unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
ABB Cylon FLXeon 9.3.4 Default Credentials
ABB Cylon FLXeon 9.3.4默认凭据存在安全漏洞。该设备用于楼宇自动化系统,支持BACnet/IP协议,默认管理凭据强度弱,易被远程攻击者猜测并完全控制设备。...
2025-2-13 21:10:23 | 阅读: 3 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
abb
bacnet
flxeon
cylon
zsl
Wattsense Bridge 6.x Remote Root / Information Disclosure
Wattsense Bridge 6.x版本存在四个高危漏洞(CVE-2025-26408至26411),包括JTAG访问、串口登录、弱密码及插件上传等,可导致远程根权限获取或设备操控。建议用户立即更新至修复版本(如6.4.1及以上),并进行全面安全审查。...
2025-2-13 21:9:28 | 阅读: 1 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
wattsense
attacker
bootloader
firmware
security
SolarView Compact 6.00 - Command Injection
这篇文章介绍了SolarView Compact 6.00版本中存在的命令注入漏洞。攻击者可通过构造恶意请求实现远程命令执行,并绕过身份验证。该漏洞影响Windows、Linux和Android(Termux)环境。...
2025-2-13 21:7:55 | 阅读: 1 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
injection
solarview
php
solar
attacker
ABB Cylon FLXeon 9.3.4 (serialConfig.js) JSON Object Flooding DoS
ABB Cylon FLXeon 9.3.4版本中存在一个JSON对象洪水攻击漏洞,影响多个系列控制器。攻击者可通过构造特定请求利用该漏洞引发内存和CPU资源耗尽,导致拒绝服务(DoS)。此漏洞由Gjoko Krstic发现。...
2025-2-10 20:10:43 | 阅读: 1 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
abb
bacnet
flxeon
newports
MySchool 1.0 SQL Injection / Code Injection / XSS / CSRF
MySchool 1.0 SQL Injection / Code Injection / XSS / CSRF@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@...
2025-2-1 09:40:45 | 阅读: 11 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
php
myschool
injection
forgot
Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting
Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting[+] Credits: Shahnawaz Shaikh, Security Researcher...
2025-2-1 09:39:16 | 阅读: 5 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
quorum
2064
onq
attacker
ux
Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit Update
Xinet Elegant 6 Asset Lib Web UI 6.1.655 / SQL Injection / Exploit UpdateCVSS Base Score: 7.5/1...
2025-2-1 09:37:10 | 阅读: 6 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
injects
elegant
loginform
injection
napc
OpenPanel 0.3.4 Command Injection
OpenPanel 0.3.4 Command Injection# Exploit Title: OpenPanel 0.3.4 - OS Command Injection via The T...
2025-1-29 22:13:13 | 阅读: 5 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
openpanel
timezone
2083
injection
ux
MySchool System - Multiple Vulnerabilities
MySchool System - Multiple Vulnerabilities@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@...
2025-1-29 22:12:2 | 阅读: 11 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
php
myschool
forgot
educational
NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-RCE
NEXT-EMP v1.0-Copyright © 2024. All rights reserved. File Upload-FU and Remote Code Execution-...
2025-1-29 22:11:37 | 阅读: 1 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
php
remote
mayurik
SpagoBI 3.5.1 Cross Site Scripting
# CVE-2024-54795**Severity :** **Medium** (**5.4**)**CVSS score :** `CVSS:3.1/AV:N/AC:L/PR:L/UI:...
2025-1-28 21:10:7 | 阅读: 10 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
designer
worksheet
54795
inserting
malicious
SpagoBI 3.5.1 Cross Site Request Forgery
# CVE-2024-54792**Severity :** **Medium** (**6.1**)**CVSS score :** `CVSS:3.1/AV:N/AC:L/PR:N/UI:...
2025-1-28 21:9:4 | 阅读: 2 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
username
54792
victim
2fspagobi
2fadmin
AutoLib Software Systems OPAC 20.10 Secret Disclosure
[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC[+] twitter.com/_striv3r...
2025-1-28 21:7:19 | 阅读: 2 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
autolib
security
opac
software
india
Wind River Software VxWorks 6.9 Weak Password Hashing Algorithms
Wind River Software VxWorks 6.9 Weak Password Hashing AlgorithmsWind River Software VxWorks 6.9 We...
2025-1-28 21:6:31 | 阅读: 4 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
vxworks
hashing
salt
river
pw
Netman 204 - Broken Access Control Remote command
# Exploit Title: Netman 204 - Broken Access Control Remote command# Date: 1/28/2025# Exploit Autho...
2025-1-28 21:4:46 | 阅读: 1 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
username
eurek
netman
irms
ups
DNN CMS remote File Upload
# Exploit Title: DNN CMS remote File Upload # Date: 2025-01-26# Exploit Author: a.k hacker (Mosta...
2025-1-26 20:48:2 | 阅读: 3 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
remote
mostafa
akbarzadeh
filelinks
Iranian Cyber Police "FATA.GOV.IR" has an SQL Injection vulnerability
This site belongs to the Iranian Cyber Police(پلیس فضای تولید و تبادل اطلاعات فراجا) (fata), which...
2025-1-25 15:57:55 | 阅读: 10 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
fata
csirc
100014
security
injection
CMS Twig Template Injection RCE via FTP Templates Path
CMS Twig Template Injection RCE via FTP Templates Path### This module requires Metasploit: https...
2025-1-24 22:12:40 | 阅读: 4 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
client
vprint
payload
remote
twig
Cleo LexiCom / VLTrader / Harmony 5.8.0.23 Remote Code Execution
Cleo LexiCom / VLTrader / Harmony 5.8.0.23 Remote Code Execution### This module requires Metasplo...
2025-1-22 21:12:16 | 阅读: 1 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
cleo
lexicom
payload
windows
Ivanti Buffer Overflow Proof of Concept
Ivanti Buffer Overflow Proof of Concept# PoC for CVE-2025-0282, a remote unauthenticated stack bas...
2025-1-22 21:10:13 | 阅读: 8 |
收藏
|
CXSECURITY Database RSS Feed - CXSecurity.com - cxsecurity.com
libdsplibs
0xcafebeef
0282
ivanti
Previous
0
1
2
3
4
5
6
7
Next