Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow (RCE)

Exploit Title: Linksys E1200 2.0.04 - Authenticated Stack Buffer Overflow RCE Date: 2026-15-03 Exploit Author: JarrettgxzSec Vendor Homepage: www.linksys.com Version: FW " printf"! Example: python3 sys.argv0 192.168.1.100 192.168.1.1\n" sys.exit1 TARGETIP = sys.argv2 TARGETPORT = 80 ATTACKERIP =...

Xibo CMS 4.3.0 - RCE via SSTI

Exploit Title: Xibo CMS - Authenticated Remote Code Execution via SSTI Date: 2025-11-04 Exploit Author: Cristian Branet Vendor Homepage: https://xibosignage.com/ Software Link: https://github.com/xibosignage/xibo-cms/ Version: 4.3.1 Tested on: Linux Ubuntu 22.04 CVE : CVE-2025-62639 Article:...

EUVD-2026-25226

SocialEngine versions 7.8.0 and prior contain a blind server-side request forgery vulnerability in the /core/link/preview endpoint where user-supplied input passed via the uri request parameter is not sanitized before being used to construct outbound HTTP requests. Authenticated remote attackers...

📄 Hoverfly 1.11.3 Remote Command Execution

This Python script is an exploitation tool targeting a vulnerable Hoverfly API endpoint, specifically the /api/v2/hoverfly/middleware functionality, which allows execution of user-supplied input through a backend binary...

Exploit for CVE-2025-68999

CVE-2025-68999 Happy Addons for Elementor = 3.20.4 —...

Exploit for Code Injection in Flowiseai Flowise

CVE-2025-59528-PoC A simple python script to exploit CVE-2025-...

CVE-2026-3689

OpenClaw Canvas contains a path traversal information disclosure in the canvas gateway endpoint due to improper validation of user-supplied path parameters. The issue, affecting OpenClaw Canvas (various versions), can allow remote attackers to disclose sensitive information within the service acc...

📄 Horilla 1.3 Remote Command Execution

Horilla versions 1.3 and below suffer from a remote command execution vulnerability. Exploit Title: Horilla v1.3 - RCE Date: 2025-05-29 Exploit Author: Raghad Abdallah Al-syouf Version: = 1.3 Tested on: Ubuntu / Docker CVE: CVE-2025-48868 Description: This script exploits the authenticated RCE...

CVE-2026-3618

The CVE concerns the WordPress plugin Columns by BestWebSoft (

Exploit for CVE-2026-34156

\ CVE-2026-34156 — NocoBase Sandbox Escape to RCE \ Descri...

PT-2026-30866

FTLDNS pihole-FTL provides an interactive API and also generates statistics for Pi-hole's Web interface. From 6.0 to before 6.6, the Pi-hole FTL engine contains a Remote Code Execution RCE vulnerability in the DNS CNAME records configuration parameter dns.cnameRecords. This vulnerability allows a...

CVE-2026-31351

The CVE-2026-31351 entry describes an authenticated stored XSS vulnerability in Feehi CMS v2.1.1, exploitable via crafting payloads in the Title field during creation/editing. The issue is confirmed across multiple connected sources (RH Red Hat, EUVD ENISA, GHSA advisories, NVD/NVD-linked records...

CVE-2026-28797

RAGFlow is an open-source RAG Retrieval-Augmented Generation engine. In versions 0.24.0 and prior, a Server-Side Template Injection SSTI vulnerability exists in RAGFlow's Agent workflow Text Processing StringTransform and Message components. These components use Python's jinja2.Template unsandbox...

CVE-2026-4317

SQL inyection SQLi vulnerability in Umami Software web application through an improperly sanitized parameter, which could allow an authenticated attacker to execute arbitrary SQL commands in the database.Specifically, they could manipulate the value of the 'timezone' request parameter by includin...

CVE-2026-29513

Hereta ETH-IMC408M firmware version 1.0.15 and prior contain a stored cross-site scripting vulnerability that allows authenticated attackers to inject arbitrary JavaScript by manipulating the Device Location field. Attackers can inject malicious scripts through the System Status interface that...

CodoForum-v5.1---Remote-Code-Execution-RCE-

CodoForum v5.1 - Authenticated RCE Fixed Exploit CVE: 20...

PT-2026-26605

WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurar produto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the id produto GET parameter...

CVE-2026-2512

The Code Embed plugin for WordPress is vulnerable to Stored Cross‑Site Scripting up to version 2.5.1. The root cause is the sanitization function sec_check_post_fields() only runs on save_post, while custom fields can be added via the wp_ajax_add_meta endpoint without triggering save_post. The ce...

Exploit for OS Command Injection in Webmin

Webmin 1.910 — Remote Code Execution ██╗ ██╗███╗ ██╗█...

Exploit for CVE-2024-51482

CVE-2024-51482-PoC Authenticated time-based blind SQL injecti...