Exploit for CVE-2026-27778

PoC-SimulatorCVE-2026-27778...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Demonstration of the Log4jShell Exploit This code may contain...

Exploit for CVE-2025-40554

CVE-2025-40554 – SolarWinds Web Help Desk Auth Bypass PoC Pro...

Exploit for CVE-2025-36911

WPair CVE-2025-36911 eg WhisperPair Vulnerability Scanner...

📄 Laravel Pulse 1.3.1 Arbitrary Code Injection

Proof of concept exploit written in PHP for Laravel Pulse version 1.3.1. This version of Laravel Pulse suffers from an arbitrary code injection vulnerability...

EUVD-2008-5514

Malware in sbrugna...

Exploit for CVE-2025-8625

CVE-2025-8625 — PoC Обзор В репозитории храняться исходные...

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CVE-2025-5777 Exploit Tool 🔥 A powerful educational tool...

MS SWIFT Remote Code Execution via unsafe PyYAML deserialization

Description A Remote Code Execution RCE vulnerability exists in the modelscope/ms-swift project due to unsafe use of yaml.load in combination with vulnerable versions of the PyYAML library ≤ 5.3.1. The issue resides in the tests/run.py script, where a user-supplied YAML configuration file is...

Pterodactyl Panel 1.11.11 - Remote Code Execution (RCE)

Exploit Title: Pterodactyl Panel 1.11.11 - Remote Code Execution RCE Date: 22/06/2025 Exploit Author: Zen-kun04 Vendor Homepage: https://pterodactyl.io/ Software Link: https://github.com/pterodactyl/panel Version: 1.11.11 Tested on: Ubuntu 22.04.5 LTS CVE: CVE-2025-49132 import requests import js...

Exploit for CVE-2024-55656

CVE-2024-55656 - Redis Stack - RedisBloom Integer Overflow R...

Exploit for Deserialization of Untrusted Data in Google Android

Exploration of CVE-2024-31317 CVE-2024-31317 provides unprivi...

Exploit for Deserialization of Untrusted Data in Apache Parquet_Java

TRAI-001 CVE-2025-30065: Apache Parquet Remote Code Execution...

Exploit for Code Injection in Foxcms

POC - CVE-2025-29306 FOXCMS /images/index.html Code Execution...

📄 phpMyFAQ 3.1.7 Cross Site Scripting

phpMyFAQ version 3.1.7 suffers from a cross site scripting vulnerability. Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/thorsten/phpMyFAQ Software Link: https://github.com/thorsten/phpMyFAQ Versio...

OpenPanel Copy and View functions in the File Manager 0.3.4 - Directory Traversal

Exploit Title: OpenPanel Copy and View functions in the File Manager 0.3.4 - Directory Traversal Date: Nov 25, 2024 Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macO...

📄 flatCore Cross Site Request Forgery

flatCore versions prior to 1.5 suffer from a cross site request forgery vulnerability. Exploit Title: flatCore CSRF PoC Replace Your Domain Name...

phpIPAM 1.6 - Reflected Cross Site Scripting (XSS)

Exploit Title: phpIPAM 1.6 - Reflected Cross Site Scripting XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam Software Link: https://github.com/phpipam/phpipam Version: 1.5.1 Tested on: Ubuntu Windows CVE : CVE-2023-24657 PoC:...

📄 flatCore 1.5.5 Shell Upload

flatCore version 1.5.5 suffers from a remote shell upload vulnerability. Exploit Title: flatCore Arbitrary .php File Upload via acp/acp.php Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/flatCore/flatCore-CMS Software Link: https://github.com/flatCore/flatCore-CMS...

Exploit for Code Injection in Langchain Langchain-Experimental

CVE-2024-21513 PoC for CVE-2024-21513 Original exploit documen...