Exploit for Code Injection in Rejetto Http_File_Server

Unauthenticated RCE Flaw in Rejetto HTTP File Server CVE-2024...

Exploit for Improper Access Control in Apache Hugegraph

Remote Code Execution vulnerability in Apache HugeGraph Server...

Exploit for Expression Language Injection in Atlassian Confluence_Data_Center

CVE-2022-26134 CVE-2022-26134 - Confluence Pre-Auth RCE | OGNL...

Exploit for Incorrect Authorization in Pydio Cells

PoC for CVE-2023-32749 This is a quick and dirty PoC I wrote...

Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity

CVE-2023-42793 - TeamCity Admin Account Creation lead to RCE...

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

PAN-OS Firewall Command Injection Vulnerability This reposito...

Deserialization of Untrusted Data in timber/timber

Summary Timber is vulnerable to PHAR deserialization due to a lack of checking the input before passing it into the fileexists function. If an attacker can upload files of any type to the server, he can pass in the phar:// protocol to unserialize the uploaded file and instantiate arbitrary PHP...

Exploit for SQL Injection in Wpdeveloper Notificationx

CVE-2024-1698 Exploit Script - Wordpress NotificationX = 2.8...

Exploit for Improper Input Validation in Microsoft

🇮🇱 BringThemHome NeverAgainIsNow 🇮🇱 We demand the...

Exploit for Code Injection in Wwbn Avideo

AVideo CVE-2024-31819 🎥🔒💥 This Python script is an exploit fo...

Exploit for Authentication Bypass Using an Alternate Path or Channel in Connectwise Screenconnect

ConnectWise ScreenConnect: Authentication Bypass Introduct...

Akaunting < 3.1.3 - RCE

Exploit Title: Akaunting 3.1.3 - RCE Date: 08/02/2024 Exploit Author: [email protected] Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests...

Exploit for OS Command Injection in Cacti

Command injection vulnerability in Cacti CVE-2023-39362 - Po...

Exploit for Command Injection in Ivanti Connect_Secure

Introduction 🌐 This repository contains a Python script desi...

Exploit for CVE-2023-47400

CVE-2023-47400 Proof of Concept for the CVE-2023-47400 Aut...

Exploit for Injection in Atlassian Confluence_Data_Center

CVE-2023-22527: Atlassian Confluence Vulnerability Introdu...

Exploit for Code Injection in Sitecore Experience_Commerce

Sitecore Remote Code Execution Vulnerability CVE: 2023-35813 d...

Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity

CVE-2023-42793 Exploit Script Overview This script is des...

Exploit for Files or Directories Accessible to External Parties in Apache Struts

CVE-2023-50164: Apache Struts path traversal to RCE vulnerabil...

selfpoc

It is an offensive tool for web exploitation. The repository con...