POC Pdf-exploit builder on C#
Exploitable versions: Foxit Reader, Adobe Acrobat V9(maybe).
Put your exe-link and build the PDF-FILE
BugCod3#C #PDF #Exploit
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡3🔥3❤2👎2
Mali GPU Kernel LPE
Android 14 kernel exploit for Pixel7/8 Pro
This article provides an in-depth analysis of two kernel vulnerabilities within the Mali GPU, reachable from the default application sandbox, which I independently identified and reported to Google. It includes a kernel exploit that achieves arbitrary kernel r/w capabilities. Consequently, it disables SELinux and elevates privileges to root on Google Pixel 7 and 8 Pro models running the following Android 14 versions:
Pixel 8 Pro:
Pixel 7 Pro:
Pixel 7 Pro:
Pixel 7:
Vulnerabilities:
This exploit leverages two vulnerabilities: an integer overflow resulting from an incomplete patch in the
Github
⬇️ Download
🔓
#C #Exploit #Android #Kernel #Pixel
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
Android 14 kernel exploit for Pixel7/8 Pro
This article provides an in-depth analysis of two kernel vulnerabilities within the Mali GPU, reachable from the default application sandbox, which I independently identified and reported to Google. It includes a kernel exploit that achieves arbitrary kernel r/w capabilities. Consequently, it disables SELinux and elevates privileges to root on Google Pixel 7 and 8 Pro models running the following Android 14 versions:
Pixel 8 Pro:
google/husky/husky:14/UD1A.231105.004/11010374:user/release-keysPixel 7 Pro:
google/cheetah/cheetah:14/UP1A.231105.003/11010452:user/release-keysPixel 7 Pro:
google/cheetah/cheetah:14/UP1A.231005.007/10754064:user/release-keysPixel 7:
google/panther/panther:14/UP1A.231105.003/11010452:user/release-keysVulnerabilities:
This exploit leverages two vulnerabilities: an integer overflow resulting from an incomplete patch in the
gpu_pixel_handle_buffer_liveness_update_ioctl ioctl command, and an information leak within the timeline stream message buffers.Github
⬇️ Download
🔓
BugCod3#C #Exploit #Android #Kernel #Pixel
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
❤1⚡1👍1🔥1
CNEXT exploits
💬
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
👁🗨 Technical analysis:
The vulnerability and exploits are described in the following blogposts:
⚪️ Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 1)
⚪️ To be continued...
🗝 Exploits:
Exploits will become available as blogposts come out.
⚪️ CNEXT: file read to RCE exploit
⚪️ To be continued...
😸 Github
⬇️ Download
🔒
#CVE #Exploit #Cnext
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
Exploits for CNEXT (CVE-2024-2961), a buffer overflow in the glibc's iconv()
The vulnerability and exploits are described in the following blogposts:
Exploits will become available as blogposts come out.
BugCod3#CVE #Exploit #Cnext
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡2🔥2❤1
Exploit Title: ESET NOD32 Antivirus 17.0.16.0 - Unquoted Service Path
Exploit Author: Ex3ptionaL
Exploit Date: 2024-04-01
Vendor:
Version:
Tested on OS: Microsoft Windows 10 pro x64
🕷 Exploit-db
⬇️ Download
#Exploit #ESET #NOD32
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
📣 T.me/BugCod3
📣 T.me/LernExploit
📣 T.me/A3l3_KA4
Exploit Author: Ex3ptionaL
Exploit Date: 2024-04-01
Vendor:
https://www.eset.comVersion:
17.0.16.0Tested on OS: Microsoft Windows 10 pro x64
#Exploit #ESET #NOD32
Please open Telegram to view this post
VIEW IN TELEGRAM
❤2⚡2👎2🔥2👍1
WordPress A/B Image Optimizer 3.3 Plugin Arbitrary File Download Vulnerability
📊 Category: web applications
💻 Platform: php
🪖 Risk: Security Risk High 🚨
💬
WordPress Plugin A/B Image Optimizer plugin versions 3.3 and below suffers from an arbitrary file download vulnerability.
