Marven11 - Security Researcher - Exploit Intelligence Platform

CVE-2024-28397 NOMISEC MEDIUM WORKING POC

pyload-ng js2py - Remote Code Execution

An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.

71 stars

CVSS 5.3

View Code

CVE-2024-39205 NOMISEC CRITICAL WORKING POC

pyload-ng <0.5.0b3.dev85 - RCE

An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request.

17 stars

CVSS 9.8

View Code

CVE-2024-28397 NOMISEC MEDIUM WORKING POC

pyload-ng js2py - Remote Code Execution

An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.

5 stars

CVSS 5.3

View Code

CVE-2024-28397 METASPLOIT MEDIUM ruby WORKING POC

pyload-ng js2py - Remote Code Execution

An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.

CVSS 5.3

View Code