jakabakos

CVE-2023-36664-Ghostscript-command-injection

Ghostscript command injection vulnerability PoC (CVE-2023-36664)

CVE-2023-50164-Apache-Struts-RCE

A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate file upload parameters that can potentially lead to unauthorized path traversal and remote code execution (RCE).

Apache-OFBiz-Authentication-Bypass

This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.

CVE-2023-36884-MS-Office-HTML-RCE

MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit

CVE-2023-27524-Apache-Superset-Auth-Bypass-and-RCE

CVE-2023-22884-Airflow-SQLi

CVE-2023-22884 PoC

PHP-payload-injection-to-PNGs

Inject PHP payload into PNG files through PLTE chunks

CVE-2024-23692-RCE-in-Rejetto-HFS

Unauthenticated RCE Flaw in Rejetto HTTP File Server (CVE-2024-23692)

CVE-2024-27348-Apache-HugeGraph-RCE

CVE-2017-9096-iText-XXE

CVE-2024-4040-CrushFTP-File-Read-vulnerability

ShadowRay-RCE-PoC-CVE-2023-48022

ShadowRay RCE POC (CVE-2023-48022)

CVE-2022-22965-Spring4Shell

PoC and exploit for CVE-2022-22965 Spring4Shell

CVE-2022-40127-Airflow-RCE

CVE-2022-40127 PoC and exploit

CVE-2023-26360-adobe-coldfusion-rce-exploit

CVE-2023-39362-cacti-snmp-command-injection-poc

CVE-2023-43208-mirth-connect-rce-poc

OpenMetadata-Auth-bypass

vm2-sandbox-escape-exploits

CVE-2023-22518-Confluence-RCE-PoC

Improper Authorization Vulnerability in Confluence Data Center and Server

CVE-2023-33246_Apache_RocketMQ_RCE

CVE-2023-33246 RocketMQ RCE exploit

CVE-2023-51448-cacti-sqli-poc

CVE-2024-4577-PHP-CGI-argument-injection-RCE

CVE-2024-0986-Issabel-PBX-4.0.0-RCE-exploit

Issabel PBX 4.0.0 Remote Code Execution (Authenticated) - CVE-2024-0986

CVE-2024-34102-CosmicSting-XXE-in-Adobe-Commerce-and-Magento

CosmicSting: critical unauthenticated XXE vulnerability in Adobe Commerce and Magento (CVE-2024-34102)