🔥 CVE: CVE-2025-25163
⬇️ Download
🔒
#CVE #Exploit #PHP #WordPress
➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖ ➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
WordPress Plugin A/B Image Optimizer plugin versions 3.3 and below suffers from an arbitrary file download vulnerability.
BugCod3#CVE #Exploit #PHP #WordPress
Please open Telegram to view this post
VIEW IN TELEGRAM
⚡5❤4👍3🔥3
Laravel RCE Exploitation Toolkit 🤕
Purpose: Exploits Laravel RCE vulnerability by using a known APP_KEY to generate a malicious payload that leads to remote code execution. If successful, it writes a backdoor to the server and logs the URL⭐
💻 Github
#Exploit #laravel #Rce #Rcr_Exploit
Join Exploit Forge✈️
Join Exploit Forge Forum✈️
Join BugCod3✈️
Purpose: Exploits Laravel RCE vulnerability by using a known APP_KEY to generate a malicious payload that leads to remote code execution. If successful, it writes a backdoor to the server and logs the URL
#Exploit #laravel #Rce #Rcr_Exploit
Join Exploit Forge
Join Exploit Forge Forum
Join BugCod3
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥5⚡4❤1
CVE-2025-24893 🤔
is a critical unauthenticated remote code execution (RCE) vulnerability affecting the XWiki Platform🩷
Summary❗
Affected Versions❓
XWiki🤔 5.3-milestone-2 up to < 15.10.11 🦠
XWiki🤔 16.0.0-rc-1 up to < 16.4.1 🦠
CVSS v3.1 Score : 9.8 (Critical)🔫
Github🌐
#Rce #Exploit
Join Exploit Forge💎
Join Exploit Forge Forum💎
Join BugCod3💎
is a critical unauthenticated remote code execution (RCE) vulnerability affecting the XWiki Platform
Summary
Affected Versions
XWiki
XWiki
CVSS v3.1 Score : 9.8 (Critical)
Github
#Rce #Exploit
Join Exploit Forge
Join Exploit Forge Forum
Join BugCod3
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥6⚡4❤1👍1💋1
[webapps] Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
🔗 Read more
#BugCod3 #security #bugbounty #infosec #exploitdb #exploit #poc
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure
🔗 Read more
#BugCod3 #security #bugbounty #infosec #exploitdb #exploit #poc
➖➖➖➖➖➖➖➖➖➖
👤 T.me/BugCod3BOT
📣 T.me/BugCod3
🔥3❤🔥1❤1
Researchers discovered a critical Redis vulnerability called RediShell 🗡
(CVE-2025-49844) a CVSS 10 remote code execution flaw affecting all Redis versions. It allows attackers to send a malicious Lua script, escape the sandbox, and execute code on the host. Around 330,000 Redis instances are exposed online, 60,000 of them without authentication, and over 75% of cloud environments use Redis⚡️
CVE-2025-49844 (RediShell) POC🛡
Github
#cve #poc #exploit #redishell #redis
Join Exploit Forge🔝
Join Exploit Forge Forum👑
Join BugCod3🤝
(CVE-2025-49844) a CVSS 10 remote code execution flaw affecting all Redis versions. It allows attackers to send a malicious Lua script, escape the sandbox, and execute code on the host. Around 330,000 Redis instances are exposed online, 60,000 of them without authentication, and over 75% of cloud environments use Redis
CVE-2025-49844 (RediShell) POC
Github
#cve #poc #exploit #redishell #redis
Join Exploit Forge
Join Exploit Forge Forum
Join BugCod3
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥7❤🔥3❤2⚡1
prompt Trace – Ai security training 🧠
Learn to exploit and defend AI systems through hands on labs. Real LLMs, full prompt visibility, zero abstractions🛡
Prompt Trace
#ai #free #Exploit #llms
Join RootAccessClub👑
Join BugCod3👑
Learn to exploit and defend AI systems through hands on labs. Real LLMs, full prompt visibility, zero abstractions
Prompt Trace
#ai #free #Exploit #llms
Join RootAccessClub
Join BugCod3
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥8❤3⚡3