Dolibarr ERP/CRM versions prior to 17.0.1 allow remote code execution by an authenticated user who has access to the Website module...
This Metasploit module exploits a command execution via file upload. If GestioIP is configured to use no authentication for admin account, no passw...
Apache HertzBeat version 1.8.0 suffers from a remote command execution vulnerability via the scriptCommand parameter in a monitoring template defin...
The Shell extension in Espanso version 2.3.0 allows arbitrary command execution. An attacker who can modify the match configuration file can inject...
Glances version 4.5.2 suffers from a command injection vulnerability...
Event Booking Calendar version 5.0 suffers from a cross site scripting vulnerability...
The Shell and Script extensions in Espanso version 2.3.0 allow arbitrary command execution. No restart required. Config changes take effect immedia...
Proof of concept for Flowise versions prior to 3.0.5 that suffer from a missing authentication vulnerability...
WordPress Ninja Forms - File Uploads plugin versions 3.3.26 and below arbitrary file upload exploit...
This Python script exploits a local file inclusion vulnerability in the WordPress Madara theme. It interacts with the admin-ajax.php endpoint to lo...
AI-powered asset discovery, dark web monitoring, CVE alerting, and vulnerability scanning — all in one platform.
