unSafe.sh - 不安全

BattalionX/http-oracle-ebs-cve-2025-61882.nse Detects Oracle E-Business Suite (CVE-2025-61882). Detection: multi-tier checks — fingerprinting, version checks, endpoint & SSRF tests, timing analysis & controlled exploitation 4 high-confidence results. Default = safe fingerprinting only. Set aggressive=true 2 enable active/probing checks use w/caution. Provided By BattalionX [email protected]
Create: 2025-10-23 07:33:21 +0000 UTC Push: 2025-10-23 07:33:22 +0000 UTC |

srakkk/cve-2024-32002-hook
Create: 2025-10-23 07:10:13 +0000 UTC Push: 2025-10-26 07:14:26 +0000 UTC |

srakkk/cve-2024-32002-demo
Create: 2025-10-23 07:08:18 +0000 UTC Push: 2025-10-23 09:31:56 +0000 UTC |

fofovicfof-ai/cve-2023-2745 cve-2023-2745
Create: 2025-10-22 21:41:08 +0000 UTC Push: 2025-10-22 21:41:09 +0000 UTC |

Smarttfoxx/CVE-2025-60791 Easywork Enterprise 2.1.3.354 is vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory after a failed activation attempt.
Create: 2025-10-22 20:31:23 +0000 UTC Push: 2025-10-22 20:31:23 +0000 UTC |

Nxploited/CVE-2025-6758 Real Spaces - WordPress Properties Directory Theme <= 3.6 - Unauthenticated Privilege Escalation to Administrator
Create: 2025-10-22 20:18:56 +0000 UTC Push: 2025-10-22 20:18:56 +0000 UTC |

ByteHawkSec/CVE-2025-57870-POC Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Esri ArcGIS Server
Create: 2025-10-22 18:48:23 +0000 UTC Push: 2025-10-22 18:48:24 +0000 UTC |

Sabecomoeh/CVE-2022-0001 This script checks for Administrator privileges and then sets the necessary DWord values in the Windows registry to enable the hardware-level mitigation for CVE-2022-0001, as per Microsoft's guidance
Create: 2025-10-22 18:13:06 +0000 UTC Push: 2025-10-22 18:13:07 +0000 UTC |

ByteHawkSec/CVE-2025-61882-Poc A critical vulnerability in Oracle Concurrent Processing, part of Oracle E-Business Suite's BI Publisher Integration component. Affects versions 12.2.3-12.2.14. The vulnerability allows unauthenticated attackers to compromise the Oracle Concurrent Processing system via network access through HTTP.
Create: 2025-10-22 16:01:15 +0000 UTC Push: 2025-10-22 16:01:16 +0000 UTC |

clemfavre/cve-2023-45612_exploit Reproduction of a high severty security problem that allows XXE (XML eXtral Entity) attacks on Ktor's XML serialization.
Create: 2025-10-22 15:16:04 +0000 UTC Push: 2025-10-22 15:16:05 +0000 UTC |

DExplo1ted/CVE-2025-11534-POC Authentication Bypass Using an Alternate Path or Channel (CWE-288)
Create: 2025-10-22 15:09:07 +0000 UTC Push: 2025-10-22 15:30:02 +0000 UTC |

RedFoxNxploits/CVE-2025-53072
Create: 2025-10-22 14:40:18 +0000 UTC Push: 2025-10-22 14:40:19 +0000 UTC |

cyberx-1/OverlayFS-CVE-2021-3493 root Privileges
Create: 2025-10-22 11:30:11 +0000 UTC Push: 2025-10-22 11:30:12 +0000 UTC |

stuxbench/mlflow-cve-2019-7164
Create: 2025-10-22 10:17:30 +0000 UTC Push: 2025-10-22 10:17:30 +0000 UTC |

vxaretra/CVE-2025-54782 PoC for CVE-2025-54782
Create: 2025-10-22 09:48:04 +0000 UTC Push: 2025-10-22 09:48:04 +0000 UTC |

rxerium/CVE-2025-53072-CVE-2025-62481 Detection for CVE-2025-53072 + CVE-2025-62481
Create: 2025-10-22 09:25:50 +0000 UTC Push: 2025-10-22 09:25:53 +0000 UTC |

tevelsho/cve-2024-7387
Create: 2025-10-22 07:48:27 +0000 UTC Push: 2025-10-22 07:48:28 +0000 UTC |

0xSigSegv0x00/cve-2024-7387
Create: 2025-10-22 07:48:27 +0000 UTC Push: 2025-10-24 01:37:23 +0000 UTC |

0xsamurai/CVE-2025-57517 WonderCMS 3.5.0 is vulnerable to a Blind Stored Cross-Site Scripting (XSS) in the homepage content editor. An authenticated attacker can inject arbitrary JavaScript payloads into the homepage content, which will be executed in the context of any user who visits the affected page.
Create: 2025-10-22 07:01:23 +0000 UTC Push: 2025-10-22 07:01:24 +0000 UTC |

monzaviman/CVE-2025-62168 PoC of CVE-2025-62168
Create: 2025-10-22 06:02:09 +0000 UTC Push: 2025-10-22 06:02:09 +0000 UTC |