📄 YAMCS 5.12.6 LdapAuthModule LDAP Injection / Authentication Bypass

This Metasploit module exploits an LDAP injection vulnerability in the YAMCS LdapAuthModule. The username parameter is inserted directly into LDAP search filters without RFC 4515 escaping, allowing an attacker to bypass authentication. By crafting a malicious username containing LDAP special...

📄 Bloodbank CMS 1.0 SQL Injection

Bloodbank CMS version 1.0 suffers from a remote SQL injection vulnerability. ================================================================================================================================== | Title : bloodbank cms v1.0 sql injection vulnerability | | Author : indoushka | | Teste...

📄 Google Chrome V8 Type Confusion

This Metasploit module exploits a type confusion vulnerability in Google Chrome's V8 JavaScript engine versions prior to 149.0.7827.103. The vulnerability is triggered by a specific pattern that causes type confusion between internal V8 objects, leading to out-of-bounds memory access. Successful...

📄 nginx 1.27.4 Insecure TLS Session Reuse / SSL Certificate Validation Bypass

Proof of concept exploit for nginx version 1.27.4 that demonstrates insecure TLS session reuse leading to certification validation bypass. ================================================================================================================================== | Title : nginx 1.27.4...

📄 Apache Flink Kubernetes Operator 1.14.0 Server-Side Request Forgery

This ia proof of concept Metasploit module for the Apache Flink Kubernetes Operator version 1.14.0 server-side request forgery vulnerability that also provides metadata extraction...

📄 Apache Flink Kubernetes Operator 1.14.0 Server-Side Request Forgery

This is a Metasploit auxiliary module to demonstrate a service-side request forgery vulnerability in Apache Flink Kubernetes Operator version 1.14.0. ================================================================================================================================== | Title : Apache...

📄 AnyDesk 9.7.5 Unquoted Service Path

AnyDesk version 9.7.5 unquoted service path privilege escalation to SYSTEM exploit. ================================================================================================================================== | Title : AnyDesk v9.7.5 Unquoted Service Path Privilege Escalation to SYSTEM | |...

Exploit for CVE-2026-54596

CVE-2026-54596 - Authenticated SQL Injection via recurringinv...

Exploit for CVE-2026-54597

CVE-2026-54597 — ITFlow Time-Based Blind SQL Injection Seve...

glibc-static-nss-poc

glibc-static-nss-poc Proof of Concept demonstrating how stati...

ITScape

🛡️ ITScape - Test your systems for security gaps !https:/...

VulnAnalyzer

🔍 VulnAnalyzer 2.1 A comprehensive automated vulnerability...

Exploit for CVE-2026-53519

CVE-2026...

Exploit for Uncontrolled Resource Consumption in Microsoft

CVE-2026-491...

Exploit for CVE-2025-2783

Chromium CVE-2025-2783: Sandbox Escape & Full-Chain RCE Exploi...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Portwell Engineering_Toolkits

No d...

Exploit for CVE-2026-9277

CVE-2026-9277 - Shell-Quote Command Injection Expl...

xss-bypass-tester

No d...

exploit-scripts

Offensive Security Toolkit ╔═════════════════════════════...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Treck Tcp\/Ip

No d...