274338 matches found
📄 esiclivre 0.2.2 SQL Injection
esiclivre versions 0.2.2 and below suffer from a remote SQL injection vulnerability. CVE-2026-30655 — SQL Injection in esiclivre password reset Summary A SQL injection vulnerability exists in the password reset endpoint of esiclivre. An unauthenticated attacker can inject SQL via the cpfcnpj POST...
📄 Payara Server Cross Site Scripting
Research details on exploitation for a cross site scripting vulnerability in Payara's administration REST interface. Versions below 4.1.2.191.54, 5.83.0, 6.34.0, and 7.2026.1 are affected. XSS to Admin account takeover CVE-2025-14340 A Cross-Site Scripting vulnerability in Payara’s Administration...
📄 MCPJam Inspector 1.4.2 Remote Code Execution
MCPJam Inspector versions 1.4.2 and below proof of concept remote code execution exploit. !/usr/bin/env python3 CVE-2026-23744.py for testing only import requests import argparse import json import sys import urllib3 urllib3.disablewarningsurllib3.exceptions.InsecureRequestWarning def main: parse...
📄 ddev/ddev ZipSlip Path Traversal
A ZipSlip path traversal vulnerability exists in ddev/ddev, a popular open-source local development tool for PHP, Python, and Node.js projects. Both the Untar and Unzip functions in pkg/archive/archive.go use filepath.Joindest, file.Name without any path containment validation, allowing a crafted...
📄 activitypub-federation-rust 0.7.1 Server-Side Request Forgery
activitypub-federation-rust versions 0.7.1 and below suffer from a server-side request forgery vulnerability. CVE-2026-33693: SSRF via 0.0.0.0 Bypass in activitypub-federation-rust v4isinvalid CVSS 6.5 Moderate Keywords: SSRF, 0.0.0.0, IP validation bypass, activitypub-federation, Lemmy, Rust,...
Reconx
🔍 reconx - Modular Penetration Testing Framework !Python 3...
Classic-Heap-Attacks-POCs-Windows-10
Pruebas de concepto contra el heap de Windows En este reposit...
Exploit for CVE-2024-2473
CVE-2024-2473 — WPS Hide Login Page Identifier A profession...
arachne
No d...
Exploit for CVE-2025-52204
CVE-2025-52204 – Reflected XSS / HTML Injection in Znuny cust...
TGT2Admin-
🎭 RBCDExploit - Resource-Based Constrained Delegation Attack...
Exploit for OS Command Injection in Arcane
CVE-2026-23520 MCP API Remote Command Execution RCE Proo...
Exploit for CVE-2024-51346
CVE-2024-51346: Cryptographic Bypass and Media Decryption in E...
Exploit for CVE-2024-51347
CVE-2024-51347: Unauthenticated Remote Code Execution in LSC I...
SQL-Injection-Scanner
No d...
Exploit for CVE-2024-51348
CVE-2024-51348: Unauthenticated Remote Code Execution in BS Pe...
Exploit for CVE-2025-9074
Description Vibe coded a small exploit script in pure Bash wit...
darksword-kexploit
DarksSword Kernel Exploit Rei...
Exploit for Path Traversal in Apache Http_Server
PoC эмуляция для CVE CVE CVE-2021-41773 Краткое оп...
XSS_Academy
No d...