Exploit for Path Traversal in Rarlab Winrar

PoC exploit for CVE-2025-8088, a vulnerability in WinRAR. The ta...

rteval bug fix update

An update is available for rteval. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The rteval packages contain a utility for measuring realtime scheduler latency...

Exploit for Improper Input Validation in Cacti

Cacti CVE-2024-25641 Authenticated Package Upload RCE Proof of...

Exploit for SQL Injection in Valvepress Automatic

Wordpress SQLI-2-RCE Exploit - This Python script exploits CVE...

openSUSE Security Advisory (SUSE-SU-2024:1639-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Apache mod_proxy_cluster 1.2.6 - Stored XSS

import requests import argparse from bs4 import BeautifulSoup from urllib.parse import urlparse, parseqs, urlencode, urlunparse from requests.exceptions import RequestException class Colors: RED = '\03391m' GREEN = '\0331;49;92m' RESET = '\0330m' def getclustermanagerurlbaseurl, path:...

Sr2T - Converts Scanning Reports To A Tabular Format

Scanning reports to tabular sr2t This tool takes a scanning tool's output file, and converts it to a tabular format CSV, XLSX, or text table. This tool can process output from the following tools: 1. Nmap XML; 2. Nessus XML; 3. Nikto XML; 4. Dirble XML; 5. Testssl JSON; 6. Fortify FPR. Rationale...

Viessmann Vitogate 300 2.1.3.0 Remote Code Execution

Exploit Title: Viessmann Vitogate 300 = 2.1.3.0 - Remote Code Execution RCE - Shodan Dork: http.title:'Vitogate 300' - Exploit Author: ByteHunter - Email: [email protected] - Version: versions up to 2.1.3.0 - Tested on: 2.1.1.0 - CVE : CVE-2023-5702 & CVE-2023-5222 import argparse import...

Boss Mini 1.4.0 - local file inclusion Exploit

Exploit Title: Boss Mini 1.4.0 - local file inclusion Exploit Author: nltt0 https://github.com/nltt-br CVE: CVE-2023-3643 ''' / \ | | / | | / / | | \ --. | | / | |/ | ' \ / |/ / | --. \ | /\ | | | | | | | | | | \ // / /,||,|| ||, |/|// / | |/ ''' from requests import post from...

Exploit for Missing Authentication for Critical Function in Jetbrains Teamcity

CVE-2023-42793 Exploit Script Overview This script is des...

NetworkAssessment - With Wireshark Or TCPdump, You Can Determine Whether There Is Harmful Activity On Your Network Traffic That You Have Recorded On The Network You Monitor

The Network Compromise Assessment Tool is designed to analyze pcap files to detect potential suspicious network traffic. This tool focuses on spotting abnormal activities in the network traffic and searching for suspicious keywords. DNS Tunneling Detection : Identifies potential covert...

DoSinator - A Powerful Denial Of Service (DoS) Testing Tool

DoSinator is a versatile Denial of Service DoS testing tool developed in Python. It empowers security professionals and researchers to simulate various types of DoS attacks, allowing them to assess the resilience of networks, systems, and applications against potential cyber threats. Features...

PyLoad 0.5.0 - Pre-auth Remote Code Execution Exploit

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import requests, argparse...

PyLoad 0.5.0 Remote Code Execution

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)

Exploit Title: PyLoad 0.5.0 - Pre-auth Remote Code Execution RCE Date: 06-10-2023 Credits: bAu @bauh0lz Exploit Author: Gabriel Lima 0xGabe Vendor Homepage: https://pyload.net/ Software Link: https://github.com/pyload/pyload Version: 0.5.0 Tested on: Ubuntu 20.04.6 CVE: CVE-2023-0297 import...

PassMute - PassMute - A Multi Featured Password Transmutation/Mutator Tool

This is a command-line tool written in Python that applies one or more transmutation rules to a given password or a list of passwords read from one or more files. The tool can be used to generate transformed passwords for security testing or research purposes. Also, while you doing pentesting it...

FLEX 1080 < 1085 Web 1.6.0 - Denial of Service

Exploit Title: FLEX 1080 1085 Web 1.6.0 - Denial of Service Date: 2023-05-06 Exploit Author: Mr Empy Vendor Homepage: https://www.tem.ind.br/ Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 Version: 1.6.0 Tested on: Android CVE ID: CVE-2022-2591 !/usr/bin/env python3 import request...

Updated python-ujson packages fix security vulnerability

Benchmark refactor - argparse CLI. Fix segmentation faults when errors occur while handling unserialisable objects. Fix segmentation fault when an exception is raised while converting a dict key to a string. Fix memory leak dumping on non-string dict keys - Fix ref counting on repeated default...

MGASA-2022-0222 Updated python-ujson packages fix security vulnerability

Benchmark refactor - argparse CLI. Fix segmentation faults when errors occur while handling unserialisable objects. Fix segmentation fault when an exception is raised while converting a dict key to a string. Fix memory leak dumping on non-string dict keys - Fix ref counting on repeated default...

Exploit for Code Injection in Vmware Spring_Framework

CVE-2022-22965 CVE-2022-22965 EXP General environme...