274572 matches found
Exploit for Improper Access Control in Papercut Papercut_Mf
No d...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell: CVE-2025-55182 – Comprehensive Vulnerability Scan...
Exploit for CVE-2025-68461
CVE-2025-68461 Roundcube Webmail before 1.5.12 and 1.6 befor...
Exploit for Code Injection in Xwiki
CVE-2025-24893 Remote Code Execution exploit for XWikihttp...
Exploit for CVE-2025-13486
CVE-2025-13486 exploit ACF Extended WordPress Plugin — Re...
shopz---h4ck-this-website-
No d...
Exploit for Deserialization of Untrusted Data in Facebook React
Next.js React2Shell CVE-2025-55182 Exploit Tool A proof-of-...
Exploit for CVE-2025-68055
CVE-2025-68055 Authenticated SQL injection in Hydra Booking...
public_cve_report
p...
Exploit for Improper Restriction of XML External Entity Reference in Apache Tika
CVE-2025-66516: Minimized Verification Environment This proje...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 POC This repository contains a proof of conce...
📄 Dahua TPC-AEBF5201 P2P Camera ToolsComplete Security Analysis Suite
This PHP proof-of-concept provides defensive tooling to analyze DH-P2P / Easy4IP behaviors observed during DFIR activities. It includes routines to decrypt Account1SecEData, derive device-specific cryptographic keys, and reproduce authentication code generation logic. The project is intended to...
HPE OneView id-pools command execution
Added: 12/19/2025 Background HPE OneView is integrated IT infrastructure management software. Problem A vulnerability in the id-pools feature allow remote attackers to execute arbitrary commands by sending a PUT request to the executeCommand API endpoint. Resolution Apply the hotfix referenced in...
📄 LibreNMS 24.9.1 Code Injection
LibreNMS version 24.9.1 suffers from a remote command execution vulnerability. ============================================================================================================================================= | Title : LibreNMS 24.9.1 PHP Code Injection Vulnerability | | Author :...
📄 WordPress ACF 0.9.1.1 Remote Code Execution
This Metasploit module exploits an unauthenticated remote code execution vulnerability in the Advanced Custom Fields: Extended ACF Extended WordPress plugin versions 0.9.0.5 through 0.9.1.1. The vulnerability exists in the prepareform function of the acfemoduleformfrontrender class, which accepts...
📄 Lepton CMS 7.4.0 Cross Site Scripting / Code Execution
Lepton CMS version 7.4.0 has a vulnerability which allows for a persistent cross site scripting payload to escalate into PHP execution through the droplet engine...
📄 libtransmission 2.93 Integer Overflow
libtransmission versions 2.93 and below suffer from multiple integer overflows. A remote attacker could create a specially crafted .torrent file which may be small when compressed that exploits these overflows when a victim loads it via Transmission or its command-line interface transmission-cli...
📄 Institute Admission Software 2.5 Shell Upload
Institute Admission Software version 2.5 fails to properly validate and restrict uploaded files in the gallery upload functionality within the admin panel. =============================================================================================================================================...
HPE OneView id-pools command execution
Added: 12/19/2025 Background HPE OneView is integrated IT infrastructure management software. Problem A vulnerability in the id-pools feature allow remote attackers to execute arbitrary commands by sending a PUT request to the executeCommand API endpoint. Resolution Apply the hotfix referenced in...
📄 Cisco ISE API 3.2 Command Injection
Proof of concept exploit for a command injection vulnerability in Cisco ISE API version 3.2. ============================================================================================================================================= | Title : Cisco ISE API 3.2 command injection Exploits | |...