Machine-farmer

2 exploits Active since Sep 2024

CVE-2025-55182 NOMISEC CRITICAL WORKING POC

React Server Components <19.2.0 - RCE

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

1 stars

CVSS 10.0

View Code

CVE-2024-8503 GITHUB CRITICAL python WORKING POC

VICIdial Authenticated Remote Code Execution

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database.

CVSS 9.8

View Code