This repository contains a proof-of-concept exploit script for CVE-2025-32432, a pre-authentication Remote Code Execution (RCE) vulnerability affecting CraftCMS versions 4.x and 5.x. The vulnerability exists in the asset transform generation feature of CraftCMS.
☆24Apr 27, 2025Updated 10 months ago
Alternatives and similar repositories for CVE-2025-32432
Users that are interested in CVE-2025-32432 are comparing it to the libraries listed below
Sorting:
- Nuclei template to detect Apache servers vulnerable to CVE-2024-38473☆29Aug 24, 2024Updated last year
- ☆19Jul 15, 2024Updated last year
- CVE-2024-21006 exp☆17Jul 29, 2024Updated last year
- Vulnerability POC/EXP Collection and Classification☆23Sep 18, 2024Updated last year
- ☆26Dec 23, 2023Updated 2 years ago
- 二开xiasql☆57Jan 8, 2026Updated 2 months ago
- Private nuclei templates for BBP and OT/IIoT/MIoT enumeration, use responsibly☆35Aug 27, 2025Updated 6 months ago
- Wordlists for Wfuzz or Dirbuster☆26Feb 19, 2016Updated 10 years ago
- A PoC for the dMSA Active Directory Domain Takeover deemed BadSuccessor☆50Jul 20, 2025Updated 7 months ago
- Supershell反制☆32Aug 8, 2023Updated 2 years ago
- A Moodle Scanner☆43Nov 16, 2024Updated last year
- A Discord Bot to kick users that have specific roles too long.☆12Jun 18, 2020Updated 5 years ago
- CVE-2023-22515: Confluence Broken Access Control Exploit☆149Nov 12, 2025Updated 3 months ago
- 渗透测试辅助工具箱,反弹shell,命令生成器,输入对应IP端口即可,实现一劳永逸☆37Feb 8, 2023Updated 3 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- ☆11Dec 5, 2020Updated 5 years ago
- ☆33Dec 26, 2025Updated 2 months ago
- Active Directory share enumeration tool☆12Apr 28, 2025Updated 10 months ago
- BpArsenal, a Burp Suite plugin that can quickly convert http requests into command-line tool execution, launch third-party tools and open…☆22Oct 31, 2025Updated 4 months ago
- 存放投稿里的一些文件☆11Oct 31, 2020Updated 5 years ago
- An Exploitation script developed to exploit the CVE-2023-4966 bleed citrix information disclosure vulnerability☆10Oct 29, 2023Updated 2 years ago
- ☆35Aug 2, 2022Updated 3 years ago
- Subdosec is a fast, accurate subdomain takeover scanner with no false positives. It also offers a database of sites vulnerable to subdoma…☆60Feb 24, 2026Updated 2 weeks ago
- jeecg-boot密码离线爆破☆109Nov 22, 2024Updated last year
- A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to e…☆94Dec 20, 2024Updated last year
- VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)☆42Sep 15, 2024Updated last year
- 在线安软识别☆12Aug 6, 2025Updated 7 months ago
- ☆21Dec 4, 2014Updated 11 years ago
- Dll hijack -- just one macro☆13Jul 3, 2023Updated 2 years ago
- ☆13Mar 6, 2025Updated last year
- ☆15Jan 11, 2026Updated last month
- ☆16Oct 7, 2025Updated 5 months ago
- Ebook for Android Development Course☆14Mar 10, 2019Updated 6 years ago
- ☆10Nov 2, 2023Updated 2 years ago
- NIT Durgapur Open Source Community Website☆12Oct 5, 2022Updated 3 years ago
- A Burp Suite extension that converts IP addresses to decimal notation, useful for SSRF bypass and WAF evasion testing. Created by Harshad…☆11Dec 9, 2024Updated last year
- Apache OfBiz Auth Bypass Scanner for CVE-2023-51467☆11Dec 31, 2023Updated 2 years ago
- ☆12Nov 25, 2024Updated last year