📄 Xorcom CompletePBX 5.2.35 Remote Code Execution

Xorcom CompletePBX suffers from an authenticated command injection vulnerability within the Task Scheduler subsystem. An attacker with valid superadmin credentials can create a scheduled task containing unsanitized parameters that get executed by the backend, resulting in remote command execution...

📄 Chromodo Browser 45.8.12.391 Same Origin Policy Weakness

This proof of concept demonstrates message passing between two browser windows when opened under the same logical context same origin. It affect Chromodo Browser version 45.8.12.391...

📄 Zimbra Collaboration Suite Postjournal 10.1.0 Remote Code Execution

Proof of concept for a critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. Version 10.1.0 is affected...

📄 Arista NGFW 17.3.1 Information Disclosure Scanner

This is a proof of concept testing script for an information disclosure vulnerability in Arista NGFW version 17.3.1. ============================================================================================================================================= | Title : Arista NGFW 17.3.1 Informati...

📄 YOURLS 1.8.2 SQL Injection

Proof of concept for a remote SQL injection vulnerability in YOURLS version 1.8.2. ============================================================================================================================================= | Title : YOURLS 1.8.2 SQL Injection & System Compromise in Administrati...

📄 Palo Alto Deep Packet Inspection Information Disclosure

Proof of concept code for Palo Alto deep packet inspection data exfiltration issues that appear to affect PanOS up to version 11.2.0. ============================================================================================================================================= | Title : Palo Alto...

📄 is-localhost-ip 2.0.0 Restriction Bypass

is-localhost-ip version 2.0.0 suffers from a restriction bypass vulnerability. ============================================================================================================================================= | Title : is-localhost-ip 2.0.0 Restriction Bypass | | Author : indoushka | ...

iOS 12 / macOS 10.14 voucher_swap Use-After-Free

Proof of concept for an older vulnerability from 2019. A use-after-free vulnerability in Apple's Mach voucher subsystem affects macOS version 10.14 and iOS version 12...

📄 Clinic's Patient Management System 2.0 Remote Code Execution

Clinic's Patient Management System version 2.0 proof of concept that combines SQL injection authentication bypass with an unrestricted file upload to achieve full compromise...

📄 Exim Vulnerability Scanner

This is a multi-phase vulnerability scanning tool designed to detect and analyze security weaknesses in Exim mail servers. The tool performs comprehensive security assessments by testing for all known Exim vulnerabilities, misconfigurations, and security weaknesses. These include remote code...

📄 Exim 4.98 SQL Injection

A vulnerability exists in Exim version 4.98 when ETRN input is serialized and passed to a SQLite backend. Time‑based SQL injection allows attackers to detect conditions in SQL execution measuring response latency...

📄 Beego 1.12.3 Directory Traversal / Local File Disclosure

Beego version 1.12.3 suffers from a directory traversal vulnerability that allows for local file disclosure. ============================================================================================================================================= | Title : Beego 1.12.3 Directory Traversal /...

📄 Cloudflare Memory Leak

A Python-based scanner imitates CloudBleed-style leakage detection by fetching raw HTTP response data from a target website, converting it to hexadecimal, and searching for sensitive memory patterns such as sessions, passwords, tokens, cookies, AWS keys, and stack traces. It does not exploit the...

📄 Cloudbleed Scanner

Cloudbleed Scanner is a comprehensive security tool designed to detect memory leak patterns similar to the 2017 Cloudbleed incident, where Cloudflare's reverse proxies leaked uninitialized memory containing sensitive data...

📄 dotCMS 25.07.02-1 SQL Injection

This PHP script represents a sophisticated dual-method SQL Injection exploit targeting dotCMS version 25.07.02-1. The exploit combines time-based blind SQL injection and error-based SQL injection techniques to extract password hashes from the database, specifically targeting administrator account...

📄 React 19.2.0 PHP Scanner / Remote Code Execution

This project delivers a PHP-based vulnerability scanner and remote code execution exploit for CVE‑2025‑55182 affecting React Server Components. It leverages RSC serialization weaknesses to execute arbitrary commands and validate successful exploitation...

📄 WordPress StoryChief 1.0.42 Remote Code Execution

A critical security vulnerability exists in WordPress Story Chief plugin version 1.0.42 that allows unauthenticated attackers to achieve remote code execution by exploiting the webhook featured image functionality...

📄 React / Next.js Unauthenticated Remote Code Execution

A critical unauthenticated remote code execution vulnerability exists in React Server Components RSC Flight protocol. The vulnerability allows attackers to achieve prototype pollution during deserialization of RSC payloads by sending specially crafted multipart requests with proto, constructor, o...

