Exploit for CVE-2025-36911

BLUE-SPY - Fast Pair Vulnerability Research Tool SECURITY...

WordPress StoryChief Plugin Unauthenticated RCE

This module exploits an unauthenticated arbitrary file upload vulnerability in the StoryChief WordPress plugin use exploit/multi/http/wppluginstorycheffileupload msf exploitwppluginstorycheffileupload show targets ...targets... msf exploitwppluginstorycheffileupload set TARGET msf...

WAVE

...

web-vuln-scanner

web-vuln-scanner A Python-based web vulnerabili...

Exploit for CVE-2025-71243

CVE-2025-71243 - SPIP Saisies Plugin Remote Code Execution...

Exploit for CVE-2026-27180

MajorDoMo RCE !Authorhttps://img.shields.io/badge/Author-Mo...

snyk-chk

No d...

exploit-surge-radar

Exploit Surge Radar Detect exploit-active vulnerability surge...

Exploit for CVE-2026-5252

CVE-2026-...

Exploit for Path Traversal in Welcart Welcart_E-Commerce

Zenario CMS 9.3 - Unauthenticated RCE Exploit CVE-2022-418...

Exploit for CVE-2026-23829

SimoesCTT-mailpit-phase-reconstructor It's a CRLF injection in...

Exploit for Relative Path Traversal in Apache Tomcat

CVE-2025...

SQL-injection-explained

SQL-injection-explained Todays topic: SQL Injections Here is y...

📄 Sitecore Experience Manager / Experience Platform 10.1 Shell Upload / Hardcoded Credentials

Proof of concept exploit for a remote code execution vulnerability chain affecting Sitecore Experience Platform versions 10.x combining hardcoded credentials with file upload vulnerabilities for complete system compromise...

📄 Raynet rvia 12.6.4392.49-amd64.deb Privilege Escalation

Proof of concept privilege escalation exploit for Raynet's RayVentory Inventory Agent version 12.6.4392.49-amd64.deb. ============================================================================================================================================= | Title : Raynet rvia...

📄 Serendipity 2.5.0 PHP Code Injection

Serendipity version 2.5.0 proof of concept PHP code injection exploit. ============================================================================================================================================= | Title : Serendipity 2.5.0 PHP COde Injection Vulnerability | | Author : indoushka ...

📄 Skyvern 0.1.84 Template Injection / Code Execution

Skyvern version 0.1.84 remote code execution proof of concept exploit that leverages a vulnerability in workflow creation functionality where user-supplied input in the prompt field is processed through Jinja2 templating engine without proper sanitization, allowing attackers to execute arbitrary...

📄 Pillow PSD Parser Out-Of-Bounds Write

Proof of concept exploit that creates a malicious .psd file for Pillow that attempts an out-of-bounds write. This issue is patched in version 12.1.1. ============================================================================================================================================= | Tit...

📄 Yoast SEO 22.5 Cross Site Scripting

These are details relating a cross site scripting vulnerability in Yoast SEO versions 22.5 and below that was originally discovered in 2024. CVE-2024-4041 Yoast SEO /?page=%22%20onmouseover%3D%22alertdocument.domain%22%20x%3D%22 3. In the admin bar, open the Yoast menu and hover/click Get Yoast S...

📄 Sawtooth Lighthouse Studio 9.16.14 Remote Command Execution

Sawtooth Lighthouse Studio version 9.16.14 proof of concept remote command execution exploit. ============================================================================================================================================= | Title : Sawtooth Lighthouse Studio 9.16.14 RCE | | Author :...