Exploits from Github – Telegram

Exploits from Github

@github_exploits

765 subscribers

1 photo

1.45K files

4.45K links

https://t.me/PentestNotes

https://t.me/dbugs1337

Download Telegram

About

Blog

Apps

Platform

Exploits from Github

765 subscribers

Exploits from Github

CVE-2021-3129

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.

Github link:
https://github.com/lukwagoasuman/CVE-2021-3129---Laravel-RCE

GitHub - lukwagoasuman/CVE-2021-3129---Laravel-RCE: ## About The script has been made for exploiting the Laravel RCE (CVE-2021…

## About The script has been made for exploiting the Laravel RCE (CVE-2021-3129) vulnerability.
This script allows you to write/execute commands on a website running <b&amp...

41 views13:42

Exploits from Github

CVE-2025-24085

None

Github link:
https://github.com/bronsoneaver/CVE-2025-24085

39 views13:42

Exploits from Github

CVE-2024-0235

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog

Github link:
https://github.com/Nxploited/CVE-2024-0235-PoC

GitHub - Nxploited/CVE-2024-0235-PoC: The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have…

The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users...

39 views19:44

Exploits from Github

CVE-2023-40448

None

Github link:
https://github.com/w0wbox/CVE-2023-40448

GitHub - w0wbox/CVE-2023-40448: poc for CVE-2023-40448 (under construction) ,This could probably be a piece for a jailbreak

poc for CVE-2023-40448 (under construction) ,This could probably be a piece for a jailbreak - w0wbox/CVE-2023-40448

31 views01:35

Exploits from Github

CVE-2024-40815

None

Github link:
https://github.com/w0wbox/CVE-2024-40815

GitHub - w0wbox/CVE-2024-40815: POC for CVE-2024-40815 (Construction is in its final stage ==IOS 17.0)

POC for CVE-2024-40815 (Construction is in its final stage ==IOS 17.0) - w0wbox/CVE-2024-40815

48 views01:35

Exploits from Github

CVE-2017-14980

None

Github link:
https://github.com/xn0kkx/Exploit_Sync_Breezev10.0.28_CVE-2017-14980

GitHub - xn0kkx/Exploit_Sync_Breezev10.0.28_CVE-2017-14980: Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers…

Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. - xn0kkx/Exploit_Sync_Breezev10.0.28_CVE-2017-14980

31 views01:35

Exploits from Github

CVE-2025-22828

None

Github link:
https://github.com/Stolichnayer/CVE-2025-22828

GitHub - Stolichnayer/CVE-2025-22828: Apache CloudStack vulnerability allows unauthorized access to annotations on certain resources.

Apache CloudStack vulnerability allows unauthorized access to annotations on certain resources. - Stolichnayer/CVE-2025-22828

35 views01:36

Exploits from Github

CVE-2025-24659

None

Github link:
https://github.com/DoTTak/CVE-2025-24659

GitHub - DoTTak/CVE-2025-24659: PoC of CVE-2025-24659

PoC of CVE-2025-24659. Contribute to DoTTak/CVE-2025-24659 development by creating an account on GitHub.

36 views07:37

Exploits from Github

CVE-2025-24587

None

Github link:
https://github.com/DoTTak/CVE-2025-24587

GitHub - DoTTak/CVE-2025-24587: PoC of CVE-2025-24587

PoC of CVE-2025-24587. Contribute to DoTTak/CVE-2025-24587 development by creating an account on GitHub.

38 views07:37

Exploits from Github

CVE-2009-2685

None

Github link:
https://github.com/rflemen/CVE-2009-2685

GitHub - rflemen/CVE-2009-2685: Exploit for HP PowerManager - CVE 2009-2685

Exploit for HP PowerManager - CVE 2009-2685. Contribute to rflemen/CVE-2009-2685 development by creating an account on GitHub.

39 views19:40

Exploits from Github

CVE-2025-24118

None

Github link:
https://github.com/jprx/CVE-2025-24118

GitHub - jprx/CVE-2025-24118: An XNU kernel race condition bug

An XNU kernel race condition bug. Contribute to jprx/CVE-2025-24118 development by creating an account on GitHub.

🔥1

40 views19:41

Exploits from Github

CVE-2024-8381

None

Github link:
https://github.com/bjrjk/CVE-2024-8381

GitHub - bjrjk/CVE-2024-8381: CVE-2024-8381: A SpiderMonkey Interpreter Type Confusion Bug.

CVE-2024-8381: A SpiderMonkey Interpreter Type Confusion Bug. - bjrjk/CVE-2024-8381

41 views13:45

Exploits from Github

CVE-2025-0929

None

Github link:
https://github.com/McTavishSue/CVE-2025-0929

48 views01:37

Exploits from Github

CVE-2023-26326

None

Github link:
https://github.com/omarelshopky/exploit_cve-2023-26326_using_cve-2024-2961

GitHub - omarelshopky/exploit_cve-2023-26326_using_cve-2024-2961: Exploit for CVE-2023-26326 in the WordPress BuddyForms plugin…

Exploit for CVE-2023-26326 in the WordPress BuddyForms plugin, leveraging CVE-2024-2961 for remote code execution. This exploit bypasses PHP 8+ deserialization limitations by chaining vulnerabiliti...

47 views07:39

Exploits from Github

CVE-2024-56898

None

Github link:
https://github.com/DRAGOWN/CVE-2024-56898

GitHub - DRAGOWN/CVE-2024-56898: CVE-2024-56898 - Broken access control vulnerability in GeoVision GV-ASManager web application…

CVE-2024-56898 - Broken access control vulnerability in GeoVision GV-ASManager web application with version v6.1.0.0 or less. This vulnerability allows low privilege users perform actions that they...

61 views13:40

Exploits from Github

CVE-2024-53393

None

Github link:
https://github.com/alirezac0/CVE-2024-53393

GitHub - alirezac0/CVE-2024-53393: CVE-2024-53393 PoC

CVE-2024-53393 PoC. Contribute to alirezac0/CVE-2024-53393 development by creating an account on GitHub.

37 views13:40

Exploits from Github

CVE-2024-6366

None

Github link:
https://github.com/Nxploited/CVE-2024-6366-PoC

GitHub - Nxploited/CVE-2024-6366-PoC: User Profile Builder <= 3.11.7 - Unauthenticated Media Upload

User Profile Builder <= 3.11.7 - Unauthenticated Media Upload - Nxploited/CVE-2024-6366-PoC

32 views19:42

Exploits from Github

CVE-2024-56903

None

Github link:
https://github.com/DRAGOWN/CVE-2024-56903

GitHub - DRAGOWN/CVE-2024-56903: CVE-2024-56903 - Geovision GV-ASManager web application with the version 6.1.1.0 or less allows…

CVE-2024-56903 - Geovision GV-ASManager web application with the version 6.1.1.0 or less allows attackers to modify POST requests with GET in critical functionalities, such as account management. T...

43 views19:42

Exploits from Github

CVE-2024-56901

None

Github link:
https://github.com/DRAGOWN/CVE-2024-56901

GitHub - DRAGOWN/CVE-2024-56901: CVE-2024-56901 - A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASManager web…

CVE-2024-56901 - A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASManager web application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Admin accou...

42 views19:42

Exploits from Github

CVE-2014-3704

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.

Github link:
https://github.com/joaomorenorf/CVE-2014-3704

GitHub - joaomorenorf/CVE-2014-3704: This code is taken from "Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)"…

This code is taken from "Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)" and was converted to Python 3 to suit the exercise in Academy fo...

49 views19:42