Exploits from Github
@github_exploits
542 subscribers
1 photo
633 files
3.57K links
https://t.me/PentestNotes

https://t.me/dbugs1337
Download Telegram
About
Blog
Apps
Platform
Join
Exploits from Github
542 subscribers
Exploits from Github
CVE-2024-40815

None

Github link:
https://github.com/w0wbox/CVE-2024-40815
GitHub
GitHub - w0wbox/CVE-2024-40815: poc for CVE-2024-40815 (under construction)
poc for CVE-2024-40815 (under construction). Contribute to w0wbox/CVE-2024-40815 development by creating an account on GitHub.
48 views
Exploits from Github
CVE-2017-14980

None

Github link:
https://github.com/xn0kkx/Exploit_Sync_Breezev10.0.28_CVE-2017-14980
GitHub
GitHub - xn0kkx/Exploit_Sync_Breezev10.0.28_CVE-2017-14980: Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers…
Buffer overflow in Sync Breeze Enterprise 10.0.28 allows remote attackers to have unspecified impact via a long username parameter to /login. - xn0kkx/Exploit_Sync_Breezev10.0.28_CVE-2017-14980
31 views
Exploits from Github
CVE-2025-22828

None

Github link:
https://github.com/Stolichnayer/CVE-2025-22828
GitHub
GitHub - Stolichnayer/CVE-2025-22828: Apache CloudStack vulnerability allows unauthorized access to annotations on certain resources.
Apache CloudStack vulnerability allows unauthorized access to annotations on certain resources. - Stolichnayer/CVE-2025-22828
35 views
Exploits from Github
CVE-2025-24659

None

Github link:
https://github.com/DoTTak/CVE-2025-24659
GitHub
GitHub - DoTTak/CVE-2025-24659: PoC of CVE-2025-24659
PoC of CVE-2025-24659. Contribute to DoTTak/CVE-2025-24659 development by creating an account on GitHub.
35 views
Exploits from Github
CVE-2025-24587

None

Github link:
https://github.com/DoTTak/CVE-2025-24587
GitHub
GitHub - DoTTak/CVE-2025-24587: PoC of CVE-2025-24587
PoC of CVE-2025-24587. Contribute to DoTTak/CVE-2025-24587 development by creating an account on GitHub.
37 views
Exploits from Github
CVE-2009-2685

None

Github link:
https://github.com/rflemen/CVE-2009-2685
GitHub
GitHub - rflemen/CVE-2009-2685: Exploit for HP PowerManager - CVE 2009-2685
Exploit for HP PowerManager - CVE 2009-2685. Contribute to rflemen/CVE-2009-2685 development by creating an account on GitHub.
39 views
Exploits from Github
CVE-2025-24118

None

Github link:
https://github.com/jprx/CVE-2025-24118
GitHub
GitHub - jprx/CVE-2025-24118: An XNU kernel race condition bug
An XNU kernel race condition bug. Contribute to jprx/CVE-2025-24118 development by creating an account on GitHub.
🔥1
40 views
Exploits from Github
CVE-2024-8381

None

Github link:
https://github.com/bjrjk/CVE-2024-8381
GitHub
GitHub - bjrjk/CVE-2024-8381: CVE-2024-8381: A SpiderMonkey Interpreter Type Confusion Bug.
CVE-2024-8381: A SpiderMonkey Interpreter Type Confusion Bug. - bjrjk/CVE-2024-8381
39 views
Exploits from Github
CVE-2025-0929

None

Github link:
https://github.com/McTavishSue/CVE-2025-0929
47 views
Exploits from Github
CVE-2023-26326

None

Github link:
https://github.com/omarelshopky/exploit_cve-2023-26326_using_cve-2024-2961
GitHub
GitHub - omarelshopky/exploit_cve-2023-26326_using_cve-2024-2961: Exploit for CVE-2023-26326 in the WordPress BuddyForms plugin…
Exploit for CVE-2023-26326 in the WordPress BuddyForms plugin, leveraging CVE-2024-2961 for remote code execution. This exploit bypasses PHP 8+ deserialization limitations by chaining vulnerabiliti...
46 views
Exploits from Github
CVE-2024-56898

