obliteratus-brain

OBLITERATUS BRAIN The Persistent Knowledge Layer for OBLITE...

Threatswarm

27 scope-enforced AI agents that run the full pentest kill-cha...

WP-Plugin-Fuzzer-PoC-

wpgarlic A proof-of-concept WordPress plugin fuzzer that led t...

h2database-rce-poc

H2 Console RCE Exploit Toolkit Vulnerability exploitation scr...

DOMXSSScanner

DOM XSS Scanner & PoC Generator Developed by Vishal Bharad...

Script-for-profile-press-exploit-in-wordpress

CVE-2021-34621 – ProfilePress WP User Avatar Privilege Escal...

Exploit for CVE-2024-8503

vicidial-cve-2024-8503-blind-sqli-p...

Exploit for Uncontrolled Resource Consumption in Opcfoundation Ua-.Netstandard

OPC UA Authentication Challenge Gateway CDDC 2026 | Modular...

chrome-exploit-simulator

Ethical Hacking — Simulateur Exploit Web Présentation Ce...

Exploit for CVE-2026-42167

CVE-2026-42167 — ProFTPD modsql SQL Injection / Auth Bypass...

Docker_Desktop_POC

Java vulnerable scan POC Minimal Maven project used to comp...

Web-Client-Side-Vulnerabilities-Practical-Exploitation-and-Mitigation

No d...

Exploit for OS Command Injection in Php

PHP CVE Autopilot Fully automated detection and exploitat...

Exploit for Command Injection in Github Enterprise_Server

CVE-2026-3854 PoC — GitHub RCE via X-Stat Push Option Injectio...

web-to-domain-admin-lab

Web to Domain Admin Compromise Lab This project simulates a r...

Exploit for OS Command Injection in Asustor Data_Master

No d...

📄 Pizzafy Ecommerce System 1.0 SQL Injection

The admin/vieworder.php endpoint in Pizzafy Ecommerce System version 1.0 fails to properly sanitize the id GET parameter before passing it to a MySQL query. An authenticated administrator can manipulate this parameter to inject arbitrary SQL, leading to full database compromise. SQL Injection in...

📄 ESP-RFID-Tool V2 PRO Traversal / XSS / Bypass / Enumeration

ESP-RFID-Tool V2 PRO suffers from bypass, cross site request forgery, cross site scripting, information leakage, path traversal, and multiple other vulnerabilities. The vendor has seemingly taken a hostile approach to responding to these findings and is uncooperative. Security Advisory:...

📄 Coaching Management System 1.0 Cross Site Scripting

Coaching Management System version 1.0 suffers from a persistent cross site scripting vulnerability. Stored Cross-Site Scripting XSS in Coaching Management System Leads to Account Takeover --- Product Coaching Management System in PHP Code-Projects.org...

📄 OpenNebula 6.10.0.1 Cross Site Scripting

OpenNebula version 6.10.0.1 suffers from multiple persistent cross site scripting vulnerabilities. OpenNebula-CVE-2025-56537 Exploit Title : OpenNebula 6.10.0.1 - Stored XSS Cross-site Scripting in virtual network template Exploit Author : Mark Artamonov Vendor Homepage : https://opennebula.io/...