unSafe.sh - 不安全

qodo-dev/CVE-2025-30208 CVE-2025-30208
Create: 2025-10-04 05:39:44 +0000 UTC Push: 2025-10-04 05:40:09 +0000 UTC |

Nxploited/CVE-2025-8625 Copypress Rest API 1.1 - 1.2 - Missing Configurable JWT Secret and File-Type Validation to Unauthenticated Remote Code Execution
Create: 2025-10-03 18:07:19 +0000 UTC Push: 2025-10-03 18:07:19 +0000 UTC |

WinDyAlphA/CVE-2025-60736 code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection
Create: 2025-10-03 16:33:23 +0000 UTC Push: 2025-10-03 16:33:23 +0000 UTC |

Gabriel-Lacorte/CVE-2025-7771 A exploit for the ThrottleStop vulnerable driver.
Create: 2025-10-03 16:17:11 +0000 UTC Push: 2025-10-03 16:17:12 +0000 UTC |

prabhatverma47/CVE-2025-60787 CVE-2025-60787 Poc - RCE - MotionEye <= 0.43.1b4
Create: 2025-10-03 15:20:43 +0000 UTC Push: 2025-10-03 15:20:43 +0000 UTC |

rundas-r00t/CVE-2025-7558-PoC sql injection PoC for CVE-2025-7558. authored by i-Corner
Create: 2025-10-03 15:16:45 +0000 UTC Push: 2025-10-03 15:16:46 +0000 UTC |

infernosalex/CVE-2023-45612-PoC
Create: 2025-10-03 14:59:26 +0000 UTC Push: 2025-10-06 21:33:47 +0000 UTC |

doyensec/KSMBD-CVE-2025-37947
Create: 2025-10-03 14:08:46 +0000 UTC Push: 2025-10-08 13:24:34 +0000 UTC |

Nxploited/CVE-2025-9286 Appy Pie Connect for WooCommerce <= 1.1.2 - Missing Authorization to Unauthenticated Privilege Escalation
Create: 2025-10-03 13:17:50 +0000 UTC Push: 2025-10-03 13:17:50 +0000 UTC |

fa1consec/cve_2025_61622_poc This PoC demonstrates the Remote Code Execution (RCE) vulnerability in Apache Pyfory (versions 0.12.0-0.12.2 and legacy PyFury 0.1.0-0.10.3) due to insecure pickle fallback deserialization (CVE-2025-61622).
Create: 2025-10-03 12:44:16 +0000 UTC Push: 2025-10-03 12:44:16 +0000 UTC |

paktiko1986/pocpoc_bypass_cve_2020-11023
Create: 2025-10-03 06:08:27 +0000 UTC Push: 2025-10-03 06:09:03 +0000 UTC |

ibrahmsql/CVE-2025-24893 CVE-2025-24893 exploit
Create: 2025-10-02 21:14:49 +0000 UTC Push: 2025-10-02 21:14:49 +0000 UTC |

gotr00t0day/CVE-2025-24893 Unauthenticated Remote Code Execution in XWiki via SolrSearch Macro
Create: 2025-10-02 19:45:19 +0000 UTC Push: 2025-10-02 19:45:20 +0000 UTC |

Szym0n13k/CVE-2025-55972-Remote-Unauthenticated-Denial-of-Service-DoS-in-TCL-Smart-TV-UPnP-DLNA-AVTransport A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementation is affected by a remote, unauthenticated Denial of Service (DoS).
Create: 2025-10-02 18:58:18 +0000 UTC Push: 2025-10-02 18:58:19 +0000 UTC |

Szym0n13k/CVE-2025-55971-Blind-Unauthenticated-SSRF-in-TCL-Smart-TV-UPnP-DLNA-AVTransport TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.001116 (Android TV, Kernel 5.4.242+), is vulnerable to a blind, unauthenticated Server-Side Request Forgery (SSRF) via the UPnP MediaRenderer service (AVTransport).
Create: 2025-10-02 18:58:16 +0000 UTC Push: 2025-10-02 18:58:16 +0000 UTC |

Nxploited/CVE-2025-8359 AdForest <= 6.0.9 - Authentication Bypass to Admin
Create: 2025-10-02 16:57:48 +0000 UTC Push: 2025-10-02 16:57:48 +0000 UTC |

restdone/CVE-2025-57457
Create: 2025-10-02 16:51:25 +0000 UTC Push: 2025-10-02 16:51:26 +0000 UTC |

xryptoh/CVE-2025-63498
Create: 2025-10-02 13:31:50 +0000 UTC Push: 2025-11-25 11:52:03 +0000 UTC |

MoAlali/CVE-2025-56381 ERPNEXT v15.67.0 was discovered to contain multiple SQL injection > vulnerabilities in the /api/method/frappe.desk.reportview.get endpoint via the order_by and group_by parameters.
Create: 2025-10-01 19:24:42 +0000 UTC Push: 2025-10-01 19:24:43 +0000 UTC |

MoAlali/CVE-2025-56380 Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.get_value API endpoint.
Create: 2025-10-01 19:14:57 +0000 UTC Push: 2025-10-01 19:14:57 +0000 UTC |