50738 matches found
๐ Cisco ISE API 3.1 Command Injection
Proof of concept exploit for a command injection vulnerability in Cisco ISE API version 3.1. ============================================================================================================================================= | Title : Cisco ISE API 3.1 command injection Exploits | |...
๐ Casdoor 2.95.0 Directory Traversal
Casdoor version 2.95.0 directory traversal proof of concept exploit. ============================================================================================================================================= | Title : Casdoor 2.95.0 Directory Traversal | | Author : indoushka | | Tested on :...
๐ Magento SessionReaper Remote Code Execution
This Metasploit module exploits CVE-2025-54236 SessionReaper, a critical vulnerability in Magento/Adobe Commerce that allows unauthenticated remote code execution. The vulnerability stems from improper handling of nested deserialization in the payment method context, combined with an...
๐ WordPress King Addons for Elementor Privilege Escalation / Remote Code Execution
This Metasploit module exploits an unauthenticated privilege escalation vulnerability in the WordPress King Addons for Elementor plugin versions 24.12.92 to 51.1.14. The vulnerability exists in the handleregisterajax function which allows unauthenticated attackers to specify the userrole paramete...
๐ WordPress WP for CPI 1.0.2 Shell Upload
WordPress WP for CPI plugin versions 1.0.2 and below suffer from an unauthenticated shell upload vulnerability. ============================================================================================================================================= | Title : WP for CPI 1.0.2 Unauthenticated...
๐ Convio CMS 24.5 SQL Injection
Convio CMS version 24.5 proof of concept remote SQL injection exploit. ============================================================================================================================================= | Title : Convio CMS v 24.5 SQL Injection Exploit | | Author : indoushka | | Tested ...
๐ Flowise 3.0.6 JS Parsing Injection
A JavaScript parsing injection vulnerability exists in Flowise versions prior to 3.0.6 and greater than 2.2.7-patch.1. ============================================================================================================================================= | Title : Flowise 3.0.6 JS Parsing...
๐ Redash Authenticated Remote Command Execution
Redashโs default setup uses PostgreSQL superuser credentials for its primary data source. Because users can run SQL through Redash, any authenticated account gains excessive control over the database. This allows executing system commands on the database server through PostgreSQLโs COPY FROM...
๐ Palo Alto Deep Packet Inspection Information Disclosure
Proof of concept code for Palo Alto deep packet inspection data exfiltration issues that appear to affect PanOS up to version 11.2.0. ============================================================================================================================================= | Title : Palo Alto...
๐ Clinic's Patient Management System 2.0 Remote Code Execution
Clinic's Patient Management System version 2.0 proof of concept that combines SQL injection authentication bypass with an unrestricted file upload to achieve full compromise...
๐ Zimbra Collaboration Suite Postjournal 10.1.0 Remote Code Execution
Proof of concept for a critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. Version 10.1.0 is affected...
๐ Chromodo Browser 45.8.12.391 Same Origin Policy Weakness
This proof of concept demonstrates message passing between two browser windows when opened under the same logical context same origin. It affect Chromodo Browser version 45.8.12.391...
iOS 12 / macOS 10.14 voucher_swap Use-After-Free
Proof of concept for an older vulnerability from 2019. A use-after-free vulnerability in Apple's Mach voucher subsystem affects macOS version 10.14 and iOS version 12...
๐ YOURLS 1.8.2 SQL Injection
Proof of concept for a remote SQL injection vulnerability in YOURLS version 1.8.2. ============================================================================================================================================= | Title : YOURLS 1.8.2 SQL Injection & System Compromise in Administrati...
๐ is-localhost-ip 2.0.0 Restriction Bypass
is-localhost-ip version 2.0.0 suffers from a restriction bypass vulnerability. ============================================================================================================================================= | Title : is-localhost-ip 2.0.0 Restriction Bypass | | Author : indoushka | ...
๐ Arista NGFW 17.3.1 Information Disclosure Scanner
This is a proof of concept testing script for an information disclosure vulnerability in Arista NGFW version 17.3.1. ============================================================================================================================================= | Title : Arista NGFW 17.3.1 Informati...
๐ Exim Vulnerability Scanner
This is a multi-phase vulnerability scanning tool designed to detect and analyze security weaknesses in Exim mail servers. The tool performs comprehensive security assessments by testing for all known Exim vulnerabilities, misconfigurations, and security weaknesses. These include remote code...
๐ Xorcom CompletePBX 5.2.35 Remote Code Execution
Xorcom CompletePBX suffers from an authenticated command injection vulnerability within the Task Scheduler subsystem. An attacker with valid superadmin credentials can create a scheduled task containing unsanitized parameters that get executed by the backend, resulting in remote command execution...
