📄 eNet SMART HOME Server 2.3.1 Arbitrary User Deletion

The eNet Smart Home system contains an authorization weakness in the deleteUserAccount JSON-RPC method that permits any authenticated low-privileged user UGUSER to delete arbitrary user accounts, except for the built-in admin account. The application does not enforce proper role-based access...

📄 FortiGate Advanced Symlink Bypass Exploit

This Python script is an advanced exploitation tool targeting vulnerable FortiGate devices manufactured by Fortinet. It attempts to exploit a symlink/path bypass vulnerability via the /lang//custom/ endpoint in order to access sensitive internal files that should not be publicly accessible...

📄 eNet SMART HOME Server 2.3.1 Remote Privilege Escalation

The eNet Smart Home system suffers from a privilege escalation vulnerability due to insufficient authorization checks in the JSON-RPC endpoint for user management. A low-privileged user, can exploit the setUserGroup method by sending a crafted POST request to /jsonrpc/management, specifying their...

📄 JUNG Smart Visu Server Cache Poisoning

Python proof of concept web cache poisoning exploit for JUNG Smart Visu Server that builds on the finding from LiquidWorm. ============================================================================================================================================= | Title : JUNG Smart Visu Server...

📄 PluckCMS 4.7.10 Shell Upload

PluckCMS version 4.7.10 remote shell upload proof of concept exploit. ============================================================================================================================================= | Title : PluckCMS 4.7.10 Unrestricted File Upload RCE | | Author : indoushka | |...

📄 Netgate pfSense Community Edition 2.7.2 / 2.8.0 Remote Code Execution

Netgate pfSense Community Edition versions 2.7.2 and 2.8.0 appear to suffer from multiple authenticated remote code execution vulnerabilities that the vendor has written off as abusive administrator behavior but a non-issue. 🔐 CVE-2025-69690 & CVE-2025-69691 Authenticated Remote Code Execution in...

📄 mailcow: Dockerized Host Header Password Reset Poisoning

mailcow: dockerized versions prior to 2025-01a are vulnerable to Host header poisoning in the password reset workflow. The application incorrectly trusts the Host header when generating password reset links, allowing an attacker to inject an attacker-controlled domain into the reset URL. If a...

📄 Precurio Intranet Portal 4.4 Cross Site Request Forgery / Shell Upload

Precurio Intranet Portal version 4.4 proof of concept cross site request forgery and remote shell upload exploit. ============================================================================================================================================= | Title : Precurio Intranet Portal 4.4...

📄 GNU Inetutils 2.7 Authentication Bypass

GNU Inetutils version 2.7 telnet authentication bypass proof of concept exploit written in PHP. ============================================================================================================================================= | Title : GNU Inetutils Telnet Authentication Bypass PHP...

📄 PPOM for WooCommerce 33.0.15 SQL Injection / Code Execution

This is an extensive exploit that leverages a remote SQL injection vulnerability in PPOM for WooCommerce version 33.0.15 to also achieve remote code execution and local file inclusion...

Exploit for Missing Authorization in Themepunch Slider_Revolution

CVE-2024-34444 - Slider Revolution Missing Authorization Scann...

Exploit for CVE-2025-4517

CVE-2025-4517 Exploit - WingData HTB Overview This exploi...

Exploit for CVE-2025-4138

CVE-2025-4138 — Python tarfile filter="data" Bypass Arbitra...

Exploit for CVE-2025-4517

CVE-2025-4517 / CVE-2025-4330 — Python tarfile Data Filter B...

ctf-writeups

CTF Writeups A collection of Capture The Flag challenge write...

Exploit for CVE-2026-2144

No d...

Exploit for Missing Authentication for Critical Function in Paloaltonetworks Pan-Os

PAN-OS Stored XSS — Incomplete Sanitization of a Known-Bad Var...

PoC-AntiAutoclicker

PoC-AntiAutoclicker Th...

Cybersecurity-Portfolio

No d...

yandex_station_2_exploit

Загрузчик неподписанного кода для Yandex Station 2 Yandex Max...