XSS-cheat-sheet-txt-dictionary-by-PortSwigger

XSS cheat sheet dictionary by PortSwigger PortSwigger diction...

CVE-2026-Pending-Flask-Uploads-Path-Traversal-PoC

CVE-2026-XXXXX Pending: Path Traversal in Flask-Uploads...

FlaskRCE

FlaskRCE PoC --- Technical Write‑Up Repository: https://g...

Exploit for CVE-2026-24061

CVE-2026-24061 GNU inetutils-telnetd Remote Authentication By...

Exploit for CVE-2026-24061

CVE-2026-24061 GNU Inetutils telnetd Remote Authentication...

wazuh-poc-docs

No d...

Samba-smbd-3.x-4.x-Exploitation-using-Metasploit

Samba smbd 3.x–4.x Exploitation using Metasploit Project...

Exploit for Out-of-bounds Read in Libpng

Spring Boot Minimal Images PoC Dummy Spring Boot application...

Exploit for CVE-2026-24061

CVE-2026-24061 CVE-2026-24061 Batch Scanning Tool How to us...

Exploit for Uncontrolled Resource Consumption in Ietf Http

Exploit-Title-HTTP-2-2.0---Denial-Of-Service-DOS-...

Exploit for Use After Free in Linux Linux_Kernel

CVE-2025-...

nullsec-payloads

NullSec Payloads ███▄ █ █ ██ ██▓ ██▓...

Exploit for CVE-2026-21962

🖥️ Preview...

nullsec-exploit

💀 NullSec Exploit Advanced Exploit Development & Payload...

📄 Magento Adobe Commerce 2.4.5-p7 Arbitrary File Read

Magento Adobe Commerce version 2.4.5-p7 suffers from an arbitrary file read vulnerability. ============================================================================================================================================= | Title : Magento Adobe Commerce 2.4.5-p7 arbitrary file read...

📄 Oracle E-Business Suite CVE-2025-61882 Remote Code Execution

This Metasploit module exploits CVE-2025-61882 in Oracle E-Business Suite by combining server-side request forgery, path traversal, HTTP request smuggling, and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to remote code execution. This...

📄 macOS 10.12.2 XNU Kernel Race Condition

This proof of concept code demonstrates a race condition observed in the setdpcontrolport function within XNU kernel versions prior to macOS 10.12.2 and iOS 10.2...

📄 Malwarebytes Anti-Malware 2.x Privilege Escalation

This advisory hosts useful analysis of older research from 2016, when Google's Project Zero discovered multiple security issues in MalwareBytes Anti-Malware version 2.x. The software suffered from a combination of security flaws that allowed attackers to remotely tamper with...

📄 HEUR.Backdoor.Win32.Poison.gen DLL Hijacking

This code implements an advanced WININET.dll proxy via DLL hijacking that is designed as a defensive countermeasure against malware such as HEUR.Backdoor.Win32.Poison.gen. The malware family Poison loads a 32‑bit WININET.dll from its current directory, which enables execution flow hijacking MITRE...

📄 NFTBox NFT Marketplace Solution Private Key Disclosure

NFTBox NFT Marketplace Solution as of 2026/01/22 embeds a private crypto key in the wallet.js file. Exploit Title: NFTBox - NFT Marketplace Solution - Hardcoded Private Key Disclosure Date: 2026-01-21 Exploit Author: Sohel Yousef -- https://www.linkedin.com/in/sohel-yousef-50a905189/ Vendor...