Icinga Web 2.10 - Authenticated Remote Code Execution

!/usr/bin/env python3 Exploit Title: Icinga Web 2.10 - Authenticated Remote Code Execution Date: 8/07/2023 Exploit Author: Dante CoronaAka. cxdxnt Software Link: https://github.com/Icinga/icingaweb2 Vendor Homepage: https://icinga.com/ Software Link: https://github.com/Icinga/icingaweb2 Version:...

Exploit for Improper Access Control in Citrix Sharefile_Storage_Zones_Controller

ShareFile RCE CVE-2023-24489 This is a Python script that e...

Exploit for Path Traversal in Igniterealtime Openfire

CVE-2023-32315-POC CVE-2023-32315-Openfire-Bypass-Py O...

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. "A npm package's manifest is...

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889 Text4Shell Testing Script This repository co...

Dos via Document Comments

Description An attacker can abuse the document comment functionality, handled by the /api/comments.create API endpoint, since there is not size check or validation of the comment contents, which allows an attacker to send a comment with almost an unlimited number of characters1MB max POST size...

Exploit for Special Element Injection in Rocket.Chat

CVE-2021-22911 If you have already registered...

Exploit for Buffer Underflow in Fortinet Fortiweb

CVE-2023-25610 Insufficient heap memory in the FortiOS manage...

Microsoft Windows PowerShell Remote Command Execution Exploit

This python script mints a .ps1 file with an exploitable semicolon condition that allows for command execution from Microsoft Windows PowerShell. This is an updated exploit to work with Python3. from base64 import b64encode import argparse,sys,os PSTrojanFile.py By hyp3rlinx c 2023 ApparitionSec...

Exploit for Double Free in Openbsd Openssh

CVE-2023-25136 POC POC For A Pre Auth Double Free Vulnerability...

Exploit for Command Injection in Deltaww Dx-3021L9_Firmware

CVE-2022-46169 Pseudo Shell Description This Python script...

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 Pseudo Shell Description This Python script...

Exploit for Incorrect Authorization in Cacti

CVE-2022-46169 This repository contains a Proof of Concept P...

Exploit for Cross-site Scripting in Dompdf_Project Dompdf

CVE-2022-28368-handler This repository contains a python scrip...

Microsoft Windows 11 - 'cmd.exe' Denial of Service

Exploit Title: Microsoft Windows 11 - 'cmd.exe' Denial of Service Exploit Author: Milad Karimi Ex3ptionaL Date: 2023-03-30 Vendor Homepage: https://www.microsoft.com/en-us Software Link: https://www.microsoft.com/en-us Tested Version: N/A Tested on OS: Windows 11 Pro About App Microsoft Windows i...

Microsoft Windows 11 - (cmd.exe) Denial of Service Exploit

Exploit Title: Microsoft Windows 11 - 'cmd.exe' Denial of Service Exploit Author: Milad Karimi Ex3ptionaL Date: 2023-03-30 Vendor Homepage: https://www.microsoft.com/en-us Software Link: https://www.microsoft.com/en-us Tested Version: N/A Tested on OS: Windows 11 Pro About App Microsoft Windows i...

Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing

!/usr/bin/python3 Exploit Title: Tenda N300 F3 12.01.01.48 - Malformed HTTP Request Header Processing Shodan Dork: http.favicon.hash:-2145085239 http.title:"Tenda | LOGIN" Date: 09/03/2023 Exploit Author: @h454nsec Github: https://github.com/H454NSec/CVE-2020-35391 Vendor Homepage:...

Exploit for Improper Access Control in Joomla Joomla\!

CVE-2023-23752This is a proof-of-concept code for the CVE-2023-2...

TP-Link TL-WR902AC Remote Code Execution

!/usr/bin/python3 Exploit Title: TP-Link TL-WR902AC firmware 210730 V3 - Remote Code Execution RCE Authenticated Exploit Author: Tobias Müller Date: 2022-12-01 Version: TL-WR902ACEUV30.9.1 Build 220329 Vendor Homepage: https://www.tp-link.com/ Tested On: TP-Link TL-WR902AC Vulnerability...

Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow

Exploit Title: Grand Theft Auto III/Vice City Skin File v1.1 - Buffer Overflow Exploit Date: 22.01.2023 Discovered and Written by: Knursoft Vendor Homepage: https://www.rockstargames.com/ Version: v1.1 Tested on: Windows XP SP2/SP3, 7, 10 21H2 CVE : N/A 1 - Run this python script to generate...