Exploit for Use After Free in Google Chrome

⚠️ CVE-2026-2441-PoC - Test Chrome Vulnerability Safely !Do...

laravel-honeypot

Laravel Threat Detection Know who's attacking your Laravel...

Exploit for Code Injection in Anthropic Claude_Code

CVE-PENDING: MCP Tool Confirmation Prompt Misrepresentation in...

Exploit for OS Command Injection in Anysphere Cursor

CVE PoC: MCP Server Config Swap in Claude Code Vulnerabilit...

Exploit for CVE-2024-2961

CVE-2026-22200: osTicket Arbitrary File Read to RCE...

Exploit for CVE-2025-39459

📄 Nuclei Template for CVE-2025-39459 🚀 Overview This repo...

Exploit for CVE-2023-3452

CVE-2023-3452 - WordPress Canto Plugin RCE Exploit for the Wo...

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

No d...

Exploit for Deserialization of Untrusted Data in Nextgen Mirth_Connect

RCE Vulnerability in Mirth Connect CVE-2023-37679 & CVE-2023-...

Exploit for Argument Injection in Gnu Inetutils

telnetd Idk wh...

📄 libvips 8.19.0 vips_extract_area_build Local Integer Overflow

This Python script performs an advanced security audit on libvips version 8.19.0. It specifically targets the integer overflow vulnerability in the function vipsextractareabuild...

📄 Wireshark 4.4.8 NULL Pointer Dereference

Proof of concept exploit that affects Wireshark versions 4.4.0 through 4.4.8. This report documents a NULL Pointer Dereference vulnerability pattern that can be triggered by opening a specially crafted PCAP file. The provided proof of concept is written in Python and demonstrates how malformed...

📄 WeGIA 3.5.0 SQL Injection

Proof of concept remote SQL injection exploit for WeGIA versions 3.5.0 and below. Exploit Title: WeGIA 3.5.0 - SQL Injection Date: 2025-10-14 Exploit Author: Onur Demir OnurDemir-Dev Vendor Homepage: https://www.wegia.org Software Link: https://github.com/LabRedesCefetRJ/WeGIA/ Version: " echo...

📄 Easy File Sharing Web Server 7.2 Buffer Overflow

Easy File Sharing Web Server version 7.2 suffers from a buffer overflow vulnerability. Exploit title: Easy File Sharing Web Server v7.2 - Buffer Overflow Date: 16/10/2025 Exploit Author: Donwor X: @realDonwor Discord: Donwor Website: https://github.com/D0nw0r Software Link:...

📄 GNU Inetutils telnetd NEW-ENVIRON Authentication Bypass

This Metasploit module exploits an authentication bypass vulnerability in GNU Inetutils telnetd. By sending a specially crafted NEW-ENVIRON subnegotiation with a USER variable containing -f root, an attacker can login as root without a password. This occurs because telnetd passes the environment...

📄 libvips 8.19.0 VIPS Image Extraction Crash / Auditor

This Python script performs a comprehensive security and stability audit of the vips image processing binary. It tests the extractarea function using extreme int32 and uint32 values as well as normal ranges to detect crashes, memory corruption, or buffer overflows. The audit automates setup,...

📄 GVfs 1.58.1 FTP Backend CRLF Injection

A vulnerability was identified in the FTP backend of GVfs due to improper input validation. A remote attacker can exploit this flaw by supplying specially crafted file paths containing Carriage Return and Line Feed CRLF sequences. Because these CRLF sequences are not properly sanitized, they allo...

📄 Google Cloud Vertex AI SDK Cross Site Scripting / Code Execution

A persistent cross site scripting vulnerability was identified in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform, affecting versions 1.98.0 up to but not including 1.131.0. The vulnerability allows an unauthenticated remote attacker to inject maliciou...

Boss Mini v1.4.0 - Local File Inclusion (LFI)

Exploit Title: Boss Mini v1.4.0 - Local File Inclusion LFI Date: 07/12/2023 Exploit Author: nltt0 Version: 1.4.0 Build 6221 CVE: CVE-2023-3643 from requests import post from urllib.parse import quote from argparse import ArgumentParser banner = r""" / \ | | / | | / / | | \ --. | | / | |/ | ' \ /...

WeGIA 3.5.0 - SQL Injection

Exploit Title: WeGIA 3.5.0 - SQL Injection Date: 2025-10-14 Exploit Author: Onur Demir OnurDemir-Dev Vendor Homepage: https://www.wegia.org Software Link: https://github.com/LabRedesCefetRJ/WeGIA/ Version: " echo "Example: $0 http://127.0.0.1/WeGIA/ "admin" "wegia" "version"" exit 1 fi...