None

Github link:
https://github.com/DRAGOWN/CVE-2024-56898
GitHub
GitHub - DRAGOWN/CVE-2024-56898: CVE-2024-56898 - Broken access control vulnerability in GeoVision GV-ASManager web application…
CVE-2024-56898 - Broken access control vulnerability in GeoVision GV-ASManager web application with version v6.1.0.0 or less. This vulnerability allows low privilege users perform actions that they...
60 views
Exploits from Github
CVE-2024-53393

None

Github link:
https://github.com/alirezac0/CVE-2024-53393
GitHub
GitHub - alirezac0/CVE-2024-53393: CVE-2024-53393 PoC
CVE-2024-53393 PoC. Contribute to alirezac0/CVE-2024-53393 development by creating an account on GitHub.
36 views
Exploits from Github
CVE-2024-6366

None

Github link:
https://github.com/Nxploited/CVE-2024-6366-PoC
GitHub
GitHub - Nxploited/CVE-2024-6366-PoC: User Profile Builder <= 3.11.7 - Unauthenticated Media Upload
User Profile Builder <= 3.11.7 - Unauthenticated Media Upload - Nxploited/CVE-2024-6366-PoC
32 views
Exploits from Github
CVE-2024-56903

None

Github link:
https://github.com/DRAGOWN/CVE-2024-56903
GitHub
GitHub - DRAGOWN/CVE-2024-56903: CVE-2024-56903 - Geovision GV-ASManager web application with the version 6.1.1.0 or less allows…
CVE-2024-56903 - Geovision GV-ASManager web application with the version 6.1.1.0 or less allows attackers to modify POST requests with GET in critical functionalities, such as account management. T...
42 views
Exploits from Github
CVE-2024-56901

None

Github link:
https://github.com/DRAGOWN/CVE-2024-56901
GitHub
GitHub - DRAGOWN/CVE-2024-56901: CVE-2024-56901 - A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASManager web…
CVE-2024-56901 - A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASManager web application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Admin accou...
41 views
Exploits from Github
CVE-2014-3704

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 does not properly construct prepared statements, which allows remote attackers to conduct SQL injection attacks via an array containing crafted keys.

Github link:
https://github.com/joaomorenorf/CVE-2014-3704
GitHub
GitHub - joaomorenorf/CVE-2014-3704: This code is taken from "Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)"…
This code is taken from "Drupal 7.0 < 7.31 - 'Drupalgeddon' SQL Injection (Add Admin User)" and was converted to Python 3 to suit the exercise in Academy fo...
48 views
Exploits from Github
CVE-2024-56902

None

Github link:
https://github.com/DRAGOWN/CVE-2024-56902
GitHub
GitHub - DRAGOWN/CVE-2024-56902: CVE-2024-56902 - Information disclosure vulnerability in GeoVision GV-ASManager web application…
CVE-2024-56902 - Information disclosure vulnerability in GeoVision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password....
57 views
Exploits from Github
CVE-2017-8869

None

Github link:
https://github.com/tankist0x01/CVE-2017-8869
GitHub
GitHub - tankist0x01/CVE-2017-8869: CVE-2017-8869 - MediaCoder 0.8.48.5888 - Local Buffer Overflow (SEH)
CVE-2017-8869 - MediaCoder 0.8.48.5888 - Local Buffer Overflow (SEH) - tankist0x01/CVE-2017-8869
58 views
Exploits from Github
CVE-2018-18820

None

Github link:
https://github.com/impulsiveness/CVE-2018-18820
GitHub
GitHub - impulsiveness/CVE-2018-18820: CVE-2018-18820 checker for Icecast servers
CVE-2018-18820 checker for Icecast servers. Contribute to impulsiveness/CVE-2018-18820 development by creating an account on GitHub.
68 views
Exploits from Github
CVE-2024-10924

The Really Simple Security (Free, Pro, and Pro Multisite) plugins for WordPress are vulnerable to authentication bypass in versions 9.0.0 to 9.1.1.1. This is due to improper user check error handling in the two-factor REST API actions with the 'check_login_and_get_user' function. This makes it possible for unauthenticated attackers to log in as any existing user on the site, such as an administrator, when the "Two-Factor Authentication" setting is enabled (disabled by default).

Github link:
https://github.com/Nxploited/CVE-2024-10924-Exploit
GitHub
GitHub - Nxploited/CVE-2024-10924-Exploit: Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 - 9.1.1.1 - Authentication…
Really Simple Security (Free, Pro, and Pro Multisite) 9.0.0 - 9.1.1.1 - Authentication Bypass - Nxploited/CVE-2024-10924-Exploit
75 views