h2database-rce-poc

H2 Console RCE Exploit Toolkit Vulnerability exploitation scr...

Exploit for Path Traversal in Vmware Cloud_Foundation

CTT-enhanced-VMware-vCenter Looking at current high-impact vul...

SweetRice-CMS-1.5.1-RCE-Exploit

SweetRice CMS 1.5.1 RCE Exploit Overview SweetRice CMS 1.5...

EUVD-2021-16090

Malware in sbrugna...

EUVD-2020-0163

Malware in sbrugna...

EUVD-2020-0162

Malware in sbrugna...

CVE-2014-125115 Pandora FMS ≤ 5.0 SP2 Default Credential SQL Injection RCE

An unauthenticated SQL injection vulnerability exists in Pandora FMS version 5.0 SP2 and earlier. The mobile/index.php endpoint fails to properly sanitize user input in the loginhashdata parameter, allowing attackers to extract administrator credentials or active session tokens via crafted...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813 Apache Tomcat RCE Exploit PoC This repository...

Exploit for Injection in Cisco Identity_Services_Engine

CVE-2025-20281-2-Cisco-ISE-RCE Unauthenticated Python PoC for...

Exploit for Code Injection in Langflow

mitsec - CVE-2025-3248 Langflow RCE Exploit Remote Code Execu...

Exploit for Improper Protection of Alternate Path in Vbulletin

Description: RCE for Vbullettin versions between 5.0.0 - 5...

Metasploit Weekly Wrap-Up 04/11/2025

Spring Exploits This weekly release of Metasploit Framework includes new RCE exploit modules for several vulnerable applications: Appsmith, a low-code application platform which contains a misconfiguration on PostgreSQL CVE-2024-55964; Pandora FMS, a monitoring solution, where, once gained access...

Exploit for CVE-2024-25600

Exploit Repository: CVE-2024-25600 🔥 Unauthenticated RCE Ex...

CVE-2020-15140

In Red Discord Bot before version 3.3.11, a RCE exploit has been discovered in the Trivia module: this exploit allows Discord users with specifically crafted usernames to inject code into the Trivia module's leaderboard command. By abusing this exploit, it's possible to perform destructive action...

North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit

A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which has made ...

Ray cpu_profile command injection

Ray RCE via cpuprofile command injection vulnerability. Module Options msf use exploit/linux/http/raycpuprofilecmdinjectioncve20236019 msf exploitraycpuprofilecmdinjectioncve20236019 show targets ...targets... msf exploitraycpuprofilecmdinjectioncve20236019 set TARGET msf...

Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm

DolibabyPhp An authenticated RCE exploit for Dolibarr ERP/CRM...

Exploit for Deserialization of Untrusted Data in Apache Activemq

ActiveMQ-Exploit Englishhttps://github.com/Arlenhiack/...

Wallos Shell Upload

Exploit Title: Wallos - File Upload RCE Authenticated Date: 2024-03-04 Exploit Author: [email protected] Vendor Homepage: https://github.com/ellite/Wallos Software Link: https://github.com/ellite/Wallos Version: 1.11.2 Tested on: Debian 12 Wallos allows you to upload an image/logo when you create...

Apache Superset Signed Cookie RCE

Apache Superset versions use exploit/linux/http/apachesupersetcookiesigrce msf exploitapachesupersetcookiesigrce show targets ...targets... msf exploitapachesupersetcookiesigrce set TARGET msf exploitapachesupersetcookiesigrce show options ...show and set options... msf...