Exploit for Unrestricted Upload of File with Dangerous Type in Amentotech Workreap

CVE-2021-24499 | Workreap - Freelance Marketplace and Director...

sqlmap-CTT-v3.0-SQL-Injection-Engine-Full-33-layer-fractal-temporal-resonance-implementation-in-C

sqlmap-CTT-v3.0-SQL-Injection-Engine-Full-33-layer-fractal-tem...

Exploit for CVE-2026-23550

No d...

SQLi

SQL Injection CTF Challenge - Quick Start Guide Files Over...

SQLMAP-CTT-v2.0-33-Layer-Fractal-Resonance-SQL-Injection-Engine

SQLMAP-CTT-v2.0-33-Layer-Fractal-Resonance-SQL...

BurpSuitePro

Burp Suite Bambda Scripts - Vulnerability Testing Toolkit v2.0...

Exploit for Out-of-bounds Read in Openssl

CTT-HEARTBLEED-Temporal-Resonance-Memory-Leak-Exploit-Heartble...

Exploit for Server-Side Request Forgery in Microsoft

CTT-Exchange-RCE-v1.0---Microsoft-Exchange-Exploit-CVSS-10.0-C...

Exploit for Argument Injection in Gnu Inetutils

Tell Me Root Batch Scanning Tool for the CVE-2026-24061 Telne...

Exploit for CVE-2025-69256

hi CTT-Serverless-RCE-v1.0---Convergent-Time-Theory-Enhanced-MC...

Exploit for Use After Free in Apple Safari

Convergent-Time-Theory...

Exploit for CVE-2026-23829

🎯 CTT-Mailpit-Exploit: Perfect 11/10 Score Zero-Click Worm Tran...

Sonic-go-brrr-CTF-exploit-Code

This Code customized for Solve Cyber Talent CTF Sonic go...

📄 Papermark 0.20.0 Path Traversal

Papermark version 0.20.0 suffers from an authenticated path traversal vulnerability. // Exploit Title: Papermark 0.20.0 - Path Traversal Authenticated // Date: 2026-01-28 // Exploit Author: Eui Chul Chung // Vendor Homepage: https://www.papermark.com/ // Software Link:...

📄 Django Summernote 0.8.20.0 Unrestricted File Upload Scanner

This Metasploit Auxiliary Scanner module detects unrestricted file upload vulnerabilities in django-summernote. It targets misconfigurations where image validation depends on the Pillow library and allows non-image files to be uploaded when Pillow is missing. The module safely scans common upload...

📄 AVideo 14.3.1 Cross Site Scripting

AVideo version 14.3.1 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : AVideo 14.3.1 XSS vulnerability | | Author : indoushka | | Tested on :...

📄 FreeBSD 15.x rtsold DNSSL Command Injection

This Metasploit module targets a command injection vulnerability in the FreeBSD rtsold daemon related to the handling of DNSSL DNS Search List options in IPv6 Router Advertisements. Due to improper validation of domain names, attacker-controlled DNSSL values can inject shell commands via $...

📄 FreePBX Firmware Shell Upload

FreePBX versions prior to 16.0.44,16.0.92 and 17.0.6,17.0.23 are vulnerable to multiple CVEs, specifically CVE-2025-66039 and CVE-2025-61678, in the context of this Metasploit module. The versions before 16.0.44 and 17.0.23 are vulnerable to CVE-2025-66039, while versions before 16.0.92 and 17.0....

📄 GNU Inetutils 2.7 Telnet Authentication Bypass Scanner

GNU Inetutils version 2.7 telnet authentication bypass scanner that leverages a crafted USER value. This vulnerability is tracked as CVE-2026-24061 and is conceptually related to historical Telnet NEW-ENVIRON issues such as CVE-1999-0192, but affects modern GNU Inetutils implementations...

📄 Qualcomm CVP Kernel Pointer Leak

The Qualcomm CVP driver exposes kernel pointers to userland by returning a hashed session ID derived from a kernel pointer using hash32ptr. This function is not a cryptographic hash but a reversible fold that XORs the upper and lower 32 bits of the pointer. Due to predictable ARM64 kernel virtual...