Exploit for Out-of-bounds Write in Gibbonedu Gibbon

CVE-2023-45878 Wrote this script based on the work of https:/...

MAL-2024-12202 Malicious code in artifact-lab-3-package-b9485a2f (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 902094a9d90c1b9cc5eca3aa3d809929f664931dfa9feaea432bf85d205b06ed Packages showing simple variants of revshell with targets to ngrok. Most probably experiments. Later versions moved to use Burp Collaborator to exfiltrate simp...

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

Chamilo LMS Unauthenticated RCE PoC This is a script written...

Exploit for Unrestricted Upload of File with Dangerous Type in Chamilo Chamilo_Lms

Chamilo LMS Unauthenticated Big Upload File RCE PoC This is a...

Exploit for Injection in Glpi-Project Glpi

It is an offensive tool for GLPI, a proof-of-concept exploit for...

Exploit for Injection in Glpi-Project Glpi

It is an offensive tool for GLPI. This repository contains a pro...

Secbutler - The Perfect Butler For Pentesters, Bug-Bounty Hunters And Security Researchers

Essential utilities for pentester, bug-bounty hunters and security researchers secbutler is a utility tool made for pentesters , bug-bounty hunters and security researchers that contains all the most used and tedious stuff commonly used while performing cybersecurity activities like installing...

WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting

Exploit Title: WhatsUpGold 22.1.0 - Stored Cross-Site Scripting XSS Date: April 18, 2023 Exploit Author: Andreas Finstad 4ndr34z Vendor Homepage: https://www.whatsupgold.com Version: v.22.1.0 Build 39 Tested on: Windows 2022 Server CVE : CVE-2023-35759 Reference:...

Malicious code in revshell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72eab8f20fa73ec0e788be1ec74500bfd8279edf352f3c5c1839d837e9a68130 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5775 Malicious code in revshell (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 72eab8f20fa73ec0e788be1ec74500bfd8279edf352f3c5c1839d837e9a68130 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

ez-pwnkit A pure-Go implementation of the CVE-2021-4034 Pwn...

Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution Exploit

Exploit Title: Alphaware E-Commerce System 1.0 - Unauthenicated Remote Code Execution File Upload + SQL injection Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/11676/alphaware-simple-e-commerce-system.html...

Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)

Exploit Title: Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE Authenticated Date: 5 Aug 2020 Exploit Author: maj0rmil4d Vendor Homepage: http://www.seowonintech.co.kr/en/ Hardware Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkindB05&middlekindB0529 Version: 1.0.11 Possibly al...

IPFire 2.19 - Remote Code Execution Exploit

Exploit for linux platform in category web applications Title : IPFire 2.19 Firewall Post-Auth RCE Date : 09/06/2017 Author : 0x09AL https://twitter.com/0x09AL Tested on: IPFire 2.19 x8664 - Core Update 110 Vendor : http://www.ipfire.org/ Software :...

OrderSys <= 1.6.4 - SQL Injection

No description provided by source. ------------------------------------------------------------------------ OrderSys = 1.6.4 Sql Injection Vulnerabilities ------------------------------------------------------------------------ author............: muuratsalo Revshell.com contact...........:...

OrderSys &lt;= 1.6.4 Sql Injection Vulnerabilities

Dear All, I have found multiple sql injection vulnerabilities in OrderSys = 1.6.4. The vendor knows the vulnerabilities and he is fixing them as stated in the enclosed advisory. See also http://www.bioinformatics.org/phplabware/labwiki/index.php?page=releasenotes Since the developer is currently...