Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 RCE Pseudoshell This script leverages CVE-2023...

Exploit for CVE-2023-38646

CVE-2023-38646-exploit "This vulnerability, designated as CVE-...

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

CVE-2023-22515 Exploit Script 🔐 This script is designed to ex...

Exploit for Race Condition in Microsoft

CVE-2023-36884: MS Office HTML RCE with crafted documents On...

Media Library Assistant < 3.10 - Unauthenticated Local/Remote File Inclusion & Remote Code Execution

Description The plugin is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mlastreamfile' parameter from the /includes/mla-stream-image.php file, where images are processe...

Exploit for CVE-2020-14882

CVE-2020-14882 This script enables remote code execution RCE...

Exploit for Improper Privilege Management in Wpdeveloper Reviewx

CVE-2023-2833 Mass Exploit Generator by Alucard0x1 This repos...

Exploit for Incorrect Permission Assignment for Critical Resource in Mobyproject Moby

CVE-2021-41091 This exploit offers an in-depth look at the CV...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 A Demonstration to show the CVE-2021-41773 vul...

ASKEY RTF3505VW-N1 - Privilege Escalation

Exploit Title: ASKEY RTF3505VW-N1 - Privilege escalation Date: 07-12-2022 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.askey.com Platform: ASKEY router devices RTF3505VW-N1 Tested on: Firmware BRSVg000R3505VMN1001s327 Vulnerability analysis:...

Exploit for SQL Injection in Zte Mf286R_Firmware

CVE-2022-39066 Firmware details: wainnerversion: BDPO...

Simple Single Sign On <= 4.1.0 - Authentication Bypass

The plugin leaks its OAuth clientsecret, which could be used by attackers to gain unauthorized access to the site. When we click the "Single Sign On" button, the plugin redirects us to the OAuth server to authenticate ourselves if we are not logged in. The button invokes the following URL:...

Simple Single Sign On <= 4.1.0 - Authentication Bypass

The plugin leaks its OAuth clientsecret, which could be used by attackers to gain unauthorized access to the site. PoC When we click the "Single Sign On" button, the plugin redirects us to the OAuth server to authenticate ourselves if we are not logged in. The button invokes the following URL:...

Exploit for OS Command Injection in Apache Spark

CVE-2022-33891 Apache Spark Shell Command Injection Vulnerabil...

FOISted

| / ...

Exploit for Path Traversal in Apache Http_Server

CVE-2021-41773 Essay 🕸️ Description 🖼️ This repository co...

Exploit for SQL Injection in Anuko Time_Tracker

PoC for CVE-2022-24707 SQL Injection Vulnerability on Puncher...

Exploit for CVE-2015-1328

CVE-2015-1328-GoldenEye about exploit: The overlayfs imple...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Log4j Simple Exploit A Proof-Of-Concept Exploit for CVE-202...

Exploit for Code Injection in Gitlab

The provided code is a Python script that exploits a vulnerability in GitLab CE/EE versions 11.9 and earlier. The vulnerability is related to the way GitLab handles image files, allowing an attacker to execute arbitrary code on the server. Here's a breakdown of the code: 1. The script starts by...