📄 Caddy 2.10.0 Server-Side Request Forgery

Caddy version 2.10.0 suffers from a server-side request forgery vulnerability via a JSON configuration injection. Exploit Title: Caddy 2.10.0 - Admin API SSRF via JSON Config Injection Date: 2025-07-10 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://caddyserver.com/ Software Link:...

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Date: 2023-10-05 Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Softwar...

Cameleon CMS 2.7.4 - Persistent Stored XSS in Post Title Vulnerability

Exploit Title: Authenticated Persistent XSS in Cameleon CMS 2.7.4 Google Dork: intext:"Camaleon CMS is a free and open-source tool and a fexible content management system CMS based on Ruby on Rails" Exploit Author: Yasin Gergin Vendor Homepage: http://camaleon.tuzitio.com Software Link:...

Linux/x86 /etc/hosts Mapping Add Polymorphic Shellcode

102 bytes small Linux/x86 add map in /etc/hosts file polymorphic shellcode. Title: Linux/x86 - Add map in /etc/hosts file polymorphic shellcode 102 bytes Author: Xenofon Vassilakopoulos Date: 2020-06-15 Tested on: Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux...

Linux/x86 Encoder / Decoder Shellcode (117 bytes)

Title : Linux/x86 - Encoder - Random Bytes + XOR/SUB/NOT/ROR / Decoder - ROL/NOT/ADD/XOR execve/bin/sh Shellcode 117 bytes Author : Xenofon Vassilakopoulos Date : July, 2019 Tested on : Linux kali 5.3.0-kali2-686-pae 1 SMP Debian 5.3.9-3kali1 2019-11-20 i686 GNU/Linux Architecture : i686 GNU/Linu...

XooDigital - 'p' SQL Injection

Exploit Title: XooDigital - 'p' SQL Injection Date: 26.03.2019 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://xooscripts.com/product/digital-download-protection-script.html Demo Site: http://xooscripts.com/demos/xoodigital/ Version: Lastest Tested on: Kali Linux CVE: N/A ----- PoC :...

Flat Assembler 1.7.21 - Local Buffer Overflow

!/usr/bin/python Developed using Exploit Pack - http://exploitpack.com - Exploit Author: Juan Sacco at KPN Red Team - http://www.kpn.com Tested on: GNU/Linux - Kali 2017.1 Release What is FASM? Flat assembler is a fast, self-compilable assembly language compiler for the x86 and x86-64 architectur...

Newsletter 4.3 SQL Injection

------------------------ Exploit Title : Newsletter 4.3 SQL Injection Vulnerability Exploit Author : Ashiyane Digital Security Team Vendor Homepage: www.conpresso.de - www.conpresso4.de Google Dork ONE: intext:Module Newsletter 4.3 Google Dork TWO: Module Newsletter 4.3 by www.conpresso4.de Date ...