📄 Adobe Acrobat Chrome 1.41.100 Cross Site Scripting

Adobe Acrobat Chrome extension version 1.41.100 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : Adobe Acrobat Chrome V 1.41.100 Extension DOM...

📄 Android 7 / 8 / 8.1 Pointer Disclosure

A flaw in Android's Binder IPC allowed applications to craft Parcels where binder-object metadata overlapped with string data. When unmarshalling, the kernel inserted genuine kernel pointers into attacker-controlled buffers. These could then be echoed back through services like clipboard, resulti...

📄 Pluck 4.7.7-dev2 Remote Code Execution

Pluck version 4.7.7-dev2 suffers from a remote code execution vulnerability. Exploit Title: Pluck 4.7.7-dev2 - PHP Code Execution Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Version: 4.74-dev5...

📄 YOURLS 1.8.2 CSRF / IDOR / Missing Authorization

YOURLS version 1.8.2 AJAX endpoint scanner that checks for cross site request forgery, insecure direct object reference, missing authorization, and missing input validation vulnerabilities...

📄 Cacti 1.2.29 Remote Command Execution

Proof of concept exploit that demonstrates how authenticated users with access to Graph Templates in Cacti can abuse RRD invocation parameters to write arbitrary PHP files, then trigger execution leading to remote command execution. Version 1.2.29 is affected...

📄 Zimbra Collaboration Suite Postjournal 9.0.0 Remote Command Execution

A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...

📄 ClipBucket 5.5.2 Build 90 Practical Exploitation Tool

An enhanced Python penetration testing tool designed specifically for ClipBucket video sharing platform vulnerability assessment and exploitation. It checks for remote command execution, file upload, SQL injection, local file inclusion, and more. It affects ClipBucket version 5.5.2 Build 90...

📄 DNN Platform Pre‑10.1.1 Arbitrary File Upload

DNN Platform version Pre‑10.1.1 suffers from an unauthenticated arbitrary file upload vulnerability. This software was formerly known as DotNetNuke. ============================================================================================================================================= | Titl...

📄 Microsoft Windows LNK File UI Misrepresentation Remote Code Execution

A critical vulnerability exists in Microsoft Windows LNK file handling that allows attackers to create malicious shortcut files that appear legitimate in Windows Explorer while executing arbitrary commands. The vulnerability is a UI misrepresentation flaw where Windows incorrectly displays file...

📄 Cinnamon kotaemon 0.11.0 ZIP Bomb

Cinnamon kotaemon version 0.11.0 zip bomb proof of concept denial of service exploit. ============================================================================================================================================= | Title : Cinnamon kotaemon v 0.11.0 ZIP Bomb Vulnerability in...

📄 Django 5.1.13 SQL Injection

Django version 5.1.13 remote SQL injection vulnerability scanning script. ============================================================================================================================================= | Title : Django 5.1.13 SQL Injection Scanner | | Author : indoushka | | Tested o...

📄 Coohom SaaS Cross Site Scripting

Coohoom SaaS is susceptible to a persistent cross site scripting vulnerability. CVE-2025-65300 Description CVE-2025-65300: Stored Cross-Site Scripting XSS Vulnerability in Coohom SaaS Platform Disclosure Date: 2025-10-28 Last Updated: 2025-10-28 Reporter: Phisit Pupiw Vendor: Coohom CWE: CWE-79 –...

📄 Craft CMS 5.0 Logic Flaw

A flaw in the Craft CMS image transform endpoint allows an unauthenticated attacker to trigger backend processing without prior authentication. While the original Metasploit module targeted remote code execution, this proof of concept does not execute code, does not write files, and does not inje...

📄 Apache bRPC Stack Overflow

A critical stack overflow vulnerability in Apache bRPC's JSON parser allows remote attackers to crash servers via specially crafted deep recursive JSON data. Versions prior to 1.15.0 are affected...

📄 Visual Studio 1.39.0 Remote Debugger

Visual Studio versions 1.30.0 through 1.39.0 had a remote debugger enabled by default that could cause multiple security issues. Code included to scan for any listeners...

📄 Microsoft Windows File Explorer NTLM Hash Disclosure

Microsoft Windows File Explorer in Windows 10 and 11 contains a critical NTLM hash disclosure vulnerability that allows attackers to capture user authentication credentials by exploiting the automatic parsing of .library-ms files from ZIP archives, leading to potential domain compromise through...

📄 WordPress AI Buddy 1.8.5 Shell Upload

WordPress AI Buddy plugin versions 1.8.5 and below remote shell upload exploit that leverages the REST API attachment functionality. ============================================================================================================================================= | Title : AI Buddy...