๐ Cloudbleed Scanner
Cloudbleed Scanner is a comprehensive security tool designed to detect memory leak patterns similar to the 2017 Cloudbleed incident, where Cloudflare's reverse proxies leaked uninitialized memory containing sensitive data...
๐ Beego 1.12.3 Directory Traversal / Local File Disclosure
Beego version 1.12.3 suffers from a directory traversal vulnerability that allows for local file disclosure. ============================================================================================================================================= | Title : Beego 1.12.3 Directory Traversal /...
๐ Cloudflare Memory Leak
A Python-based scanner imitates CloudBleed-style leakage detection by fetching raw HTTP response data from a target website, converting it to hexadecimal, and searching for sensitive memory patterns such as sessions, passwords, tokens, cookies, AWS keys, and stack traces. It does not exploit the...
๐ Adobe Acrobat Chrome 1.41.100 Cross Site Scripting
Adobe Acrobat Chrome extension version 1.41.100 suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : Adobe Acrobat Chrome V 1.41.100 Extension DOM...
๐ React / Next.js Unauthenticated Remote Code Execution
A critical unauthenticated remote code execution vulnerability exists in React Server Components RSC Flight protocol. The vulnerability allows attackers to achieve prototype pollution during deserialization of RSC payloads by sending specially crafted multipart requests with proto, constructor, o...
๐ dotCMS 25.07.02-1 SQL Injection
This PHP script represents a sophisticated dual-method SQL Injection exploit targeting dotCMS version 25.07.02-1. The exploit combines time-based blind SQL injection and error-based SQL injection techniques to extract password hashes from the database, specifically targeting administrator account...
๐ Pluck 4.7.7-dev2 Remote Code Execution
Pluck version 4.7.7-dev2 suffers from a remote code execution vulnerability. Exploit Title: Pluck 4.7.7-dev2 - PHP Code Execution Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/pluck-cms/pluck Software Link: https://github.com/pluck-cms/pluck Version: 4.74-dev5...
๐ React 19.2.0 PHP Scanner / Remote Code Execution
This project delivers a PHP-based vulnerability scanner and remote code execution exploit for CVEโ2025โ55182 affecting React Server Components. It leverages RSC serialization weaknesses to execute arbitrary commands and validate successful exploitation...
๐ WordPress StoryChief 1.0.42 Remote Code Execution
A critical security vulnerability exists in WordPress Story Chief plugin version 1.0.42 that allows unauthenticated attackers to achieve remote code execution by exploiting the webhook featured image functionality...
๐ Android 7 / 8 / 8.1 Pointer Disclosure
A flaw in Android's Binder IPC allowed applications to craft Parcels where binder-object metadata overlapped with string data. When unmarshalling, the kernel inserted genuine kernel pointers into attacker-controlled buffers. These could then be echoed back through services like clipboard, resulti...
๐ Exim 4.98 SQL Injection
A vulnerability exists in Exim version 4.98 when ETRN input is serialized and passed to a SQLite backend. Timeโbased SQL injection allows attackers to detect conditions in SQL execution measuring response latency...
๐ Cacti 1.2.29 Remote Command Execution
Proof of concept exploit that demonstrates how authenticated users with access to Graph Templates in Cacti can abuse RRD invocation parameters to write arbitrary PHP files, then trigger execution leading to remote command execution. Version 1.2.29 is affected...
๐ Django 5.1.13 SQL Injection
Django version 5.1.13 remote SQL injection vulnerability scanning script. ============================================================================================================================================= | Title : Django 5.1.13 SQL Injection Scanner | | Author : indoushka | | Tested o...
๐ ClipBucket 5.5.2 Build 90 Practical Exploitation Tool
An enhanced Python penetration testing tool designed specifically for ClipBucket video sharing platform vulnerability assessment and exploitation. It checks for remote command execution, file upload, SQL injection, local file inclusion, and more. It affects ClipBucket version 5.5.2 Build 90...
๐ Zimbra Collaboration Suite Postjournal 9.0.0 Remote Command Execution
A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...
๐ Craft CMS 5.0 Logic Flaw
A flaw in the Craft CMS image transform endpoint allows an unauthenticated attacker to trigger backend processing without prior authentication. While the original Metasploit module targeted remote code execution, this proof of concept does not execute code, does not write files, and does not inje...
