CVE-2025-41736 Possible arbitrary code execution

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...

CVE-2025-41736 Possible arbitrary code execution

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...

CVE-2025-41736

The CVE-2025-41736 vulnerability affects METZ CONNECT EWIO2 family (EWIO2-M, EWIO2-M-BM, EWIO2-BM) and is triggered by a path traversal in PHP that allows a low-privileged, remote attacker to upload or overwrite a Python script, resulting in remote code execution. Multiple sources describe the is...

Acunetix_vulnerability_assessment_tool

Acunetixvulnerabilityassessmenttool !imagehttp...

Exploit for CVE-2025-61472

It is an offensive tool for Linux. This repository contains a pr...

Blind-SQLi-StatusCode

Script en python...

Blind-SQLi

Explotación de un SQLi a...

Exploit for Improper Access Control in Adobe Coldfusion

PoC exploit for CVE-2023-26360, a Remote Code Execution vulnerab...

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

CMS Made Simple ⚠️ Disclaimer: This script is for edu...

Exploit for Incorrect Authorization in Apache Ofbiz

This is a PoC exploit for CVE-2024-38856, a remote code executio...

cs557-exploits

It is an offensive tool for Linux. Exploit module targeting Linu...

EUVD-2002-0131

Malware in sbrugna...

Exploit for CVE-2025-55616

It is an exploit module for a vulnerability in a web application...

EUVD-2025-3959

Malicious code in bioql PyPI...

EUVD-2022-38848

Malicious code in bioql PyPI...

sslyze

It is an offensive tool for scanning SSL/TLS configurations. The primary target of this tool is the SSL/TLS configuration of a server, which can be analyzed to ensure it uses strong encryption settings and is not vulnerable to known TLS attacks. The tool can connect to a server to perform the...

Exploit for Path Traversal in Thecartpress Thecartpress_Ecommerce_Shopping_Cart

This is a PoC exploit for CVE-2015-3301, a vulnerability in the Stagefright media library that allows for remote code execution on Android devices. The exploit, called Metaphor, is designed to bypass Address Space Layout Randomization ASLR and execute arbitrary code on the device. The exploit...

PoC

PoC exploit for MS-16-137, LSASS Remote Null Ptr Deref. The target product/service is Windows LSASS Local Security Authority Subsystem Service. The vulnerability class/vector is a remote code execution vulnerability, specifically a null pointer dereference. The probable entry point is the...

mona

This is a repository for mona.py, a Python script used to automate and speed up specific searches while developing exploits, particularly for the Windows platform. Mona.py runs on Immunity Debugger and WinDBG, and requires Python 2.7. The script is designed to work with 32-bit processes, although...

Exploit for CVE-2025-54914

This is a PoC exploit for CVE-2025-54914, a vulnerability in a s...