174 matches found
📄 Oracle E-Business Suite CVE-2025-61882 Remote Code Execution
This Metasploit module exploits CVE-2025-61882 in Oracle E-Business Suite by combining server-side request forgery, path traversal, HTTP request smuggling, and XSLT injection. The exploit hosts a malicious XSL file that the target will fetch and process, leading to remote code execution. This...
odfs_rce_poc
Online Discussion Forum Site 1.0 - Remote Code Execution PoC...
Exploit for CVE-2024-25600
🧱 BrickBreaker !Pythonhttps://img.shields.io/badge/Pytho...
PT-2026-5655
Name of the Vulnerable Software and Affected Versions libxml2 versions affected versions not specified Description A memory leak exists in the interactive shell of the xmllint utility. When a user provides input containing only whitespace, the program does not release the allocated memory buffer,...
Exploit for CVE-2025-52691
CVE-2025-52691 PoC: SmarterMail Arbitrary File Upload RCE APT...
React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors
The security vulnerability known as React2Shell is being exploited by threat actors to deliver malware families like KSwapDoor and ZnDoor, according to findings from Palo Alto Networks Unit 42 and NTT Security. "KSwapDoor is a professionally engineered remote access tool designed with stealth in...
Exploit for Deserialization of Untrusted Data in Facebook React
⚛️ React2Shell CVE-2025-55182 !Pythonhttps://img.shields...
Exploit for Deserialization of Untrusted Data in Facebook React
R2SAE - React2Shell Auto-Exploit A Firefox extension...
📄 React 19.2.0 PHP Scanner / Remote Code Execution
This project delivers a PHP-based vulnerability scanner and remote code execution exploit for CVE‑2025‑55182 affecting React Server Components. It leverages RSC serialization weaknesses to execute arbitrary commands and validate successful exploitation...
Exploit for Deserialization of Untrusted Data in Facebook React
CVE-2025-55182 Next.js Exploit Tool 이 도구는 Next.js의 취약점CVE-20...
Exploit for Deserialization of Untrusted Data in Facebook React
‼️ CVE-2025-55182 Pwn React2Shell RCE Exploit with Interactive...
Exploit for CVE-2025-9074
CVE-2025-9074 Exploit Tool A sophisticated exploitation frame...
Exploit for Deserialization of Untrusted Data in Facebook React
👻 CVE-2025-55182 Interactive RCE exploitation tool for CVE-...
Exploit for Deserialization of Untrusted Data in Facebook React
Next.js RSC Vulnerability Scanner CVE-2025-66478 A lightwei...
CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...
Exploit for CVE-2025-55182
CVE-2025-55182 Next.js RCE Exploit 🚀 !Pythonhttps://img.sh...
Exploit for Missing Authentication for Critical Function in Langflow
CVE-2025-3248 Langflow RCE Scanner A Python tool designed to...
EUVD-2017-5834
Malware in sbrugna...
CVE-2025-57602
Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remote attackers to authenticate to the cloud controller, gain interactive shell access, and pivot into other connected IoT devices. This can...
fimap
fimap is a Python tool designed to find, prepare, audit, exploit, and even automatically Google for local and remote file inclusion LFI/RFI bugs in web applications. It can identify and exploit file inclusion bugs, including include, includeonce, require, and requireonce functions. The tool has a...