📄 GNU Inetutils telnetd NEW-ENVIRON Authentication Bypass

This Metasploit module exploits an authentication bypass vulnerability in GNU Inetutils telnetd. By sending a specially crafted NEW-ENVIRON subnegotiation with a USER variable containing -f root, an attacker can login as root without a password. This occurs because telnetd passes the environment...

📄 libvips 8.19.0 VIPS Image Extraction Crash / Auditor

This Python script performs a comprehensive security and stability audit of the vips image processing binary. It tests the extractarea function using extreme int32 and uint32 values as well as normal ranges to detect crashes, memory corruption, or buffer overflows. The audit automates setup,...

Boss Mini v1.4.0 - Local File Inclusion (LFI)

Exploit Title: Boss Mini v1.4.0 - Local File Inclusion LFI Date: 07/12/2023 Exploit Author: nltt0 Version: 1.4.0 Build 6221 CVE: CVE-2023-3643 from requests import post from urllib.parse import quote from argparse import ArgumentParser banner = r""" / \ | | / | | / / | | \ --. | | / | |/ | ' \ /...

Easy File Sharing Web Server v7.2 - Buffer Overflow

Exploit title: Easy File Sharing Web Server v7.2 - Buffer Overflow Date: 16/10/2025 Exploit Author: Donwor X: @realDonwor Discord: Donwor Website: https://github.com/D0nw0r Software Link: https://www.exploit-db.com/apps/60f3ff1f3cd34dec80fba130ea481f31-efssetup.exe Version: Easy File Sharing Web...

mailcow 2025-01a - Host Header Password Reset Poisoning

Exploit Title: mailcow 2025-01a - Host Header Password Reset Poisoning Date: 2025-10-21 Exploit Author: Iam Alvarez AKA Groppoxx / Maizeravla Vendor Homepage: https://mailcow.email Software Link: https://github.com/mailcow/mailcow-dockerized Version: 2025-01a REQUIRED Tested on: Ubuntu 22.04.5 LT...

WordPress Backup Migration 1.3.7 - Remote Command Execution

Exploit Title: WordPress Backup Migration 1.3.7 - Remote Command Execution Date: 2025-10-26 Exploit Author: DANG Vendor Homepage: https://backupbliss.com/ Software Link: https://wordpress.org/plugins/backup-backup/ Version: Backup Migration ≤1.3.7 Tested on: LINUX CVE : CVE-2023-6553 This module...

📄 GVfs 1.58.1 FTP Backend CRLF Injection

A vulnerability was identified in the FTP backend of GVfs due to improper input validation. A remote attacker can exploit this flaw by supplying specially crafted file paths containing Carriage Return and Line Feed CRLF sequences. Because these CRLF sequences are not properly sanitized, they allo...

📄 Google Cloud Vertex AI SDK Cross Site Scripting / Code Execution

A persistent cross site scripting vulnerability was identified in the genai/evalsvisualization component of Google Cloud Vertex AI SDK google-cloud-aiplatform, affecting versions 1.98.0 up to but not including 1.131.0. The vulnerability allows an unauthenticated remote attacker to inject maliciou...

WeGIA 3.5.0 - SQL Injection

Exploit Title: WeGIA 3.5.0 - SQL Injection Date: 2025-10-14 Exploit Author: Onur Demir OnurDemir-Dev Vendor Homepage: https://www.wegia.org Software Link: https://github.com/LabRedesCefetRJ/WeGIA/ Version: " echo "Example: $0 http://127.0.0.1/WeGIA/ "admin" "wegia" "version"" exit 1 fi...

📄 Easy File Sharing Web Server 7.2 Buffer Overflow

Easy File Sharing Web Server version 7.2 suffers from a buffer overflow vulnerability. Exploit title: Easy File Sharing Web Server v7.2 - Buffer Overflow Date: 16/10/2025 Exploit Author: Donwor X: @realDonwor Discord: Donwor Website: https://github.com/D0nw0r Software Link:...

linux-privilege-escalation-oscp-guide

🔥 Cyber Public School – Linux Privilege Escalation Ultra Guide...

Exploit for SQL Injection in Salephpscripts Web_Directory_Free

SECTF2026 — "You Play the CTF. We Play Defense" Event: XP...

Exploit for Cross-site Scripting in Bdtask Multi_Store_Inventory_Management_System

CVE-2024-2997 Scanner !Versionhttps://img.shields.io/badge...

MajorDoMo Console Eval Unauthenticated RCE

This module exploits an unauthenticated remote code execution vulnerability in MajorDoMo, an open-source home automation platform. The admin panel's PHP console is accessible without authentication due to a missing exit after redirect in modules/panel.class.php. The redirect"/" call intended to...

MajorDoMo Remote Command Injection via cycle_execs Race Condition

This module exploits an unauthenticated command injection vulnerability in MajorDoMo's remote command handler rc/index.php. The param parameter is interpolated into double quotes without escapeshellarg, and the resulting string is passed to safeexec which inserts it into the safeexecs database...

MajorDoMo Supply Chain RCE via Update Poisoning

This module exploits an unauthenticated remote code execution vulnerability in MajorDoMo's saverestore module via supply chain poisoning. The saverestore module's admin method is reachable without authentication through the /objects/?module=saverestore endpoint because usual calls admin directly...

Hackviser

Hackviser — Scenario Writeups A collection of detailed writeu...

Binary_Exploitation_Material

Binary Exploitation Material Personal collection of binary ex...

Exploit for OS Command Injection in Fortinet Fortiweb

No d...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

SBOM CVE Scanner - Enhanced Edition A comprehensive Python to...