC |

DRAGOWN/CVE-2024-56898 CVE-2024-56898 - Broken access control vulnerability in GeoVision ASManager web application version v6.0.1.0 or less.
Create: 2025-02-02 09:20:32 +0000 UTC Push: 2025-02-02 09:20:32 +0000 UTC |

alirezac0/CVE-2024-53393 CVE-2024-53393 PoC
Create: 2025-02-02 08:32:48 +0000 UTC Push: 2025-02-02 08:32:48 +0000 UTC |

dorattias/CVE-2025-26319
Create: 2025-02-02 08:02:48 +0000 UTC Push: 2025-03-05 16:13:18 +0000 UTC |

omarelshopky/exploit_cve-2023-26326_using_cve-2024-2961 Exploit for CVE-2023-26326 in the WordPress BuddyForms plugin, leveraging CVE-2024-2961 for remote code execution. This exploit bypasses PHP 8+ deserialization limitations by chaining vulnerabilities with php://filter.
Create: 2025-02-02 01:35:43 +0000 UTC Push: 2025-02-02 01:35:44 +0000 UTC |

rawtips/-CVE-2025-24118
Create: 2025-02-01 22:20:18 +0000 UTC Push: 2025-02-01 22:20:19 +0000 UTC |

McTavishSue/CVE-2025-0929 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)
Create: 2025-02-01 20:51:00 +0000 UTC Push: 2025-02-01 20:51:00 +0000 UTC |

FelinaeBlanc/CVE_2024_39123 Démonstration de l'explotation de la CVE CVE_2024_39123
Create: 2025-02-01 14:33:57 +0000 UTC Push: 2025-02-01 14:33:57 +0000 UTC |

FelinaeBlanc/CVE_2024_6781 Démonstration de l'explotation de la CVE CVE_2024_6781
Create: 2025-02-01 14:32:08 +0000 UTC Push: 2025-02-01 14:32:08 +0000 UTC |

harithlab/CVE-2023-6546
Create: 2025-02-01 09:40:54 +0000 UTC Push: 2025-02-01 09:40:54 +0000 UTC |

rvizx/CVE-2024-57514
Create: 2025-02-01 08:52:04 +0000 UTC Push: 2025-02-01 08:52:04 +0000 UTC |

Allevon412/CVE-2024-54951 I contacted the monica development team via email on 11/20/2024. I also contacted them via LinkedIn, and other platforms in the weeks that followed. Publishing here since there was no response.
Create: 2025-01-31 22:28:26 +0000 UTC Push: 2025-03-17 15:55:20 +0000 UTC |