50738 matches found
š Microsoft Windows 11 Build 10.0.27898.1000 AiRegistrySync Bypass / Privilege Escalation
Microsoft Windows 11 build 10.0.27898.1000 Metasploit module designed to achieve local privilege escalation on Windows 10/11 by targeting a vulnerability misconfiguration in the AiRegistrySync service...
š Django 5.1.13 SQL Injection
Django version 5.1.13 suffers from a remote SQL injection vulnerability. Exploit Title: Django 5.1.13 - SQL Injection Google Dork: none Not applicable for this vulnerability Date: 2025-12-03 Exploit Author: Wafcontrol Security Team Vendor Homepage: https://www.djangoproject.com/ Software Link:...
š Microsoft Windows 11 Build 10.0.27898.1000 Insider Preview Privilege Escalation
A security vulnerability exists in the Windows Administrator Protection feature in Windows 11 Insider Preview that allows a low-privileged user to achieve privilege escalation. The vulnerability is located in the AiRegistrySync function within the appinfo service, which incorrectly copies registr...
š Microsoft Windows 11 Administrator Protection UAC Bypass / Privilege Escalation
A privilege escalation vulnerability exists in Windows 11 Insider Preview Build 10.0.27919.1000 due to improper handling of userācontrolled environment variables by the Unified Background Process Manager UBPM when launching elevated scheduled tasks under Administrator Protection. Proof of concept...
š Discord Language Sloth Bot Directory Traversal Scanner / Payload Generator
The Language Sloth Discord bot contains a critical directory traversal vulnerability allowing attackers to read arbitrary files on the server hosting the bot through improperly sanitized user input in file path operations. This is an automated scanner with payload generation...
š Microsoft Windows 11 Administrator Protection Bypass / Privilege Escalation
Microsoft Windows 11 suffers from an administrator protection bypass local privilege escalation vulnerability. Proof of concept Metasploit module included. =============================================================================================================================================...
š WordPress AI Engine 3.1.3 Remote Code Execution
This Metasploit module exploits an unauthenticated vulnerability in the WordPress AI Engine plugin versions less than or equal to 3.1.3. The vulnerability allows an attacker to create an administrator account via the MCP Model Context Protocol endpoint without authentication. The module supports...
š Microsoft Windows 11 Build 10.0.22631.6199 UAC Bypass
Microsoft Windows 11 build 10.0.22631.6199 proof of concept exploit for a UAC bypass vulnerability achieved via DLL injection Windows Hooking. ============================================================================================================================================= | Title :...
š Microsoft Windows 11 build 10.0.22631.6199 Privilege Escalation
Microsoft Windows 11 build 10.0.22631.6199 proof of concept tool that implements a notorious local privilege escalation technique on Windows. The code implements a task scheduler/DLL sideloading attack to achieve UAC bypass / privilege escalation by forcing the trusted SilentCleanup task to load...
š EduplusCampus 3.0.1 Insecure Direct Object Reference
A critical insecure direct object reference vulnerability was identified in the EduplusCampus student portal version 3.0.1. This vulnerability allows an authenticated user to access the sensitive personal and financial records of other students by modifying the recno parameter in the API request...
š Piwigo 13.6.0 SQL Injection
Piwigo version 13.6.0 suffers from a remote SQL injection vulnerability. Exploit Title: Piwigo 13.6.0 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/Piwigo/Piwigo Software Link: https://github.com/Piwigo/Piwigo Version: 13.6.0 Tested on: Windows CV...
š OpenRepeater 2.1 Command Injection
OpenRepeater version 2.1 suffers from a command injection vulnerability. Exploit Title: OpenRepeater 2.1 - OS Command Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/OpenRepeater/openrepeater Software Link: https://github.com/OpenRepeater/openrepeater...
š Microsoft Windows 11 Build 10.0.22631.6199 Registry Vulnerability Testing Tool
This is a C/C++ proof-of-concept PoC program designed to test for a specific vulnerability within the Windows Registry handling mechanism, often related to key duplication or improper permission checks during certain API calls like RegCopyTreeW...
š phpMyAdmin 5.0.0 SQL Injection
phpMyAdmin version 5.0.0 suffers from a remote SQL injection vulnerability. Exploit Title: phpMyAdmin 5.0.0 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpmyadmin/phpmyadmin/ Software Link: https://github.com/phpmyadmin/phpmyadmin/ Version: 5.0....
š Microsoft Windows 11 Build 10.0.22631.6199 Advanced Admin Protection Bypass
This enhanced proof of concept exploit demonstrates an advanced method for bypassing Windows Administrator Protection by manipulating registry hives using both WinAPI and NTAPI. The code implements safe smartāpointer wrappers for handles, secure SID management, deep registry enumeration, privileg...
