274106 matches found
Exploit for Missing Authentication for Critical Function in Cpanel
CVE-2026-41940 — WHM/cPanel Exploit Tool Linux ⚠️ DISCL...
📄 Windows Shell LNK Spoofing / NTLMv2 Hash Capture
A spoofing vulnerability in Windows Shell File Explorer allows an attacker to capture NTLMv2 hashes without user interaction. By crafting a malicious .lnk shortcut file with a UNC path pointing to an attacker-controlled SMB server, the target's Windows system automatically sends an NTLMv2...
OpenCATS 0.9.7.4 - SQL Injection
Exploit Title: OpenCATS 0.9.7.4 - SQL Injection Exploit Author: Gabriel Rodrigues TEXUGO from HAKAI Vendor Homepage: https://www.opencats.org Software Link: https://github.com/opencats/OpenCATS Version: 1 else "http://localhost:8888" user = sys.argv2 if lensys.argv 2 else "admin" pw = sys.argv3 i...
scramble - Remote Code Execution
Exploit Title: scramble - Remote Code Execution Google Dork: inurl:/docs/api.json "dedoc/scramble" Date: 2026-05-07 Exploit Author: Joshua van der Poll https://github.com/joshuavanderpoll Vendor Homepage: https://scramble.dedoc.co Software Link: https://github.com/dedoc/scramble Version: =0.13.2,...
MeiG Smart FORGE_SLT711 - OS Command Injection
Exploit Title: MeiG Smart FORGESLT711 - OS Command Injection Date: 2026-05-03 Exploit Author: Daniil Gordeev Vendor Homepage: http://www.meigsmart.com Software Link: N/A firmware distributed via carrier channels Version: Firmware MDM9607.LE.1.0-00110-STD.PROD-1 likely all firmware versions of thi...
EspoCRM 9.3.3 - SSRF
Exploit Title: EspoCRM 9.3.3 - Authenticated SSRF via Alternative IPv4 Notation Google Dork: N/A Date: 2026-05-08 Exploit Author: Max Gabriel https://github.com/EntroVyx Vendor Homepage: https://www.espocrm.com/ Software Link: https://github.com/espocrm/espocrm/releases/tag/9.3.3 Version: 9.3.3...
Linux Kernel - Local Privilege Escalation
Titles: Linux Kernel Local Privilege Escalation CVE-2026-43284 / CVE-2026-43500 Author: nu11secur1ty Date: 2026-05-11 Vendor: Linux Kernel Software: Linux Kernel All major distributions Vulnerability Type: Page-Cache Write / Memory Corruption Status: HIGH / CRITICAL --- Description The "Kukurigu"...
Casdoor 3.54.1 - Arbitrary File Write via Path Traversal
Exploit Title: Casdoor 3.54.1 - Arbitrary File Write via Path Traversal Date: 2026-05-11 Exploit Author: sixpain Vendor Homepage: https://casdoor.org/ Software Link: https://github.com/casdoor/casdoor Version: 3.54.1 Tested on: Linux / Docker CVE : CVE-2026-6815 """ Casdoor Arbitrary File Write /...
Realtek rtl819x - Local Privilege
Exploit Title: Realtek rtl819x - Local Privilege Escalation Date: 2026-05-03 Exploit Author: Daniil Gordeev Vendor Homepage: http://www.realtek.com Software Link: https://github.com/iptime-gpl/userappsn104qi representative GPL release Version: Realtek rtl819x Jungle SDK, all known versions throug...
XSS-PAYLOADS
No d...
indo-cpanel-exploit
🦉 Indo cPanel Exploit Toolkit ⚠️ FOR AUTHORIZED SECURITY TE...
Supsystic Contact Form Wordpress Plugin SSTI RCE
This module performs SSTI achieving RCE in webpages containing the Contact Form Wordpress plugin by Supsystic in versions 1.7.36 and before. Module Options msf use exploit/multi/http/wppluginsupsysticcontactformrce msf exploitwppluginsupsysticcontactformrce show targets ...targets... msf...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Lab — React Server Components RCE !Dockerh...
IMVU-Exploits
IMVU Exploits IMVU Classic Client v3.6.15 - Complete exploita...
CVE---EXPLOIT
C...
Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager
CVE-2026-20182 Cisco Catalyst SD-WAN Peering Authentication By...
Exploit for CVE-2026-42945
No d...
-GodSearch
GodSearch v20.0 — THE SOVEREIGN 💀 Universal Exploit Sear...
GodSearch
GodSearch v20.0 — THE SOVEREIGN 💀 Universal Exploit Sear...
Security-Engineering
No d...