695 matches found
CVE-2024-8651
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 !imagehttps://github.com/user-attachments/ass...
Exploit for SQL Injection in Code-Projects Patient_Record_Management_System
CVE-2025-32433 Erlang SSH Library Exploit A proof-of-concept...
📄 WBCE CMS 1.6.3 Remote Code Execution
WBCE CMS version 1.6.3 suffers from an authenticated remote code execution vulnerability. Exploit Title: WBCE CMS " exit 1 fi if -z "$which nc" ; then echo "! Netcat is not installed." exit 1 fi ip=$1 port=$2 rm -rf shellModule.zip rm -rf shellModule mkdir shellModule echo Crafting Payload cat...
WBCE CMS 1.6.3 - Authenticated Remote Code Execution (RCE)
Exploit Title: WBCE CMS " exit 1 fi if -z "$which nc" ; then echo "! Netcat is not installed." exit 1 fi ip=$1 port=$2 rm -rf shellModule.zip rm -rf shellModule mkdir shellModule echo Crafting Payload cat shellModule/info.php ?php / @category modules @package Reverse Shell @author Swammers8 @link...
Webmin 2.202 Remote Command Execution
Webmin version 2.202 remote command execution exploit that provides a reverse shell. ============================================================================================================================================= | Title : Webmin 2.202 Reverse Shell attack | | Author : indoushka | |...
Exploit for Uncontrolled Search Path Element in Needrestart_Project Needrestart
CVE-2024-48990 Exploit My full writeup for how I came to re-...
XXE in PHPSpreadsheet's XLSX reader
Summary The XmlScanner class has a scan method which should prevent XXE attacks. However, we found another bypass than the previously reported CVE-2024-47873, the regexes from the findCharSet method, which is used for determining the current encoding can be bypassed by using a payload in the...
Writing a BugSleep C2 server and detecting its traffic with Snort
In June 2024, security researchers published their analysis of a novel implant dubbed "MuddyRot"aka "BugSleep". This remote access tool RAT gives operators reverse shell and file input/output I/O capabilities on a victim's endpoint using a bespoke command and control C2 protocol. This blog will...
Exploit for Code Injection in Sqlpad
How It Works: This PHP code is designed to exploit a Remot...
Exploit for Command Injection in Netgate Pfsense
pfSense 2.7.0 Command Injection Exploit CVE-2023-42326 This...
Exploit for Command Injection in Netgate Pfsense
pfSense 2.7.0 Command Injection Exploit CVE-2023-42326 This...
Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms
CVE-2023-4220-RCE Summary Starlabs advisoryhtt...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 !imagehttps://github.com/user-attachments/ass...
Exploit for CVE-2024-4439
Exploit CVE-2024-4439 This Python script demonstrates an exp...
Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
TPAS Log4Shell PoC This repository contains a Proof of Concep...
Exploit for Deserialization of Untrusted Data in Flask-Caching_Project Flask-Caching
It is an offensive tool for web exploitation. This PoC exploit t...
TitanNit Web Control 2.01 / Atemio 7600 Code Injection
============================================================================================================================================= | Title : TitanNit Web Control 2.01 / Atemio 7600 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser :...
CVE-2024-8651
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor...
CVE-2024-8652
A vulnerability in NetCat CMS allows an attacker to execute JavaScript code in a user's browser when they visit specific path on the site. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ https://netcat.ru/ . Versions 6.4.0.24248 and o...