unSafe.sh - 不安全

ptd200110/CVE-2024-27198-SOC-Lab
Create: 2026-06-19 05:53:59 +0000 UTC Push: 2026-06-19 05:54:01 +0000 UTC |

xxconi/CVE-2026-4782
Create: 2026-06-19 03:20:05 +0000 UTC Push: 2026-06-19 03:20:06 +0000 UTC |

0xk4rth1/CVE-2025-2304 A critical mass assignment vulnerability in Camaleon CMS (< 2.9.1) allows authenticated low-privileged users to elevate their privileges to administrator. The flaw exists in the `updated_ajax`
Create: 2026-06-19 02:34:40 +0000 UTC Push: 2026-06-19 02:35:12 +0000 UTC |

HORKimhab/CVE-2026-42055 CVE-2026-42055 - Draft
Create: 2026-06-19 01:05:02 +0000 UTC Push: 2026-06-19 01:05:06 +0000 UTC |

HORKimhab/CVE-2026-42530 CVE-2026-42530 - Draft
Create: 2026-06-19 01:04:03 +0000 UTC Push: 2026-06-19 01:04:06 +0000 UTC |

yendpoint/CVE-2026-42208-LAB A local lab for studying, reproducing, and verifying the patch for CVE-2026-42208: an unauthenticated SQL injection in LiteLLM's API key authentication path.
Create: 2026-06-18 23:40:32 +0000 UTC Push: 2026-06-18 23:40:33 +0000 UTC |

ozcanpng/CVE-2025-57819-FreePBX-RCE2Root
Create: 2026-06-18 22:34:29 +0000 UTC Push: 2026-06-18 22:34:31 +0000 UTC |

g0thamRabb1t/joomla-jce-cve-2026-48907-detection Defensive lab validation and SOC detection guidance for CVE-2026-48907 in Joomla JCE <= 2.9.99.4, including Apache/Joomla/auditd telemetry, webshell artifacts, Sigma rules, MITRE ATT&CK mapping and mitigation recommendations.
Create: 2026-06-18 22:12:15 +0000 UTC Push: 2026-06-18 22:12:16 +0000 UTC |

error-inside/CVE-2026-39808 Fortinet FortiSandbox 4.4.0-4.4.8 - OS Command Injection via tracer-behavior Endpoint
Create: 2026-06-18 20:32:26 +0000 UTC Push: 2026-06-18 20:32:27 +0000 UTC |

error-inside/CVE-2026-10520 Root-Level RCE via OS Command Injection in Ivanti Sentry
Create: 2026-06-18 20:20:55 +0000 UTC Push: 2026-06-18 20:20:56 +0000 UTC |

error-inside/CVE-2026-47670 Authenticated Remote Code Execution via loadReader functionName code injection in DbGate
Create: 2026-06-18 20:12:54 +0000 UTC Push: 2026-06-18 20:12:55 +0000 UTC |

vqec/CVE-2021-4034
Create: 2026-06-18 19:33:04 +0000 UTC Push: 2026-06-18 19:33:17 +0000 UTC |

Polosss/By-Poloss..-..CVE-2026-7515-PoC Unauthenticated Local File Inclusion
Create: 2026-06-18 19:02:31 +0000 UTC Push: 2026-06-18 19:02:32 +0000 UTC |

itsthalisman/cve-2026-3359-exp A PoC/exploit written in python for the vulnerability CVE-2026-3359 situated within Form Maker by 10Web.
Create: 2026-06-18 17:51:58 +0000 UTC Push: 2026-06-18 17:51:59 +0000 UTC |

0xBlackash/CVE-2026-40369 CVE-2026-40369
Create: 2026-06-18 16:16:17 +0000 UTC Push: 2026-06-18 16:16:18 +0000 UTC |

fevar54/CVE-2026-54420-LiteSpeed-Symlink-Exploit A vulnerability in LiteSpeed cPanel Plugin before 2.4.8 and WHM Plugin before 5.3.2.0 mishandles symlinks provided by a user with FTP or web shell access on a shared hosting server running CloudLinux/CageFS.
Create: 2026-06-18 15:18:55 +0000 UTC Push: 2026-06-18 15:18:56 +0000 UTC |

0xCyberstan/CVE-2026-46215-POC
Create: 2026-06-18 14:39:11 +0000 UTC Push: 2026-06-18 14:39:12 +0000 UTC |

BenedictEjepu/CVE-2024-24945-NGINX-RIFT---TryHackMe-Lab-Walkthrough This lab demonstrates the exploitation of CVE-2024-24945, a heap corruption vulnerability affecting NGINX. The objective was to understand how memory corruption can lead to Remote Code Execution (RCE) and gain practical experience in exploitation, detection, and mitigation techniques.
Create: 2026-06-18 14:12:08 +0000 UTC Push: 2026-06-18 14:12:09 +0000 UTC |

hacbs-release-tests/collectors-no-cve-3b20fe8b
Create: 2026-06-18 13:52:20 +0000 UTC Push: 2026-06-18 13:53:00 +0000 UTC |

0xc03307b/CVE-2026-49975 HTTP2-Bomb
Create: 2026-06-18 13:17:37 +0000 UTC Push: 2026-06-18 06:00:02 +0000 UTC |