274422 matches found
📄 yuan1994 tpadmin Shell Upload
yuan1994 tpadmin versions up to 1.3.12 suffers from a remote shell upload vulnerability. tpadmin-CVE-2026-2113-poc A proof-of-concept exploiting a Remote Code Execution with web server privileges via Arbitrary File Upload. Vulnerability Description A critical Remote Code Execution vulnerability...
JUNG Smart Panel 5.1 KNX Unauthenticated Absolute File Path Traversal
Summary The JUNG Smart Panel 5.1 KNX is a flush-mounted 5-inch touch-sensitive controller designed for managing smart building automation via the KNX system. It serves as a, intuitive, centralized interface for controlling lighting, shading, heating, and security, utilizing a 640 x 480-pixel colo...
📄 Palo Alto Networks PAN-OS 11.2 PHP Code Injection
Palo Alto Networks PAN-OS version 11.2 proof of concept remote command execution exploit that also leverages an authentication bypass vulnerability. ============================================================================================================================================= | Titl...
📄 jsonpath 1.1.1 Prototype Pollution
Proof of concept exploit for a prototype pollution vulnerability in jsonpath version 1.1.1, where unsafe writes to $.constructor.prototype allows attackers to inject arbitrary properties and functions into Object.prototype. By abusing jsonpath.value, an attacker can globally modify object...
📄 crypto/x509 TLS Certificate Parsing
This Go program demonstrates a theoretical denial of service risk associated with handling unusually large X.509 certificates in TLS connections. It programmatically generates a self-signed certificate containing a very large number of Subject Alternative Names SANs and configures an HTTP client ...
Exploit for Improper Access Control in Oracle Http_Server
CVE-2026-21962-Oracle-HTTP-Server-WebLogic-Proxy-Plug-in-Criti...
Exploit for CVE-2026-22187
CVE-2026-22187-Bio-Formats-unsafe-Java-deserialization-via-.bf...
SQL_ARES_LZL
SQL ARES LZL - Suite de Inyección SQL Avanzada ARES LZL...
neopythonlogger
chrome-privless-encryption A PoC demonstrating how to bypass...
Exploit for Incorrect Authorization in Suse Pam-Config
CVE-2025-6018 & CVE-2025-6019 PoC A Proof of Concept for chai...
FontFace-Lapse
No d...
NordicTrackExploit
QZCompanionNordictrackTreadmill Companion App of QZ for Nordic...
Exploit for Command Injection in Grafana
PoC---Imple...
cve-research
No d...
WAVLINK-NU516-V240425
No d...
Exploit for Incorrect Authorization in Suse Pam-Config
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt...
Exploit for CVE-2026-23552
CVE-2026-23552 - Cross-Realm Token Acceptance in camel-keycloa...
Exploit for CVE-2025-8671
CVE-2025-8671-vulnerability-POC- CVE-2025-8671 vulnerability P...
Exploit for CVE-2023-34632
CVE-2023-346...
Exploit for CVE-2025-9074
No d...