274278 matches found
7-Zip 24.00 - Directory Traversal
Exploit Title: 7-Zip 25.00 - Directory Traversal to RCE via Malicious ZIP Date: 2025-11-22 Author: Mohammed Idrees Banyamer Author Country: Jordan Instagram: @banyamersecurity GitHub: https://github.com/mbanyamer Vendor Homepage: https://www.7-zip.org Software Link:...
Horilla v1.3 - RCE
Exploit Title: Horilla v1.3 - RCE Date: 2025-05-29 Exploit Author: Raghad Abdallah Al-syouf Version: = 1.3 Tested on: Ubuntu / Docker CVE: CVE-2025-48868 Description: This script exploits the authenticated RCE vulnerability CVE-2025-48868. It logs into the target web app, creates a project, and...
📄 Dolibarr 23.0.0 dol_eval_standard() Whitelist Bypass
Dolibarr version 23.0.0 bypass proof of concept exploit. The whitelist mode of dolevalstandard does not apply $forbiddenphpstrings checks, and the function-call regex does not detect PHP dynamic callable syntax. This allows 'exec''cmd' to bypass all validation and reach eval. !/usr/bin/env python...
Exploit for Eval Injection in Langflow
CVE-2026-33017-Langflow-POC Proof-of-con...
Exploit for OS Command Injection in Paessler Prtg_Network_Monitor
...
penetration-testing-engagement
Internal Network Penetration Test Overview Conducted a ful...
Windows Service for User (S4U) Scheduled Task Persistence - Event Trigger
Creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires 'Logon as a batch job'...
Windows Service for User (S4U) Scheduled Task Persistence - Logon Trigger
Creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires 'Logon as a batch job'...
Windows Service for User (S4U) Scheduled Task Persistence - Logon Trigger
Creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires 'Logon as a batch job'...
Windows Service for User (S4U) Scheduled Task Persistence - Schedule Trigger
Creates a scheduled task that will run using service-for-user S4U. This allows the scheduled task to run even as an unprivileged user that is not logged into the device. This will result in lower security context, allowing access to local resources only. The module requires 'Logon as a batch job'...
osTicket Arbitrary File Read via PHP Filter Chains in mPDF
This module exploits an arbitrary file read vulnerability in osTicket CVE-2026-22200. The vulnerability exists in osTicket's PDF export functionality which uses mPDF. By injecting a specially crafted HTML payload containing PHP filter chain URIs into a ticket reply, an attacker can read arbitrary...
AD/CS Authenticated Web Enrollment Services Module
Authenticates to the AD/CS Web enrollment service and allows the user to query templates and create certificates based on available templates. Module Options msf use auxiliary/admin/http/webenrollmentcert msf auxiliarywebenrollmentcert show actions ...actions... msf auxiliarywebenrollmentcert set...
wsa_exploits
...
Exploit for CVE-2026-22732
CVE-2026-22732 Demo Minimal reproduction of CVE-2026-22732...
dst-engine
DST: Deterministic Security Testing Static analysis that does...
grav-cms-filecache-object-injection
Grav CMS FileCache Object Injection Description The File...
Exploit for CVE-2026-5465
CVE-2026-5465: Privilege Escalation en Plugin Amelia WordPress...
Exploit for XML Injection (aka Blind XPath Injection) in Fonttools
CVE-2025-66034-htb-ctf VariaType Variable Font Generator Ex...
Exploit for Out-of-bounds Write in Openssl
No d...
public_disclosures
Public vulnerability disclosures Contains some of my vulnerab...