274480 matches found
📄 macOS 10.12.2 XNU Kernel Race Condition
This proof of concept code demonstrates a race condition observed in the setdpcontrolport function within XNU kernel versions prior to macOS 10.12.2 and iOS 10.2...
📄 Malwarebytes Anti-Malware 2.x Privilege Escalation
This advisory hosts useful analysis of older research from 2016, when Google's Project Zero discovered multiple security issues in MalwareBytes Anti-Malware version 2.x. The software suffered from a combination of security flaws that allowed attackers to remotely tamper with...
📄 HEUR.Backdoor.Win32.Poison.gen DLL Hijacking
This code implements an advanced WININET.dll proxy via DLL hijacking that is designed as a defensive countermeasure against malware such as HEUR.Backdoor.Win32.Poison.gen. The malware family Poison loads a 32‑bit WININET.dll from its current directory, which enables execution flow hijacking MITRE...
📄 NFTBox NFT Marketplace Solution Private Key Disclosure
NFTBox NFT Marketplace Solution as of 2026/01/22 embeds a private crypto key in the wallet.js file. Exploit Title: NFTBox - NFT Marketplace Solution - Hardcoded Private Key Disclosure Date: 2026-01-21 Exploit Author: Sohel Yousef -- https://www.linkedin.com/in/sohel-yousef-50a905189/ Vendor...
📄 libxml2 2.9.14 Remote Code Execution
libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. This version from the author is in the form of a Metasploit module...
📄 Oracle E-Business Suite CVE-2025-61882 Remote Code Execution
This Metasploit module exploits CVE-2025-61882 in Oracle E-Business Suite by combining server-side request forgery, path traversal, HTTP request smuggling, and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to remote code execution. This...
Exploit for Out-of-bounds Write in Ffmpeg
Synthetic Test Case: CVE-2020-12284 CWE: CWE-787 Orig...
kernel-exploit-dirtycow-project
...
Exploit for SQL Injection in Agentejo Cockpit
Synthetic Test Case: CVE-2020-35846 CWE: CWE-89 Origi...
Exploit for SQL Injection in Dolibarr
Synthetic Test Case: CVE-2018-10094 CWE: CWE-89 Origi...
Exploit for Cross-site Scripting in Exponentcms Exponent_Cms
Synthetic Test Case: CVE-2017-8085 CWE: CWE-79 Origin...
SploitGPT
🤖 SploitGPT - Your Penetration Testing Companion 🚀 Getting...
Exploit for CVE-2023-52271
Disclaimer: This repository contains code that is provided stric...
gotham-recon
Documentation Complete du Systeme d'Agents CrewAI Guide t...
Authenticated RCE in Splunk (SimpleXML dashboard PDF generation)
This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk Enterprise. An attacker can inject arbitrary Python code into style parameters, such as the fillColor or lineColor of a sparkline element within a Splunk SimpleXML dashboard. The malicious code is executed when a...
Authenticated RCE in Splunk (splunk_archiver app)
This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk Enterprise splunkarchiver application. The flaw is rooted in the unsafe use of a Splunk lookup function, specifically | copybuckets, within the splunkarchiver application, which ultimately leads to the execution o...
A2A-POC
A2A Travel Agency Multi-Agent System A Proof of Concept demon...
Exploit for Improper Authentication in Hikvision Ds-2Cd2032-I_Firmware
CVE-2017-...
Exploit for CVE-2024-58290
CVE-2024-58290-Xhibiter-SQLi Proof of Concept PoC for SQL In...
Exploit for Improper Input Validation in N8N
No d...