neocorp-ctf-backend

No d...

naughty-images

This repository contains a collection of SVG images that exploit the SVG vulnerability in various browsers, allowing for cross-site scripting XSS attacks. The images are designed to trigger the vulnerability when loaded in a browser, potentially allowing an attacker to execute malicious code on t...

Exploit for Cross-site Scripting in Livehelperchat Live_Helper_Chat

Exploit Title: LiveHelperCh...

CVE-2020-25498

Cross Site Scripting XSS vulnerability in Beetel router 777VR1 can be exploited via the NTP server name in System Time and "Keyword" in URL Filter...

Apache Tomcat 11.0.3 - Remote Code Execution

Exploit Title: Apache Tomcat Path Equivalence - Remote Code Execution Exploit Author: Al Baradi Joy CVE: CVE-2025-24813 Date: 2025-04-06 Vendor Homepage: https://tomcat.apache.org/ Software Link: https://tomcat.apache.org/download-90.cgi Version: Apache Tomcat 11.0.3 / 10.1.35 / 9.0.98 Tested on:...

Google Chrome Security Bypass Vulnerability (CNVD-2025-12383)

Google Chrome is a WEB browser developed by Google Inc. Google Chrome suffers from a security bypass vulnerability, which is caused due to improper implementation in Select. An attacker can exploit the vulnerability to bypass security restrictions...

XAMPPv3.3.0-BOF

XAMPPv3.3.0-BOF Proof-of-Concept exploit code for XAMPP v3.3.0...

Exploit for Type Confusion in Linux Linux_Kernel

CVE-2022-34918 LPE POC 尝试结合了一下360提出的USMAhttps://vul.360.ne...

CVE-2022-30190

A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs,...

Cisco Smart Install Remote Code Execution(CVE-2018-0171)

Introduction Application: Cisco IOS, Cisco IOS-XE Vendor: Cisco Bugs: Stack-based buffer overflow CWE-20, CWE-121 Risk: Critical; AV:N/AC:L/Au:N/C:C/I:C/A:C 10.0 A stack-based buffer overflow vulnerability was found in Smart Install Client code. This vulnerability enables an attacker to remotely...

Microsoft Windows 7/8.1/2008 R2/2012 R2/2016 R2 - EternalBlue SMB Remote Code Execution (MS17-010) E

Exploit for windows platform in category remote exploits !/usr/bin/python from impacket import smb, smbconnection from mysmb import MYSMB from struct import pack, unpack, unpackfrom import sys import socket import time ''' MS17-010 exploit for Windows 7+ by sleepya Note: - The exploit should neve...

Threat actors leverage EternalBlue exploit to deliver non-WannaCry payloads

The “EternalBlue” exploit MS017-010 was initially used by WannaCry ransomware and Adylkuzz cryptocurrency miner. Now more threat actors are leveraging the vulnerability in Microsoft Server Message Block SMB protocol – this time to distribute Backdoor.Nitol and Trojan Gh0st RAT. FireEye Dynamic...

Microsoft Offers Analysis of Zero-Day Exploited By Zirconium Group

Microsoft has released technical details on a zero-day vulnerability being exploited by a little-known APT group known as Zirconium. According to the company the vulnerability CVE-2017-0005 affects mostly older versions of Windows and can allow an adversary to execute remote code if a user either...

lftp <= 2.6.9 - Remote Stack based Overflow Exploit

No description provided by source. / lftp remote stack-based overflow exploit by Li0n7 voila fr Vulnerability discovered by Ulf Harnhammar Ulf.Harnhammar.9485 student uu se Lftp versions later than 2.6.10 are prone to a remotly exploitable stack-based overflow in trynetscapeproxy and trysquideplf...

Linux kernel 3.14-rc1 <= 3.15-rc4 - Raw Mode PTY Local Echo Race Condition (x64) Local Privilege Escalation

No description provided by source. / CVE-2014-0196: Linux kernel = v3.15-rc4: raw mode PTY local echo race condition Slightly-less-than-POC privilege escalation exploit For kernels = v3.14-rc1 Matthew Daley [email protected] Usage: $ gcc cve-2014-0196-md.c -lutil -lpthread $ ./a.out + Resolving...

Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/exploit/exe' class...

Microsoft Launches $100,000 Bug Bounty Program

After years of saying that the company didn’t need a bug bounty program, Microsoft is starting one. The company today will announce the start of a new program that will pay security researchers up to $100,000 for serious vulnerabilities and as much as $50,000 for new defensive techniques that hel...

Attackers Exploiting Critical Flash Bug Via Drive-By Download

Attackers have begun actively exploiting the critical Adobe Flash vulnerability that Adobe patched last week, using rigged Web pages and phishing techniques to compromise vulnerable machines. The attack code is being hosted on a number of sites around the Web right now, researchers said. Adobe...

Microsoft IIS FTP Server NLST Response Overflow

$Id: ms09053ftpdnlst.rb 10558 2010-10-05 23:39:14Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

UFO: Alien Invasion v2.2.1 BoF Exploit (Win7 ASLR and DEP Bypass)

Exploit for windows platform in category remote exploits ================================================================= UFO: Alien Invasion v2.2.1 BoF Exploit Win7 ASLR and DEP Bypass ================================================================= !/usr/bin/python Exploit Title: UFO: Alien...