274178 matches found
Exploiting-RCC
Exploiting open ports in RCC Service Having all RCC ports ope...
Exploit for CVE-2026-4257
No d...
Exploit for Type Confusion in Google Chrome
No d...
Exploit for Type Confusion in Google Chrome
No d...
choreo-waf-poc
waf-poc — Choreo CP WAF Bake-Off OpenResty Three-way WAF ev...
strix-advanced
⚡ Strix-Advanced AI-Powered Security Testing Platform An...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 "Copy Fail" - Research & Pentesting Tool !Li...
📄 Fuel CMS 1.4.1 PHP Code Injection
This Metasploit module targets a remote code execution vulnerability in Fuel CMS version 1.4.1. The issue stems from improper input sanitization in the filter parameter, which is passed into a dangerous PHP evaluation eval context, enabling code injection...
📄 strongSwan 4.5.0 EAP-TTLS Integer Underflow
This Metasploit auxiliary module is designed to detect a vulnerability in strongSwan's EAP-TTLS implementation, identified as CVE-2026-25075. The issue is related to an integer underflow in the handling of AVP Attribute-Value Pair length fields during IKE-related UDP communication...
📄 Contact Form by Supsystic 1.7.36 Server-Side Template Injection
Contact Form by Supsystic versions 1.7.36 and below server-side template injection exploit that achieves remote code execution. import requests import argparse import re import urllib.parse def checksstiurl, fieldname: printf" Testing SSTI on url with field fieldname..." Simple arithmetic test...
📄 Grafana 11.2.0 Server-Side Request Forgery
This Python script targets a server-side request forgery vulnerability in Grafana version 11.2.0. It abuses a path traversal flaw in the /render endpoint to make the server send requests to internal or otherwise restricted resources...
📄 MATLAB R2024a Code Execution / Information Disclosure
MATLAB R2024a suffers from a remote code execution vulnerability as well as a sandbox escape that allows for information disclosure. ================================================================================================================================== | Title : MATLAB R2024a RCE | |...
📄 Car Rental Script 4.0 Cross Site Scripting
Car Rental Script version 4.0 suffers from a cross site scripting vulnerability. Titles: Car-Rental-Script4.0-XSS-Reflected Cross-site scripting reflected Author: nu11secur1ty Date: 05/08/2026 Vendor: https://www.phpjabbers.com/ Software: https://www.phpjabbers.com/car-rental-script/ Reference:...
📄 CairoSVG Denial of Service
CairoSVG versions prior to 2.9.0 suffer from a recursive denial of service vulnerability. CVE-2026-31899: Exponential DoS via Recursive Element Amplification in CairoSVG Keywords: CVE-2026-31899, CairoSVG, exponential DoS, SVG bomb, recursive use element, denial of service, XML amplification,...
📄 Pixa Bank 2.0 SQL Injection
Pixa Bank version 2.0 remote API SQL injection exploit. ================================================================================================================================== | Title : Pixa Bank 2.0 – API SQL Injection | | Author : indoushka | | Tested on : windows 11 FrPro / browser ...
📄 Cisco ISE 2.2 Remote Code Execution
This Metasploit module exploits an unauthorized file upload vulnerability in Cisco ISE. A ZIP file containing a JSP file with a manipulated path path traversal is uploaded. The webshell is then extracted to the webapps folder...
📄 Oracle WebLogic WLS-WSAT XMLDecoder Remote Code Execution
This script is a Python-based proof of concept exploit targeting a deserialization vulnerability in Oracle WebLogic Server's WLS-WSAT component. The vulnerability allows unauthenticated attackers to execute arbitrary system commands via crafted SOAP requests sent to the...
📄 S2M Forgot Password Endpoint Token Exposure
This Python script demonstrates a security assessment targeting a forgot-password API endpoint in a digital payment platform operated by S2M, a company specializing in secure electronic transactions and payment processing solutions. The script sends a crafted POST request using a known email...
📄 OSK Privilege Escalation
This PowerShell script acts as a wrapper/launcher for a compiled Windows exploit binary targeting the OSK On-Screen Keyboard privilege escalation vulnerability. ================================================================================================================================== | Tit...
📄 WordPress Madera 2.2.2 Local File Inclusion
This Python script exploits a local file inclusion vulnerability in the WordPress Madara theme. It interacts with the admin-ajax.php endpoint to load sensitive files from the server, potentially leading to the exposure of system or application data. It affects version 2.2.2...