unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Search
Rss
黑夜模式
增加标签
Tags (allow clear + 0 threshold)
Choose a tag...
Please select a valid tag.
monstertsl/CVE-2026-24061
CVE-2026-24061 漏洞检测工具
Create: 2026-01-23 03:16:53 +0000 UTC Push: 2026-01-23 03:16:54 +0000 UTC |
bfdfhdsfdd-crypto/CVE-2026-22444
CVE-2026-22444 是一个影响 Apache Solr 的安全漏洞,于 2026 年 1 月 20 日左右公开披露。该漏洞源于 Apache Solr 的 "create core" API 在某些 API 参数上的输入验证不足(CWE-20: Improper Input Validation),允许攻击者在 Solr 运行于 "standalone" 模式时绕过安全规则,可能导致数据泄露、远程代码执行 (RCE) 或 NTLM 哈希披露。 1 2 3 具体而言,如果 Solr 未启用认证或用户具有创建核心的权限,攻击者可以通过精心构造的请求滥用该 API 来访问受保护的文件或执行恶意操作。
Create: 2026-01-23 02:18:02 +0000 UTC Push: 2026-01-23 02:18:03 +0000 UTC |
xuemian168/CVE-2026-24061
Create: 2026-01-23 02:14:15 +0000 UTC Push: 2026-01-23 02:14:15 +0000 UTC |
Mkway/CVE-2025-60021
Create: 2026-01-23 01:52:51 +0000 UTC Push: 2026-01-23 01:52:51 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-9932
Unauthenticated 0-click RCE exploit for CVE-2024-9932. Exploits an arbitrary file upload vulnerability in the Wux Blog Editor WordPress plugin to upload a remote PHP payload, detect the target operating system, and achieve remote command execution through an interactive web shell.
Create: 2026-01-22 20:43:52 +0000 UTC Push: 2026-01-22 20:43:52 +0000 UTC |
h3athen/CVE-2026-24061
CVE-2026-24061 - Exploit
Create: 2026-01-22 20:33:24 +0000 UTC Push: 2026-01-22 20:33:24 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-50498
Unauthenticated 0-click RCE exploit for CVE-2024-50498. Exploits a code injection vulnerability in the LUBUS WP Query Console plugin to execute arbitrary PHP code, write a web shell to the uploads directory, detect the target operating system, and achieve remote command execution via an interactive shell.
Create: 2026-01-22 20:29:00 +0000 UTC Push: 2026-01-22 20:29:00 +0000 UTC |
Stp1t/CVE-2023-40028
Exploit for CVE-2023-40028 (for educational purposes)
Create: 2026-01-22 20:12:19 +0000 UTC Push: 2026-01-29 12:34:53 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-10924
Unauthenticated authentication bypass to RCE exploit for CVE-2024-10924. Abuses an authentication and 2FA bypass in the Really Simple Security WordPress plugin to impersonate an admin user, upload a malicious plugin, and achieve remote command execution via an interactive shell.
Create: 2026-01-22 20:01:07 +0000 UTC Push: 2026-01-22 20:01:08 +0000 UTC |
m4sh-wacker/CVE-2026-0594-ListSiteContributors-Plugin-Exploit
Create: 2026-01-22 19:58:18 +0000 UTC Push: 2026-01-22 19:58:19 +0000 UTC |
Galaxy-sc/CVE-2026-0920-WordPress-LA-Studio-Exploit
Create: 2026-01-22 19:33:23 +0000 UTC Push: 2026-01-22 19:33:24 +0000 UTC |
Galaxy-sc/CVE-2026-0920
Create: 2026-01-22 19:29:56 +0000 UTC Push: 2026-01-22 19:29:57 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-50526
Unauthenticated 0-click RCE exploit for CVE-2024-50526. Exploits an arbitrary file upload vulnerability in a vulnerable WordPress form plugin to upload a PHP payload, verify its location, detect the target operating system, and achieve remote command execution via an interactive shell.
Create: 2026-01-22 19:27:51 +0000 UTC Push: 2026-01-22 19:27:52 +0000 UTC |
NiceTop1027/CVE-2026-XXXX-Meru-Shell-OpenExternal-RCE
Create: 2026-01-22 19:00:46 +0000 UTC Push: 2026-01-22 19:00:46 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-51791
Exploits an arbitrary file upload vulnerability in a vulnerable WordPress forms plugin to upload a PHP payload, locate the uploaded file, detect the target OS, and obtain remote command execution via an interactive shell.
Create: 2026-01-22 18:57:51 +0000 UTC Push: 2026-01-22 18:57:51 +0000 UTC |
SafeBreach-Labs/CVE-2026-24061
Exploitation of CVE-2026-24061
Create: 2026-01-22 18:30:17 +0000 UTC Push: 2026-01-22 19:22:08 +0000 UTC |
NiceTop1027/CVE-2026-Pending-Extract-Zip-Arbitrary-File-Write
Create: 2026-01-22 18:28:04 +0000 UTC Push: 2026-01-22 18:28:04 +0000 UTC |
NiceTop1027/CVE-2026-Pending-Delegator-Command-Injection
Create: 2026-01-22 18:05:59 +0000 UTC Push: 2026-01-22 18:05:59 +0000 UTC |
dptsec/CVE-2026-22444
PoC for CVE-2026-22444: Apache Solr 8.6-9.10.0 Windows standalone mode RCE/NTLM hash disclosure
Create: 2026-01-22 17:55:17 +0000 UTC Push: 2026-01-22 17:55:28 +0000 UTC |
JoshuaProvoste/0-click-RCE-Exploit-for-CVE-2024-51793
Unauthenticated 0-click RCE exploit for CVE-2024-51793. Exploits an arbitrary file upload vulnerability via admin-ajax.php to upload a PHP payload and achieve remote command execution on vulnerable WordPress installations, including OS detection and an interactive command shell.
Create: 2026-01-22 17:48:32 +0000 UTC Push: 2026-01-22 17:48:32 +0000 UTC |
Previous
11
12
13
14
15
16
17
18
Next