unSafe.sh - 不安全

caffeinedoom/CVE-2021-38003 Write Up & Exploitation For CVE-2021-38003
Create: 2025-05-19 19:39:42 +0000 UTC Push: 2025-05-19 23:35:57 +0000 UTC |

HExploited/CVE-2025-4919-Exploit
Create: 2025-05-19 18:44:43 +0000 UTC Push: 2025-05-19 18:44:44 +0000 UTC |

Housma/CVE-2019-9978---Social-Warfare-WordPress-Plugin-RCE The `swp_debug` parameter in `admin-post.php` allows remote attackers to include external files containing malicious PHP code, which are evaluated on the server. By supplying a crafted URL that hosts a reverse shell payload, an attacker can gain command execution.
Create: 2025-05-19 15:01:53 +0000 UTC Push: 2025-05-19 15:01:53 +0000 UTC |

Housma/CVE-2019-9978-Social-Warfare-WordPress-Plugin-RCE The `swp_debug` parameter in `admin-post.php` allows remote attackers to include external files containing malicious PHP code, which are evaluated on the server. By supplying a crafted URL that hosts a reverse shell payload, an attacker can gain command execution.
Create: 2025-05-19 15:01:53 +0000 UTC Push: 2025-05-19 15:03:54 +0000 UTC |

Rickerd12/exploit-cve-2025-1974
Create: 2025-05-19 14:51:41 +0000 UTC Push: 2025-05-19 14:52:46 +0000 UTC |

qalvynn/CVE-2021-41773 Proof of Concept for CVE-2021-41773: Apache path traversal exploit primarily used by Mirai botnets
Create: 2025-05-19 14:40:41 +0000 UTC Push: 2025-05-19 14:40:41 +0000 UTC |

Sratet/CVE-2025-29813-PE CVE-2025-29813 – Visual Studio Privilege Escalation via Improper Pipeline Job Token Handling
Create: 2025-05-19 10:21:46 +0000 UTC Push: 2025-05-19 10:21:47 +0000 UTC |

abuyazeen/CVE-2021-43798-Grafana-path-traversal-tester Automated path traversal testing tool for Grafana plugin endpoints using curl and Bash.
Create: 2025-05-19 08:19:30 +0000 UTC Push: 2025-05-19 08:19:30 +0000 UTC |

AndreyFreitax/CVE-2011-0762
Create: 2025-05-19 03:15:24 +0000 UTC Push: 2025-05-19 03:16:01 +0000 UTC |

Wa1nut4/CVE-2025-2135
Create: 2025-05-19 02:12:54 +0000 UTC Push: 2025-05-19 02:12:54 +0000 UTC |

Loucy1231/Nexus-Repository-Manager3-EL-CVE-2018-16621-https-www.cve.org-CVERecord-id-CVE-2018-16621-
Create: 2025-05-19 00:43:04 +0000 UTC Push: 2025-05-19 00:43:05 +0000 UTC |

doomygloom/CVE-2025-4428 CVE-2025-4428
Create: 2025-05-18 22:02:37 +0000 UTC Push: 2025-05-18 22:02:37 +0000 UTC |

missaels235/POC-CVE-2025-24104-Py
Create: 2025-05-18 18:11:27 +0000 UTC Push: 2025-05-18 18:11:27 +0000 UTC |

exfil0/CVE-2025-32756-POC Designed for Demonstration of Deep Exploitation.
Create: 2025-05-18 09:46:15 +0000 UTC Push: 2025-05-18 09:46:15 +0000 UTC |

gunyakit/CVE-2024-41713-PoC-exploit Mitel MiCollab Authentication Bypass to Arbitrary File Read
Create: 2025-05-18 08:12:40 +0000 UTC Push: 2025-05-18 08:12:40 +0000 UTC |

HossamEAhmed/wp-ulike-cve-2023-32259-poc In affected versions of the WP ULike plugin, there is no proper authorization check before allowing certain AJAX actions or vote manipulations. This allows unauthenticated users to interact with the plugin in ways only logged-in users should be able to — potentially skewing votes or injecting misleading data.
Create: 2025-05-18 02:09:39 +0000 UTC Push: 2025-05-18 02:14:15 +0000 UTC |

HossamEAhmed/wp-ulike-cve-2025-32259-poc In affected versions of the WP ULike plugin, there is no proper authorization check before allowing certain AJAX actions or vote manipulations. This allows unauthenticated users to interact with the plugin in ways only logged-in users should be able to — potentially skewing votes or injecting misleading data.
Create: 2025-05-18 02:09:39 +0000 UTC Push: 2025-05-18 02:14:15 +0000 UTC |

doomygloom/CVE-2025-4664 CVE-2025-4664
Create: 2025-05-18 02:06:40 +0000 UTC Push: 2025-05-18 02:06:40 +0000 UTC |

doomygloom/CVE-2025-4921 CVE-2025-4921
Create: 2025-05-18 02:05:34 +0000 UTC Push: 2025-05-18 02:05:35 +0000 UTC |

HossamEAhmed/CVE-2023-32259---WP-ULike-4.7.9.1-Missing-Authorization-to-Unauthenticated-Content-Spoof In affected versions of the WP ULike plugin, there is no proper authorization check before allowing certain AJAX actions or vote manipulations. This allows unauthenticated users to interact with the plugin in ways only logged-in users should be able to — potentially skewing votes or injecting misleading data.
Create: 2025-05-18 02:02:07 +0000 UTC Push: 2025-05-18 02:02:07 +0000 UTC |