1804 matches found
Exploit for CVE-2023-38646
Metabase Pre Authentication RCE CVE-2023-38646 We have pro...
pyFUD - Multi Clients FUD Reverse Shell
python3 based multi clients reverse shell. Warning: 1. Don't Upload Any Payloads To VirusTotal.com Bcz This tool will not work with Time. 2. Virustotal Share Signatures With AV Comapnies. 3. Again Don't be an Idiot! Installation: 1. git clone https://github.com/machine1337/pyFUD 2. python3...
Exploit for Code Injection in Apache Airflow
Apache Airflow official report description says: A vulnerab...
Exploit for Classic Buffer Overflow in Extremenetworks Iq_Engine
CVE-2023-35803 - Unauthenticated RCE in Extreme Networks/Aer...
Exploit for Improper Initialization in Linux Linux_Kernel
CVE-2022-0847-Exploit-Implementation This is a POC showing ho...
Exploit for Path Traversal in Icinga Icinga_Web_2
Icinga Web 2 - Authenticated Remote Code Execution 2.8.6, 2.9...
FuguHub 8.1 - Remote Code Execution Exploit
Exploit Title: FuguHub 8.1 - Remote Code Execution Date: 6/24/2023 Exploit Author: redfire359 Vendor Homepage: https://fuguhub.com/ Software Link: https://fuguhub.com/download.lsp Version: 8.1 Tested on: Ubuntu 22.04.1 CVE : CVE-2023-24078 import requests from bs4 import BeautifulSoup import...
Exploit for OS Command Injection in Cacti
Cacti v1.2.24 authenticated command injection CVE-2023-39362...
Exploit for OS Command Injection in Easynas
CVE-2023-0830: EasyNAS 1.1.0 Authenticated OS Command Injectio...
Exploit for Path Traversal in Microsoft
CVE-2022-4510-Binwalk This script allows you to generate expl...
Exploit for Improper Input Validation in Barracuda Email_Security_Gateway_300_Firmware
CVE-2023-2868: Barracuda ESG Command Injection For full...
Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway
A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway ESG appliances since October 2022. "UNC4841 is an espionage actor behind this wide-ranging campaign in support of the People's Republic o...
GodPotato - Local Privilege Escalation Tool From A Windows Service Accounts To NT AUTHORITY\SYSTEM
Based on the history of Potato privilege escalation for 6 years, from the beginning of RottenPotato to the end of JuicyPotatoNG, I discovered a new technology by researching DCOM, which enables privilege escalation in Windows 2012 - Windows 2022, now as long as you have "ImpersonatePrivilege"...
New GobRAT Remote Access Trojan Targeting Linux Routers in Japan
Linux routers in Japan are the target of a new Golang remote access trojan RAT called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center JPCERT/CC...
Exploit for Code Injection in Vmware Spring_Cloud_Function
Exploit for RCE in Spring Cloud CVE 2022-22963 Exploit for...
Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection
POC exploit for Searchor ' import'os'.popen''.rea...
Trend Micro OfficeScan Client 10.0 Local Privilege Escalation
Exploit Title: Trend Micro OfficeScan Client 10.0 - ACL Service LPE Date: 2023/05/04 Exploit Author: msd0pe Vendor Homepage: https://www.trendmicro.com My Github: https://github.com/msd0pe-1 Trend Micro OfficeScan Client: Versions = icacls "C:\Program Files x86\Trend Micro\OfficeScan Client"...
Hubstaff 1.6.14-61e5e22e DLL Hijacking
Exploit Title: Hubstaff 1.6.14-61e5e22e - 'wow64log' DLL Search Order Hijacking Date: 14/05/2023 Exploit Author: Ahsan Azad Vendor Homepage: https://hubstaff.com/ Software Link: https://app.hubstaff.com/download Version: 1.6.13, 1.6.14 Tested On: 64-bit operating system, x64-based processor...
Exploit for OS Command Injection in Zyxel Atp100_Firmware
CVE-2023-28771-PoC PoC for CVE-2023-28771 based on Rapid7's ex...
Exploit for OS Command Injection in Zyxel Atp100_Firmware
CVE-2023-28771-PoC PoC for CVE-2023-28771 based on Rapid7's ex...