š Adobe DNG SDK 1.4 Out-Of-Bounds Read
A vulnerability exists in Adobe DNG SDK the fork used by Android due to improper validation of the fAreaSpec fields inside the dngopcodeDeltaPerRow::ProcessArea function. If an attacker supplies a crafted DNG file with an empty or malformed fAreaSpec, the SDK performs arithmetic that results in...
š phpIPAM 1.6 Cross Site Scripting
phpIPAM version 1.6 suffers from multiple cross site scripting vulnerabilities. Exploit Title: phpIPAM 1.6 - Reflected Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/...
š AI Plugins 1.10.9 Shell Upload
This Metasploit module exploits unauthenticated arbitrary file upload vulnerabilities in multiple WordPress AI plugins including Cibeles AI, AI Feeds, and AI Buddy. The vulnerabilities allow attackers to upload PHP webshells via GitHub integration functionality...
š MobileDetect 2.8.31 Cross Site Scripting
MobileDetect version 2.8.31 suffers from a cross site scripting vulnerability. Exploit Title: MobileDetect 2.8.31 - Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/serbanghita/Mobile-Detect/ Software Link:...
š phpIPAM 1.4 SQL Injection
phpIPAM version 1.4 suffers from a remote SQL injection vulnerability in order.php. This version is also known to suffer from other vectors of attack for the same issue. Exploit Title: phpIPAM 1.4 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage:...
š YOURLS 1.8.2 Cross Site Request Forgery
YOURLS version 1.8.2 suffers from a cross site request forgery vulnerability. Exploit Title: YOURLS 1.8.2 - Cross-Site Request Forgery CSRF Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/yourls/yourls/ Software Link: https://github.com/yourls/yourls/ Version: 1.8....
š Cleo LexiCom VLTrader Harmony 5.8.0.23 Unauthenticated Arbitrary File Write
Cleo LexiCom, VLTrader, and Harmony file transfer solutions versions 5.8.0.23 and below contain an unauthenticated remote code execution vulnerability that allows attackers to write arbitrary files to the system and execute commands through the software's autorun functionality. The vulnerability...
š PluckCMS 4.7.10 Arbitrary File Upload
PluckCMS version 4.7.10 suffers from an arbitrary file upload vulnerability. Exploit Title: PluckCMS 4.7.10 - Unrestricted File Upload Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/pluck-cms/pluck/ Software Link: https://github.com/pluck-cms/pluck/ Version: 4.7.1...
š Microsoft Windows 11 build 10.0.22631.6199 Dual-Path Privilege Escalation
Proof of concept exploit for a Microsoft Windows 11 build 10.0.22631.6199 dual-path elevation of privilege vulnerability in undocumented RPC and debugging objects...
š openSIS Community Edition 8.0 SQL Injection
openSIS Community Edition version 8.0 suffers from a remote SQL injection vulnerability. Exploit Title: openSIS Community Edition 8.0 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/OS4ED/openSIS-Classic Software Link:...
š RosarioSIS 6.7.2 Cross Site Scripting
RosarioSIS version 6.7.2 suffers from multiple cross site scripting vulnerabilities. Exploit Title: RosarioSIS 6.7.2 - Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://gitlab.com/francoisjacquet/rosariosis Software Link:...
š phpIPAM 1.5.1 SQL Injection
phpIPAM version 1.5.1 suffers from a remote SQL injection vulnerability. Exploit Title: phpIPAM 1.5.1 - SQL Injection Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/phpipam/phpipam/ Software Link: https://github.com/phpipam/phpipam/ Version: 1.5.1 Tested on: Windo...
š phpMyFAQ 3.1.7 Cross Site Scripting
phpMyFAQ version 3.1.7 suffers from a cross site scripting vulnerability. This one is similar to the finding posted in April of this year but is an older issue identified in 2022. Exploit Title: phpMyFAQ 3.1.7 - Reflected Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor...
š macOS Sonoma 14.5 Denial of Service
macOS Sonoma version 14.5 has a vulnerability in the AV1Syntax::ParseHeader function that can allow for a kernel crash. ============================================================================================================================================= | Title : macOS Sonoma 14.5 potenti...
š Microsoft Windows 10 Famille 10.0.19045.5487 DLL Hijacking
Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a DLL hijacking vulnerability that enables privilege escalation. ============================================================================================================================================= | Title : Microsoft...
š libxslt Key Data Storage 1.1.38 Use-After-Free / Memory Corruption
libxslt Key Data Storage version 1.1.38 suffers from an improper handling of Result Value Trees RVTs when evaluating XSLT keys that can result in memory corruption...
š Microsoft Windows 10 Famille 10.0.19045.5487 Privilege Escalation
Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a parent PID spoofing privilege escalation vulnerability. ============================================================================================================================================= | Title : Microsoft Windows 10...