๐ Coohom SaaS Cross Site Scripting
Coohoom SaaS is susceptible to a persistent cross site scripting vulnerability. CVE-2025-65300 Description CVE-2025-65300: Stored Cross-Site Scripting XSS Vulnerability in Coohom SaaS Platform Disclosure Date: 2025-10-28 Last Updated: 2025-10-28 Reporter: Phisit Pupiw Vendor: Coohom CWE: CWE-79 โ...
๐ Cinnamon kotaemon 0.11.0 ZIP Bomb
Cinnamon kotaemon version 0.11.0 zip bomb proof of concept denial of service exploit. ============================================================================================================================================= | Title : Cinnamon kotaemon v 0.11.0 ZIP Bomb Vulnerability in...
๐ DNN Platform Preโ10.1.1 Arbitrary File Upload
DNN Platform version Preโ10.1.1 suffers from an unauthenticated arbitrary file upload vulnerability. This software was formerly known as DotNetNuke. ============================================================================================================================================= | Titl...
๐ YOURLS 1.8.2 CSRF / IDOR / Missing Authorization
YOURLS version 1.8.2 AJAX endpoint scanner that checks for cross site request forgery, insecure direct object reference, missing authorization, and missing input validation vulnerabilities...
๐ Microsoft Windows LNK File UI Misrepresentation Remote Code Execution
A critical vulnerability exists in Microsoft Windows LNK file handling that allows attackers to create malicious shortcut files that appear legitimate in Windows Explorer while executing arbitrary commands. The vulnerability is a UI misrepresentation flaw where Windows incorrectly displays file...
๐ WordPress AI Buddy 1.8.5 Shell Upload
WordPress AI Buddy plugin versions 1.8.5 and below remote shell upload exploit that leverages the REST API attachment functionality. ============================================================================================================================================= | Title : AI Buddy...
๐ Microsoft Windows File Explorer NTLM Hash Disclosure
Microsoft Windows File Explorer in Windows 10 and 11 contains a critical NTLM hash disclosure vulnerability that allows attackers to capture user authentication credentials by exploiting the automatic parsing of .library-ms files from ZIP archives, leading to potential domain compromise through...
๐ Visual Studio 1.39.0 Remote Debugger
Visual Studio versions 1.30.0 through 1.39.0 had a remote debugger enabled by default that could cause multiple security issues. Code included to scan for any listeners...
๐ Abacre Restaurant Point of Sale 15.0.0.1656 Memory Scanner
Abacre Restaurant Point of Sale version 15.0.0.1656 memory scanner for sensitive data detection. This Python script is an advanced Windows memory scanning tool designed to detect sensitive data leaks within running processes. It performs deep memory analysis to identify patterns resembling produc...
๐ Apache bRPC Stack Overflow
A critical stack overflow vulnerability in Apache bRPC's JSON parser allows remote attackers to crash servers via specially crafted deep recursive JSON data. Versions prior to 1.15.0 are affected...
๐ Flask 3.0.0 Remote Code Execution
Flask version 3.0.0 suffers from multiple remote code execution vulnerabilities. Exploit Title: Flask 3.0.0 CookApp - Multiple Unauthenticated RCE Vulnerabilities Date: 2024-12-05 Exploit Author: nu11secur1ty Vendor Homepage: https://flask.palletsprojects.com/ Software Link:...
๐ Azure APIM 2 Vulnerability Checker
This PHP script is a full vulnerability scanner with proof of concepts for Azure API Management APIM instances, focusing on the possibility of crossโtenant account signup bypass through the Basic Auth Identity Provider...
๐ Microsoft Windows 11 Search Path Privilege Escalation
Microsoft Windows 11 suffers from an untrusted search path local privilege escalation vulnerability. Proof of concept Metasploit module included. ============================================================================================================================================= | Title :...
๐ phpMyFAQ 2.9.8 Cross Site Request Forgery
phpMyFAQ version 2.9.8 suffers from multiple cross site request forgery vulnerabilities. These are proof of concepts from issues stemming back in 2017. Exploit Title: phpMyFAQ 2.9.8 Cross-Site Request Forgery CSRF Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage:...
๐ WordPress AI Engine 3.1.3 Remote Code Execution
This Metasploit module exploits an unauthenticated vulnerability in the WordPress AI Engine plugin versions less than or equal to 3.1.3. The vulnerability allows an attacker to create an administrator account via the MCP Model Context Protocol endpoint without authentication. The module supports...
๐ Samsung QuramDng Out-Of-Bounds Write
Samsung QuramDng has an invalid LossyJpeg component assumption that leads to an out-of-bounds write. BACKGROUND Samsung Android uses an internal DNG decoding library, QuramDng in libimagecodec.quram.so, to decode images in com.samsung.ipservice and com.samsung.gallery3d. Samsung Gallery will deco...