📄 Flask 3.0.0 Remote Code Execution

Flask version 3.0.0 suffers from multiple remote code execution vulnerabilities. Exploit Title: Flask 3.0.0 CookApp - Multiple Unauthenticated RCE Vulnerabilities Date: 2024-12-05 Exploit Author: nu11secur1ty Vendor Homepage: https://flask.palletsprojects.com/ Software Link:...

📄 Abacre Restaurant Point of Sale 15.0.0.1656 Memory Scanner

Abacre Restaurant Point of Sale version 15.0.0.1656 memory scanner for sensitive data detection. This Python script is an advanced Windows memory scanning tool designed to detect sensitive data leaks within running processes. It performs deep memory analysis to identify patterns resembling produc...

📄 phpMyFAQ 2.9.8 Cross Site Request Forgery

phpMyFAQ version 2.9.8 suffers from multiple cross site request forgery vulnerabilities. These are proof of concepts from issues stemming back in 2017. Exploit Title: phpMyFAQ 2.9.8 Cross-Site Request Forgery CSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage:...

📄 Microsoft Windows 11 Build 10.0.27898.1000 Insider Preview Privilege Escalation

A security vulnerability exists in the Windows Administrator Protection feature in Windows 11 Insider Preview that allows a low-privileged user to achieve privilege escalation. The vulnerability is located in the AiRegistrySync function within the appinfo service, which incorrectly copies registr...

📄 WordPress AI Engine 3.1.3 Remote Code Execution

This Metasploit module exploits an unauthenticated vulnerability in the WordPress AI Engine plugin versions less than or equal to 3.1.3. The vulnerability allows an attacker to create an administrator account via the MCP Model Context Protocol endpoint without authentication. The module supports...

📄 Microsoft Windows 11 Build 10.0.27898.1000 AiRegistrySync Bypass / Privilege Escalation

Microsoft Windows 11 build 10.0.27898.1000 Metasploit module designed to achieve local privilege escalation on Windows 10/11 by targeting a vulnerability misconfiguration in the AiRegistrySync service...

📄 Discord Language Sloth Bot Directory Traversal Scanner / Payload Generator

The Language Sloth Discord bot contains a critical directory traversal vulnerability allowing attackers to read arbitrary files on the server hosting the bot through improperly sanitized user input in file path operations. This is an automated scanner with payload generation...

📄 MaNGOSWebV4 4.0.6 Cross Site Scripting

MaNGOSWebV4 version 4.0.6 suffers from a cross site scripting vulnerability. Exploit Title: MaNGOSWebV4 4.0.6 - Reflected XSS Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/paintballrefjosh/MaNGOSWebV4 Software Link: https://github.com/paintballrefjosh/MaNGOSWebV4...

📄 Microsoft Windows 11 Search Path Privilege Escalation

Microsoft Windows 11 suffers from an untrusted search path local privilege escalation vulnerability. Proof of concept Metasploit module included. ============================================================================================================================================= | Title :...

📄 Azure APIM 2 Vulnerability Checker

This PHP script is a full vulnerability scanner with proof of concepts for Azure API Management APIM instances, focusing on the possibility of cross‑tenant account signup bypass through the Basic Auth Identity Provider...

📄 Microsoft Windows 11 Administrator Protection UAC Bypass / Privilege Escalation

A privilege escalation vulnerability exists in Windows 11 Insider Preview Build 10.0.27919.1000 due to improper handling of user‑controlled environment variables by the Unified Background Process Manager UBPM when launching elevated scheduled tasks under Administrator Protection. Proof of concept...

📄 Django 5.1.13 SQL Injection

Django version 5.1.13 suffers from a remote SQL injection vulnerability. Exploit Title: Django 5.1.13 - SQL Injection Google Dork: none Not applicable for this vulnerability Date: 2025-12-03 Exploit Author: Wafcontrol Security Team Vendor Homepage: https://www.djangoproject.com/ Software Link:...

📄 Microsoft Windows 11 Administrator Protection Bypass / Privilege Escalation

Microsoft Windows 11 suffers from an administrator protection bypass local privilege escalation vulnerability. Proof of concept Metasploit module included. =============================================================================================================================================...

📄 Samsung QuramDng Out-Of-Bounds Write

Samsung QuramDng has an invalid LossyJpeg component assumption that leads to an out-of-bounds write. BACKGROUND Samsung Android uses an internal DNG decoding library, QuramDng in libimagecodec.quram.so, to decode images in com.samsung.ipservice and com.samsung.gallery3d. Samsung Gallery will deco...

📄 EduplusCampus 3.0.1 Insecure Direct Object Reference

A critical insecure direct object reference vulnerability was identified in the EduplusCampus student portal version 3.0.1. This vulnerability allows an authenticated user to access the sensitive personal and financial records of other students by modifying the recno parameter in the API request...