š AndroidāÆ13 Quram DNG Codec Memory Corruption
An out-of-bounds read/write vulnerability in Samsung's Quram image codec library libimagecodec.quram.so is triggered when the library processes a maliciously crafted image file, causing memory access outside the intended buffer boundaries...
š libxml2 2.9.14 (2022) Heap Buffer Overflow
libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. ============================================================================================================================================= | Title : libxml2 2.9.14...
š Microsoft PowerPoint 2019 Use-After-Free
This Metasploit module exploits a use-after-free vulnerability in Microsoft PowerPoint that allows remote code execution when a user opens a specially crafted PPTX file. The vulnerability is triggered through manipulated shape objects in the PowerPoint presentation...
š Microsoft SharePoint Server ToolPane Authentication Bypass / Unsafe Deserialization
Proof of concept exploit for Microsoft SharePoint server that chains authentication bypass with unsafe deserialization to achieve complete system compromise without authentication...
š PX4 Military UAV Autopilot 1.12.3 Denial of Service
This proof of concept exploits a stack-based buffer overflow vulnerability in PX4 Military UAV Autopilot versions up to 1.12.3, allowing an attacker to send a poorly formatted MAVLink message that causes a denial of service condition...
š Microsoft Windows 10 Famille 10.0.19045.5487 (rundll32) Privilege Escalation
Microsoft Windows 10 Famille version 10.0.19045.5487 suffers from a rundll32 related privilege escalation vulnerability. ============================================================================================================================================= | Title : Microsoft Windows 10...
š WhatsApp Android Contact Gating Bypass
WhatsApp Android has a contact gating bypass in groups that leads to interaction-less media download. Background To prevent security issues and spam, WhatsApp for Android requires some form of user interaction to automatically download files from non-contacts: a. After adding someone as a contact...
š Language Sloth Directory Traversal
The Language Sloth Discord bot has been found susceptible to a directory traversal vulnerability. CVE-2025-65321 The Language Sloth Discord bot is vulnerable to Directory Traversal in the gif and png functions. The functions build file paths using unsanitized user input for the 'name' parameter,...
š Fortra FileCatalyst Workflow 5.1.6 Build 135 SQL Injection
Fortra FileCatalyst Workflow version 5.1.6 Build 135 remote SQL injection proof of concept exploit. ============================================================================================================================================= | Title : Fortra FileCatalyst Workflow v5.1.6 Build 135...
š macOS 18.3.2 Kernel Privilege Escalation
macOS version 18.3.2 proof of concept exploit for an old kernel related privilege escalation vulnerability. A critical memory management vulnerability exists within the macOS XNU kernel's handling of the VMBEHAVIORZEROWIREDPAGES behavior flag. The issue arises from improper sequence validation wh...
š Exclusive Addons for Elementor 2.6.9 Cross Site Scripting
Exclusive Addons for Elementor versions 2.6.9 and below proof of concept that demonstrates a stored cross site scripting vulnerability. ============================================================================================================================================= | Title : Exclusive...
š LG Simple Editor 3.21.0 Remote Command Injection
LG Simple Editor version 3.21.0 proof of concept remote command injection exploit. ============================================================================================================================================= | Title : LG Simple Editor 3.21.0 PHP Code Injection Vulnerability | |...
š Commvault CLI 11.36.60 Remote Code Execution
Proof of concept exploit for the Commvault CLI version 11.36.60 remote code execution vulnerability. ============================================================================================================================================= | Title : Commvault CLI 11.36.60 RCE PHP Implementatio...
š GuppY CMS 6.00.10 Shell Upload
Proof of concept exploit demonstrating a remote shell upload vulnerability in GuppY CMS version 6.00.10. ============================================================================================================================================= | Title : GuppY CMS 6.00.10 php Code Execution...
š WinRAR 6.22 Malicious ZIP Creation
This Metasploit module exploits a logical flaw in WinRAR versions before 6.23. The vulnerability allows attackers to create specially crafted ZIP archives that, when opened, execute arbitrary code by exploiting the file extraction logic when a user double-clicks on a file within the archive that...
š Wing FTP Server 8.0.7 Remote Code Execution
A NULL-byte truncation vulnerability in Wing FTP Server allows bypassing an authentication prefix check, allowing the payload to reach Lua execution contexts. Version 8.0.7 is affected...
š Microsoft Windows 10.0.17763.5458 Kernel IOCTL Access Control
Microsoft Windows version 10.0.17763.5458 Kernel IOCTL access control proof of concept Metasploit module. ============================================================================================================================================= | Title : Windows 10.0.17763.5458 Kernel IOCTL...
š FreePBX 17.0.3 SQL Injection
FreePBX version 17.0.3 proof of concept unauthenticated remote SQL injection exploit that leverages ajax.php. ============================================================================================================================================= | Title : FreePBX 17.0.3 Unauthenticated SQL...