unSafe.sh - 不安全

Mpokes/CVE-2025-59246-Exploit Missing Authentication for Critical Function (CWE-306)
Create: 2025-10-10 17:50:34 +0000 UTC Push: 2025-10-10 17:50:35 +0000 UTC |

ajansha/CVE-2025-60374 CVE-2025-60374: Stored Cross-Site Scripting (XSS) in Perfex CRM Chatbot
Create: 2025-10-10 16:45:44 +0000 UTC Push: 2025-10-10 16:45:45 +0000 UTC |

eGkritsis/CVE-2025-61303 Hatching Triage dynamic analysis engine can fail to record malicious behavior when samples produce very high-volume recursive process forking, causing inconsistent or missing behavioral reports.
Create: 2025-10-10 14:54:26 +0000 UTC Push: 2025-10-15 23:03:53 +0000 UTC |

eGkritsis/CVE-2025-61301 CAPEv2 reporting/mongodb.py and reporting/jsondump.py allow denial-of-analysis when deeply nested or oversized behavior documents trigger orjson serialization errors or MongoDB BSON size/nesting limits, causing truncated or missing analysis reports.
Create: 2025-10-10 12:52:18 +0000 UTC Push: 2025-10-15 23:06:29 +0000 UTC |

vigilante-1337/CVE-2023-29386 PoC CVE-2023-29386 — Manager for Icomoon < 2.1 - Unauthenticated Arbitrary File Upload
Create: 2025-10-10 12:33:22 +0000 UTC Push: 2025-10-10 12:57:59 +0000 UTC |

Marinafabregat/CVE-2025-41088-Stored-XSS-in-Xibo-Signage-s-Xibo Stored Cross-Site Scripting (XSS) in Xibo Signage's Xibo CMS v4.1.2, due to a lack of proper validation of user input. To exploit the vulnerability, the attacker must create a template in the 'Templates' section, then add a text element in the 'Global Elements' section, and finally modify the 'Text' field in the section with the malicious payload.
Create: 2025-10-10 11:03:19 +0000 UTC Push: 2025-10-10 11:03:20 +0000 UTC |

Marinafabregat/CVE-2025-41088 Stored Cross-Site Scripting (XSS) in Xibo Signage's Xibo CMS v4.1.2, due to a lack of proper validation of user input.
Create: 2025-10-10 11:03:19 +0000 UTC Push: 2025-10-10 17:46:18 +0000 UTC |

rxerium/CVE-2025-11371 Detection for CVE-2025-11371
Create: 2025-10-10 10:26:57 +0000 UTC Push: 2025-10-10 10:27:00 +0000 UTC |

Noah4Puppy/CVE-2024-21262 THREE different reproduction, WORKDIR, EXEC & RUNC.
Create: 2025-10-10 09:47:48 +0000 UTC Push: 2025-10-10 09:47:49 +0000 UTC |

Noah4Puppy/CVE-2024-21626 THREE different reproduction, WORKDIR, EXEC & RUNC.
Create: 2025-10-10 09:47:48 +0000 UTC Push: 2025-10-11 01:57:36 +0000 UTC |

DanielMadsenDK/ServiceNow-CVE-2025-11449-CVE-2025-11450-Mitigation-Script This script automatically detects and remediates **CVE-2025-11449** and **CVE-2025-11450** security vulnerabilities in ServiceNow UI Macros. These critical vulnerabilities could allow arbitrary code execution in users' browsers through specially crafted links if user-controlled `sysparm_` parameters are not properly sanitized.
Create: 2025-10-10 08:58:54 +0000 UTC Push: 2025-10-10 08:58:55 +0000 UTC |

ajansha/CVE-2025-60375
Create: 2025-10-10 08:00:10 +0000 UTC Push: 2025-10-10 08:00:10 +0000 UTC |

ngobao2002/CVE-2025-38001-test
Create: 2025-10-10 07:46:48 +0000 UTC Push: 2025-10-10 07:46:48 +0000 UTC |

Shenal01/CVE-2025-60880 CVE-2025-60880 - Stored Cross-Site Scripting (XSS) in Bagisto Admin Panel
Create: 2025-10-10 05:03:04 +0000 UTC Push: 2025-10-10 05:03:04 +0000 UTC |

M4rgs/CVE-2025-5947_Exploit An mini exploit for the Service Finder -Bookings plugin WP
Create: 2025-10-10 04:59:12 +0000 UTC Push: 2025-10-10 04:59:25 +0000 UTC |

Hex00-0x4/CVE-2024-38856-Apache-OFBiz CVE-2024-38856: Apache OFBiz remote code execution Scanner & Exploit
Create: 2025-10-10 02:20:16 +0000 UTC Push: 2025-10-10 02:20:17 +0000 UTC |

AlvaXPloit/CVE-2025-2539
Create: 2025-10-10 00:28:24 +0000 UTC Push: 2025-10-10 00:28:57 +0000 UTC |

ajansha/CVE-2025-60378 CVE-2025-60378 — Stored HTML Injection in RISE — Ultimate Project Manager & CRM < 3.9.4 (Invoices & Messaging)
Create: 2025-10-09 21:42:03 +0000 UTC Push: 2025-10-09 21:42:04 +0000 UTC |

ajansha/CVE-2025-55903 CVE-2025-55903 — Stored HTML Injection in PerfexCRM < 3.3.1 (Invoice/Client Communication)
Create: 2025-10-09 20:41:29 +0000 UTC Push: 2025-10-09 20:41:29 +0000 UTC |

hybinn/CVE-2023-50164
Create: 2025-10-09 20:02:15 +0000 UTC Push: 2025-10-09 20:02:15 +0000 UTC |