CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/ex-cal1bur/SMB_CVE-2025-24071
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
Github link:
https://github.com/ex-cal1bur/SMB_CVE-2025-24071
GitHub
GitHub - ex-cal1bur/SMB_CVE-2025-24071: Exploited CVE-2025-24071 via SMB by hosting a .library-ms file inside a .tar archive. Using…
Exploited CVE-2025-24071 via SMB by hosting a .library-ms file inside a .tar archive. Using tar x from smbclient, the payload is extracted server-side without user interaction. Responder captures t...
CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Github link:
https://github.com/ibrahimsql/CVE-2024-28995
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
Github link:
https://github.com/ibrahimsql/CVE-2024-28995
GitHub
GitHub - ibrahimsql/CVE-2024-28995: SolarWinds Serv-U Directory Traversal
SolarWinds Serv-U Directory Traversal. Contribute to ibrahimsql/CVE-2024-28995 development by creating an account on GitHub.
CVE-2018-8097
io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
Github link:
https://github.com/StellarDriftLabs/CVE-2018-8097-PoC
io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter.
Github link:
https://github.com/StellarDriftLabs/CVE-2018-8097-PoC
GitHub
GitHub - StellarDriftLabs/CVE-2018-8097-PoC: POC for CVE-2018-8097 This script exploits CVE-2018-8097 and can retrieve files and…
POC for CVE-2018-8097 This script exploits CVE-2018-8097 and can retrieve files and contents using a blind RCE method. - StellarDriftLabs/CVE-2018-8097-PoC
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.
Github link:
https://github.com/0xsharz/telerik-scanner-cve-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leading to a MachineKey leak, arbitrary file uploads or downloads, XSS, or ASP.NET ViewState compromise.
Github link:
https://github.com/0xsharz/telerik-scanner-cve-2017-9248
GitHub
GitHub - 0xsharz/telerik-scanner-cve-2017-9248: Telerik CVE-2017-9248 Vulnerability Scanner
Telerik CVE-2017-9248 Vulnerability Scanner. Contribute to 0xsharz/telerik-scanner-cve-2017-9248 development by creating an account on GitHub.
CVE-2024-49138
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Humbug52542/DLang-file-encryptor
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Github link:
https://github.com/Humbug52542/DLang-file-encryptor
GitHub
GitHub - Humbug52542/DLang-file-encryptor: This is my biggest project yet: a DLang file encryptor that escalates privileges using…
This is my biggest project yet: a DLang file encryptor that escalates privileges using CVE-2024-49138 and disables Windows Defender. - Humbug52542/DLang-file-encryptor
CVE-2021-22911
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
Github link:
https://github.com/octodi/CVE-2021-22911
A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE.
Github link:
https://github.com/octodi/CVE-2021-22911
GitHub
GitHub - octodi/CVE-2021-22911: Updated exploit for CVE-2021-22911 (Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated))
Updated exploit for CVE-2021-22911 (Rocket.Chat 3.12.1 - NoSQL Injection to RCE (Unauthenticated)) - octodi/CVE-2021-22911
CVE-2025-29927
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
Github link:
https://github.com/SugiB3o/vulnerable-nextjs-14-CVE-2025-29927
Next.js is a React framework for building full-stack web applications. Starting in version 1.11.4 and prior to versions 12.3.5, 13.5.9, 14.2.25, and 15.2.3, it is possible to bypass authorization checks within a Next.js application, if the authorization check occurs in middleware. If patching to a safe version is infeasible, it is recommend that you prevent external user requests which contain the x-middleware-subrequest header from reaching your Next.js application. This vulnerability is fixed in 12.3.5, 13.5.9, 14.2.25, and 15.2.3.
Github link:
https://github.com/SugiB3o/vulnerable-nextjs-14-CVE-2025-29927
GitHub
GitHub - SugiB3o/vulnerable-nextjs-14-CVE-2025-29927: vulnerable-nextjs-14-CVE-2025-29927
vulnerable-nextjs-14-CVE-2025-29927. Contribute to SugiB3o/vulnerable-nextjs-14-CVE-2025-29927 development by creating an account on GitHub.
CVE-2021-26828
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
Github link:
https://github.com/ridpath/CVE-2021-26828-Ultimate
OpenPLC ScadaBR through 0.9.1 on Linux and through 1.12.4 on Windows allows remote authenticated users to upload and execute arbitrary JSP files via view_edit.shtm.
Github link:
https://github.com/ridpath/CVE-2021-26828-Ultimate
GitHub
GitHub - ridpath/CVE-2021-26828-Ultimate: ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR
ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (CVE-2021-26828) OpenPLC ScadaBR - GitHub - ridpath/CVE-2021-26828-Ultimate: ScadaFlare Authenticated RCE Exploit Framework for ScadaBR (...