TP-Link TL-WR902AC Remote Code Execution

!/usr/bin/python3 Exploit Title: TP-Link TL-WR902AC firmware 210730 V3 - Remote Code Execution RCE Authenticated Exploit Author: Tobias Müller Date: 2022-12-01 Version: TL-WR902ACEUV30.9.1 Build 220329 Vendor Homepage: https://www.tp-link.com/ Tested On: TP-Link TL-WR902AC Vulnerability...

Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow

Exploit Title: Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow Exploit Date: 22.01.2023 Discovered and Written by: Knursoft Vendor Homepage: https://www.rockstargames.com/ Version: v1.1 Tested on: Windows XP SP2/SP3, 7, 10 21H2 CVE : N/A 1 - Run this python script to generate...

eXtplorer<= 2.1.14 - Authentication Bypass & Remote Code Execution (RCE)

Exploit Title: eXtplorer= 2.1.14 - Authentication Bypass & Remote Code Execution RCE Exploit Author: ErPaciocco Author Website: https://erpaciocco.github.io Vendor Homepage: https://extplorer.net/ Vendor: ============== extplorer.net Product: ================== eXtplorer = v2.1.14 eXtplorer is a...

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963-Reverse-Shell-Exploit This is a Python script t...

Exploit for Code Injection in Vmware Spring_Cloud_Function

CVE-2022-22963 Reverse Shell Exploit This is a Python script...

Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links

In what's a continuing assault on the open source ecosystem, over 15,000 spam packages have flooded the npm repository in an attempt to distribute phishing links. "The packages were created using automated processes, with project descriptions and auto-generated names that closely resembled one...

SUSE CVE-2015-4605

The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service application crash or possibly execute...

SUSE CVE-2015-4604

The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service application crash or possibly...

Bitwarden: Biometric key is stored in Windows Credential Manager, accessible to other local unprivileged processes

A vulnerability in Bitwarden Desktop for Windows allowed a local attacker to access the biometric master key used for unlocking the vault through Windows Hello. The key was stored in plaintext in the Windows Credential Manager, accessible to any local unprivileged process. This allowed an attacke...

Darkdump2 - Search The Deep Web Straight From Your Terminal

About Darkdump Recent Notice - 12/27/22 Darkdump is a simple script written in Python3.11 in which it allows users to enter a search term query in the command line and darkdump will pull all the deep web sites relating to that query. Darkdump2.0 is here, enjoy! Installation 1. git clone...

Exploit for OS Command Injection in Exiftool_Project Exiftool

Introduction CVE-2022-23935 exploit PoC exiftool...

SQLiDetector - Helps You To Detect SQL Injection "Error Based" By Sending Multiple Requests With 14 Payloads And Checking For 152 Regex Patterns For Different Databases

Simple python script supported with BurpBouty profile that helps you to detect SQL injection "Error based" by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases. +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- | S|Q|L|i|...

Exploit for SQL Injection in Reputeinfosystems Bookingpress

CVE-2022-0739 My take on CVE-2022-0739 BookingPress exploit,...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388 RCE, Reverse Shell, and Auto-Export PCAP --...

Exploit for OS Command Injection in Contao

CVE-2022-26265 Contao CMS RCE This repo is part of the h...

InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE

The plugin insecurely uses PHP's extract function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers. PoC Invoke the following shell commands to disclose the /etc/passwd file: Define the payload "pagepath"...

User Registration < 2.2.4.1 - Subscriber+ Arbitrary File Upload

The plugin does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example. The following Python script automates the exploitation of this plugin by uploading ...

Directorist < 7.4.2.2 - Subscriber+ Arbitrary User Password Update via IDOR

The plugin suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own. PoC The following Python script automates the exploitation of this vulnerability. The script was tested on an installation of WordPress 6.1 with the vulnerable...

Directorist < 7.4.2.2 - Subscriber+ Arbitrary User Password Update via IDOR

The plugin suffers from an IDOR vulnerability which an attacker can exploit to change the password of arbitrary users instead of his own. The following Python script automates the exploitation of this vulnerability. The script was tested on an installation of WordPress 6.1 with the vulnerable...

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947 Usage: python3 CVE-2022-22947.py url...