cve-research

CVE Research Personal repository for CVE analysis, proof-of-c...

Exploit for CVE-2026-34234

CVE-2026-34234 - CtrlPanel Installer RCE Lab Local Docker lab...

Exploit for CVE-2026-47100

CVE-2026-47100 — FunnelKit / Funnel Builder for WooCommerce Ch...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Security Lab "React2Shell" This repository c...

Exploit for CVE-2026-42945

CVE-2026-42945 nginx 32-bit Exploit Lab This repository is a...

Exploit for Improper Access Control in Joomla Joomla\!

Full-Lifecycle CMS Penetration Testing Joomla 4.2.5 📌 Pr...

wafuzz

wafuzz — Web Pentesting Orchestrator Interactive CLI web secu...

Exploit for CVE-2026-5718

CVE-2026-5718 Local Docker Lab Local-only vulnerable vs patch...

GHSA-3258-QMV8-FRP3 free5GC's SMF UPI management interface lacks auth middleware; unauthenticated topology read/write requests reach handlers

Summary free5GC's SMF mounts the UPI management route group without OAuth2/bearer-token authorization middleware. A network attacker who can reach SMF on the SBI can hit UPI endpoints with no Authorization header at all, and the requests reach the SMF business handlers. In the running Docker lab...

Exploit for CVE-2026-3844

CVE-2026-3844 — Breeze Cache Unauthenticated Arbitrary File Up...

Exploit for Heap-based Buffer Overflow in Postgresql

CVE-2026-2005 — PostgreSQL pgcrypto Heap Overflow Lab A self-...

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 — marimo Pre-Auth Terminal WebSocket RCE Lab...

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 — marimo Pre-Auth Terminal WebSocket RCE Lab...

Exploit for Missing Authentication for Critical Function in Coreweave Marimo

CVE-2026-39987 Lab Guide Pre-Auth Remote Code Execution v...

Exploit for Improper Input Validation in Python

CVE-2023-24329 — Parser Differential Lab Educational use...

Exploit for Improper Handling of Exceptional Conditions in Apache Struts

Attacker Lab: CVE-2017-5638 & CVE-2021-41773 A 7-host Docker-...

Exploit for Off-by-one Error in Sudo_Project Sudo

CVE-2021-3156 — "Baron Samedit" Lab & Exploit This repository...

Exploit for Out-of-bounds Read in Openssl

CVE-2014-0160 Lab dựng lab sử dụng Heartbleed để leak memory...

Exploit for Cross-site Scripting in Strategy11 Formidable_Form_Builder

CVE-2017-20192 — Formidable Forms WordPress — Vulnerable Doc...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 Toolkit & Lab Educational Only Lightweight G...