unSafe.sh - 不安全

aib0litt/poc-CVE-2020-1938 poc-CVE-2020-1938
Create: 2024-11-22 21:24:22 +0000 UTC Push: 2024-11-22 21:24:22 +0000 UTC |

PunitTailor55/Paloalto-CVE-2024-0012
Create: 2024-11-22 20:58:17 +0000 UTC Push: 2024-11-22 20:58:17 +0000 UTC |

ubaii/CVE-2024-52475 Broken Authentication in Wordpress plugin (Wawp Plugin < 3.0.18)
Create: 2024-11-22 18:29:54 +0000 UTC Push: 2024-11-22 18:29:54 +0000 UTC |

felmoltor/CVE-2024-48990 Qualys needsrestart vulnerability CVE-2024-48990
Create: 2024-11-22 17:35:58 +0000 UTC Push: 2024-11-22 17:41:34 +0000 UTC |

windz3r0day/CVE-2024-11381 CVE-2024-11381 poc exploit
Create: 2024-11-22 16:53:14 +0000 UTC Push: 2024-11-22 16:53:32 +0000 UTC |

windz3r0day/CVE-2024-11428 CVE-2024-11428 poc exploit
Create: 2024-11-22 16:51:47 +0000 UTC Push: 2024-11-22 16:52:04 +0000 UTC |

windz3r0day/CVE-2024-11412 CVE-2024-11412 poc exploit
Create: 2024-11-22 16:50:08 +0000 UTC Push: 2024-11-22 16:50:30 +0000 UTC |

windz3r0day/CVE-2024-11388 CVE-2024-11388 poc exploit
Create: 2024-11-22 16:48:21 +0000 UTC Push: 2024-11-22 16:48:22 +0000 UTC |

windz3r0day/CVE-2024-11432 CVE-2024-11432 poc exploit
Create: 2024-11-22 16:46:24 +0000 UTC Push: 2024-11-22 16:46:25 +0000 UTC |

RandomRobbieBF/CVE-2024-43919 YARPP <= 5.30.10 - Missing Authorization
Create: 2024-11-22 15:42:39 +0000 UTC Push: 2024-11-22 15:42:39 +0000 UTC |

XiaomingX/CVE-2024-36401-poc CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件，主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理：该漏洞源于GeoServer在处理属性名称时，将其不安全地解析为XPath表达式。具体而言，GeoServer调用的GeoTools库API在评估要素类型的属性名称时，以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码，攻击者可以通过构造特定的输入，利用多个OGC请求参数（如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等），在未经身份验证的情况下远程执行任意代码。
Create: 2024-11-22 14:21:53 +0000 UTC Push: 2024-11-22 14:21:54 +0000 UTC |

XiaomingX/CVE-2024-27130-poc CVE-2024-27130是影响QNAP网络附加存储（NAS）设备的一个严重漏洞。该漏洞源于QTS操作系统中share.cgi脚本的No_Support_ACL函数中不安全地使用strcpy函数，导致堆栈缓冲区溢出。攻击者可以利用此漏洞，通过精心构造的请求在目标系统上执行任意代码，进而完全控制受影响的设备。
Create: 2024-11-22 14:18:08 +0000 UTC Push: 2024-11-22 14:18:24 +0000 UTC |

XiaomingX/cve-2024-0012-poc
Create: 2024-11-22 14:11:56 +0000 UTC Push: 2024-11-22 14:11:57 +0000 UTC |

XiaomingX/cve-2024-25641-poc PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26
Create: 2024-11-22 14:05:37 +0000 UTC Push: 2024-11-22 14:05:37 +0000 UTC |

XiaomingX/cve-2024-37084-Poc Analysis , Demo exploit and poc about CVE-2024-37084
Create: 2024-11-22 13:53:42 +0000 UTC Push: 2024-11-22 13:53:43 +0000 UTC |

synacktiv/CVE-2023-32413 Exploit code for CVE-2023-42914 / pwn2own Vancouver 2023
Create: 2024-11-22 11:28:35 +0000 UTC Push: 2024-11-22 12:10:47 +0000 UTC |

RandomRobbieBF/CVE-2024-52429 WP Quick Setup <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin/Theme Installation
Create: 2024-11-22 10:26:55 +0000 UTC Push: 2024-11-22 10:26:55 +0000 UTC |

RandomRobbieBF/CVE-2024-52433 My Geo Posts Free <= 1.2 - Unauthenticated PHP Object Injection
Create: 2024-11-22 08:56:58 +0000 UTC Push: 2024-11-22 08:56:58 +0000 UTC |

iSee857/CVE-2024-0012-poc CVE-2024-0012批量检测脚本
Create: 2024-11-22 07:52:11 +0000 UTC Push: 2024-11-22 07:52:11 +0000 UTC |

XiaomingX/cve-2024-5452-poc cve-2024-5452-poc
Create: 2024-11-22 06:56:12 +0000 UTC Push: 2024-11-22 06:56:32 +0000 UTC |