Exploit for OS Command Injection in Webmin

Python usa...

Security Bulletin: Multiple security vulnerabilities in Python affects IBM Robotic Process Automation

Summary Multiple security vulnerabilities in Python affects IBM Robotic Process Automation. Python is used by IBM Robotic Process Automation as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTIO...

Exploit for Path Traversal in Rarlab Winrar

CVE-2025-8088 PoC Educational Use Only Details about this C...

Exploit for CVE-2025-49132

CVE-2025-49132 Standalone Vulnerability Scanner Non-Docker...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813 Proof of Concept PoC script for CVE-2025-2481...

Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really_Simple_Security

CVE-2024-10924 Exploit - WordPress Really Simple SSL Plugin 2F...

Exploit for CVE-2024-27292

Docassemblepoc Docassemble任意文件读取漏洞CVE-2024-27292 python D...

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apache Tomcat

更多PoC见 https://pc.fenchuan8.com//index?forum=101158&yqm=DGR4X...

Investigating a SharePoint Compromise: IR Tales from the Field

Executive summary Rapid7’s Incident Response team recently investigated a Microsoft Exchange service account with domain administrator privileges. Our investigation uncovered an attacker who accessed a server without authorization and moved laterally across the network, compromising the entire...

UBUNTU-CVE-2022-24065

The package cookiecutter before 2.1.1 are vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be...

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

CVE-2022-1388-PocExp CVE-2022-1388-PocExp,新增了多线程 Usg...

Exploit for Code Injection in Phpunit_Project Phpunit

laravel phpunit rce masscanner CVE-2017-9841 Masscanner for La...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

This repository is an offensive tool for a vulnerability hub. It contains various tools and exploits for testing and demonstrating vulnerabilities in different software and systems. The repository includes a range of tools, such as Docker image builders, format checkers, and Markdown linters, as...

ApkLeaks - Scanning APK File For URIs, Endpoints And Secrets

Scanning APK file for URIs, endpoints & secrets. Installation To install apkLeaks , simply: $ git clone https://github.com/dwisiswant0/apkleaks $ cd apkleaks/ $ pip install -r requirements.txt Or download at release tab. Dependencies This package works in Python2 not Python3. Install global...

Exploit for Deserialization of Untrusted Data in Laravel

Laravel exploit for CVE-2018-15133 This code exploit CVE-201...

Exploit for CVE-2020-0609

BlueGate Proof of Concept Denial of Service + scanner for...

Exploit for Server-Side Request Forgery in Atlassian Jira_Server

CVE-2019-8451 Jira未授权SSRF漏洞 python usage python CVE-2019...

Exploit for Code Injection in Apache Solr

CVE-2019-0193 Solr DataImport Handler RCE RCE-Vuln...

Exploit for CVE-2018-11776

struts-pwn - CVE-2018-11776 Exploit ============ An explo...

AZL-43945 CVE-2009-3720 affecting package ogdi 4.1.0-9

The updatePosition function in lib/xmltokimpl.c in libexpat in Expat 2.0.1, as used in Python, PyXML, w3c-libwww, and other software, allows context-dependent attackers to cause a denial of service application crash via an XML document with crafted UTF-8 sequences that trigger a buffer over-read,...