Exploit for Use After Free in Linux Linux_Kernel

🐧 CVE-2026-23111 - Linux Kernel nftables Use-After-Free Vulne...

Exploit for CVE-2026-39023

CVE-2026-39023 RCE poc - RESPONSIVE filemanager v.9.14.0 las...

injection_exploit

Injection Exploit SQLi 6 engines + SSTI 11 engines — GET/...

VulnBoard

VulnBoard “If you don’t know about attacks, you can’t defend...

Teldat-Router-CVE-2022-POC

Teldat Router CVE-2022-39996 & CVE-2022-39997 POC Proof of...

HTB-TwoMillion-Exploit

HTB-TwoMillion-Exploit Importante: Esto NO es un writeu...

wisp

Wisp — the open-source Ghost alternative, built in Elixir & Ph...

missionplanner-bug-report

No d...

secure-banking-app

secure-banking-app...

SQL-Injection-Detection-System

SQL Injection Detection System A comprehensive full-stack web...

Exploit for CVE-2026-8054

No d...

Exploit for Code Injection in Flowiseai Flowise

CVE-2025-59528: Flowise CustomMCP Remote Code Exe...

📄 Meta AI Information Disclosure

Meta AI has publicly accessible hosted files generated through the upload workflow that expose unsanitized object metadata through response headers. The exposed metadata contains uploader-associated information including public IP addresses and additional internal object properties. The issue...

📄 WordPress Contest Gallery 28.1.4 Blind SQL Injection

This Metasploit module targets a remote blind SQL injection vulnerability in WordPress Contest Gallery plugin versions 28.1.4 and earlier. ================================================================================================================================== | Title : WordPress Contest...

📄 Quick Playground for WordPress 1.3.1 Shell Upload

Proof of concept remote shell upload exploit for Quick Playground for WordPress plugin versions 1.3.1 and below. ================================================================================================================================== | Title : Quick Playground for WordPress 1.3.1 —...

📄 Python-Multipart Path Traversal

This code bundle contains two separate components related to the path traversal vulnerability affecting Python-Multipart versions prior to 0.0.22. ================================================================================================================================== | Title :...

📄 phpVMS 7.0.5 Unauthenticated Import Endpoint Bypass

Proof of concept targeting phpVMS versions 7.0.5 and below. It scans multiple importer-related endpoints, attempts POST-based actions that simulate or trigger destructive operations such as import, delete, and database wipe behaviors, and classifies a target as vulnerable based on HTTP responses...

📄 Python-Multipart Path Traversal / Arbitrary File Write

Proof of concept that leverages a path traversal vulnerability in Python-Multipart versions prior to 0.0.22 to achieve an arbitrary file write. ================================================================================================================================== | Title :...

📄 SAP NetWeaver ABAP / SAP_BASIS 918 Cryptographic Weakness

SAML response validation in NetWeaver's SAML Service Provider is susceptible to XML Signature wrapping attacks, specifically through Signature/Object tags. This allows an attacker to manipulate SAML assertion data returned by the identity provider, therefore enabling logging in as an arbitrary...

coruna-postexploit

Coruna Post-Exploitation Framework Overview This is a com...