ESC/POS Printer Command Injector

This module exploits an unauthenticated ESC/POS command vulnerability in networked Epson-compatible printers. You can print a custom message, trigger the attached cash drawer, or cut the paper. Module Options msf use auxiliary/admin/printer/escpostcpcommandinjector msf...

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 RSC lab intentionally vulnerable Local Doc...

darksword-kexploit

DarksSword Kernel Exploi...

Exploit for Inclusion of Functionality from Untrusted Control Sphere in Sudo_Project Sudo

CVE-2025-32463 The principle is fairly simple: the -R option i...

Exploit for Improper Input Validation in Microsoft

HTB: Mailing — A Complete Walkthrough By Mursalin --- I...

NightOwl

NightOwl Advanced Penetration Testing Framework A modula...

web-app-security-owasp-zap

🔐 Web Application Security Testing with OWASP ZAP Author:...

Exploit for Path Traversal in Rarlab Winrar

POC f...

CVE

No d...

Exploit for CVE-2026-3584

CVE-2026-3584 – WordPress Kali Forms 10000 e 'PHP Version'...

Ja4Scanner

Ja4Scanner — Bug Bounty Hunter's Toolkit A Python CLI tool fo...

Exploit for Heap-based Buffer Overflow in Microsoft

CVE-2024-30051 — Windows DWM Heap Overflow EoP · Master's Thes...

Exploit for CVE-2024-51324

CVE-2024-51324 — BYOVD: BdApiUtil64.sys Process Killer · Maste...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 — PwnKit Local Privilege Escalation · Master's T...

my-cve-notes

my-cve-not...

📄 EspoCRM 9.3.3 Remote Code Execution / Path Traversal

EspoCRM versions 9.3.3 and below proof of concept remote code execution exploit that leverages formula ACL bypass, path traversal, and poisoning. !/bin/bash =========================================================================== EspoCRM command Example: ./poc.sh http://192.168.5.16:8090 admin...

CraftCMS generate-transform command injection

Added: 03/25/2026 Background CraftCMS is a content management system written in PHP. Problem A vulnerability in CraftCMS allows remote attackers to inject arbitrary PHP code into the session file and then execute it using a specially crafted request to generate-transform. Resolution Upgrade to...

CraftCMS generate-transform command injection

Added: 03/25/2026 Background CraftCMS is a content management system written in PHP. Problem A vulnerability in CraftCMS allows remote attackers to inject arbitrary PHP code into the session file and then execute it using a specially crafted request to generate-transform. Resolution Upgrade to...

Exploit for OS Command Injection in Vsftpd_Project Vsftpd

🔐 Pentest Lab — Metasploitable2 📋 Description Premier lab...

Exploit for Missing Authentication for Critical Function in Mcpjam Inspector

CVE-2026-23744 Exploit to MCP...