wechat-monitor-poc

WeChat Message Monitoring PoC Project Project Description...

Exploit for Classic Buffer Overflow in Tp-Link Omada_Er605_Firmware

CVE-2024-5243-pwn2own-toronto-2023 TP-Link ER605 Pre-Auth...

Handson-3-WEB2_XSS-Attack-Defense

No d...

Ofensive-security

This repository contains my Offensive Cyber Security / Penetrati...

Ofensive-security-Portfolio

This repository contains my Offensive Cyber Security / Penetrati...

Exploit for Path Traversal in Tuzitio Camaleon_Cms

CVE-2024-46987 Exploit - Camaleon CMS Path Traversal This too...

SQL-Injection-Detector-and-Prevention

SQL-Injection-...

PHP-Unrestricted-Upload-RCE

Executive Summary A comprehensive security assessment was pe...

Exploit for CVE-2025-2304

Camaleon CMS 2.9.0 – Authenticated Privilege Escalation Role...

Exploit for Incorrect Calculation in Google Android

CVE-2020-0022 Many thanks to Insinuator for their amazing blo...

Exploit for Deserialization of Untrusted Data in Google Android

CVE-2024-31317 Deployer !Licensehttps://img.shields.io/bad...

Exploit for Race Condition in Canonical Ubuntu_Linux

Privilege Escalation Analyzer v4.0 A comprehensive Linux priv...

Exploit for Missing XML Validation in Apache Struts

CVE-2025-68493 CVE-2025-68493 7. References 1 Apac...

Exploit for CVE-2026-0828

💀 0xKern3lCrush-M4te-CVE-2026-0828 Windows BYOVD Research &...

📄 Microsoft Windows 11 Build 10.0.27898.1000 Advanced Admin Protection Bypass

This enhanced proof of concept demonstrates an advanced method for bypassing Windows Administrator Protection by manipulating registry hives using both WinAPI and NTAPI. The code implements safe smart‑pointer wrappers for handles, secure SID management, deep registry enumeration, privilege checks...

📄 MotionEye Frontend 0.43.1b4 Command Injection

Proof of concept exploit for a command injection vulnerability in MotionEye Frontend version 0.43.1b4. ============================================================================================================================================= | Title : MotionEye Frontend 0.43.1b4 RCE | | Author...

📄 Nagios XI Monitoring Wizard Command Injection

Nagios XI is a widely used enterprise monitoring solution. A vulnerability exists within the Monitoring Wizard configuration page where the database parameter is unsafely passed into backend operations. Authenticated users can exploit this to execute arbitrary system commands, allowing full remot...

📄 NCR Command Center Agent 16.3 Remote Command Execution

Proof of concept exploit for a remote command execution vulnerability in NCR Command Center Agent version 16.3 on Aloha POS/BOH servers. The vulnerability allows remote, unauthenticated attackers to execute arbitrary commands with SYSTEM privileges by sending a specially crafted XML document to...

📄 Blesta 5.13.1 2Checkout PHP Object Injection

Blesta versions 3.0.0 through 5.13.1 suffer from a 2Checkout PHP object injection vulnerability. The vulnerabilities exist because user input passed through the invoices POST parameter or the item-ext-ref GET parameter when dispatching the Checkout2::validate or Checkout2::success method is not...

React Native Community CLI remote command execution

Added: 02/04/2026 Background React Native is a framework for building mobile JavaScript applications. React Native Community CLI is a collection of command line tools that help developers build React Native mobile applications. Problem A vulnerability in React Native Community CLI when running wi...