Exploit for Incorrect Authorization in Cacti

SHELL-POC-CVE-2022-46169 A bash proof of concept of t...

Exploit for Deserialization of Untrusted Data in Apache Tomcat

CVE-2025-24813 Proof of Concept PoC script for CVE-2025-2481...

Exploit for CVE-2024-27448

MailDev 2.1.0 RCE Exploit CVE-2024-27448 MailDev 2 throu...

Exploit for Server-Side Request Forgery in Lobehub Lobe_Chat

CVE-2024-47066 ★ CVE-2024-47066 LobeChat SSRF PoC ★ Descr...

Exploit for Missing Authorization in Sonaar Mp3_Audio_Player_For_Music\,_Radio_\&_Podcast

CVE-2024-7856 ★ CVE-2024-7856 Arbitrary File deletion PoC ★...

Exploit for Cross-Site Request Forgery (CSRF) in Concretecms Concrete_Cms

CVE-2017-5638 Apache Struts 2 RCE Proof of Concept This repos...

Exploit for Improper Access Control in Joomla Joomla\!

Joomla-CVE-2023-23752 This Python implementation serves an edu...

CVE-2023-38035

A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. Recent assessments: jheysel-r7 at...

Cicd-Goat - A Deliberately Vulnerable CI/CD Environment

Deliberately vulnerable CI/CD environment. Hack CI/CD pipelines, capture the flags. Created by Cider Security. Description The CI/CD Goat project allows engineers and security practitioners to learn and practice CI/CD security through a set of 10 challenges, enacted against a real, full blown CI/...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is a Server-Side Template Injection SSTI vulnerability in a Flask application. The repository contains a Docker Compose file that sets up a vulnerable environment for testing and demonstration...

Dockerfiles

This repository is a collection of Dockerfiles for CTF Capture The Flag challenges running on SniperOJ. The Dockerfiles are used to build a vulnerable environment for the challenges, which can be solved by participants. The repository contains various challenges, including web-based and pwn...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, maintained by Vulhub. The repository contains a collection of vulnerable environments for testing and training purposes. The environments are designed to be easy to use and require no prior knowledge of Docker. The repository...

vulhub

It is an open-source collection of pre-built vulnerable docker environments. The primary vulnerability is a Flask SSTI Server-Side Template Injection vulnerability. The target product/service is Flask, a Python web framework. The vulnerability class/vector is SSTI. The probable entry point is the...

CORS-Vulnerable-Lab: with COSR configuration error related to the vulnerability code range-vulnerability warning-the black bar safety net

This repository contains the CORS configuration error related to the vulnerable code. You can be on the local machine to configure the vulnerable code, and to the actual use of the CORS related error configuration issue. In this case, I would first like to thank@albinowax, the AKReddy, And Vivek...

ncu-ad-course-2017-pwn

This repository is an offensive tool for a Capture The Flag CTF challenge. It contains a series of pwn tasks created by the author for the NCU A&D course. The tasks are designed to test the participants' skills in exploiting vulnerabilities and bypassing security measures. The repository includes...

Exploit for Improper Input Validation in Redhat Openshift

This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The project is designed to help users learn about vulnerabilities and improve their defensive skills. The repository contains a collection of vulnerable environments, each with its own Docker-Compo...

PHPMailer < 5.2.18 - Remote Code Execution

""" Exploit Title: PHPMailer Exploit v1.0 Date: 29/12/2016 Exploit Author: Daniel aka anarc0der Version: PHPMailer 3 - Open other terminal and run the exploit: python3 anarcoder.py Video PoC: https://www.youtube.com/watch?v=DXeZxKr-qsU Full Advisory:...

IE Aurora vulnerability of the principles of the quest-bug warning-the black bar safety net

Details: http://bbs.xfocusx.com/thread-7873-1-1.html by:xuanyuan small Cong The present article refer to the following article: 1http://www.geoffchappell.com/viewer.htm?doc=notes/security/aurora/index.htm 2http://securitylabs.websense.com/content/Blogs/3530.aspx...