absholi7ly / POC-CVE-2025-24813Links
his repository contains an automated Proof of Concept (PoC) script for exploiting **CVE-2025-24813**, a Remote Code Execution (RCE) vulnerability in Apache Tomcat. The vulnerability allows an attacker to upload a malicious serialized payload to the server, leading to arbitrary code execution via deserialization when specific conditions are met.
☆167Updated 7 months ago
Alternatives and similar repositories for POC-CVE-2025-24813
Users that are interested in POC-CVE-2025-24813 are comparing it to the libraries listed below
Sorting:
- Apache HTTP Server Vulnerability Testing Tool | PoC for CVE-2024-38472 , CVE-2024-39573 , CVE-2024-38477 , CVE-2024-38476 , CVE-2024-3847…☆107Updated last year
- Ghostscript command injection vulnerability PoC (CVE-2023-36664)☆126Updated 2 years ago
- CVE-2025-24071: NTLM Hash Leak via RAR/ZIP Extraction and .library-ms File☆358Updated 7 months ago
- CVE-2024-3400 Palo Alto OS Command Injection☆161Updated last year
- POC for CVE-2024-36991: This exploit will attempt to read Splunk /etc/passwd file.☆126Updated last year
- Unauthenticated Remote Code Execution – Bricks <= 1.9.6☆174Updated last year
- Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)☆156Updated last year
- POC for CVE-2021-41091☆65Updated 2 years ago
- ☆42Updated last year
- Zimbra - Remote Command Execution (CVE-2024-45519)☆133Updated 6 months ago
- ☆58Updated last year
- SharePoint WebPart Injection Exploit Tool☆296Updated 3 months ago
- GameOver(lay) Ubuntu Privilege Escalation☆129Updated 2 years ago
- The Template Injection Table is intended to help during the testing of an application for template injection vulnerabilities.☆100Updated 3 months ago
- Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC☆153Updated last year
- Just A list Of Some Multilingual XSS Payloads and other weird ones i made in my free time☆122Updated 3 weeks ago
- CVE-2023-22515: Confluence Broken Access Control Exploit☆137Updated 2 years ago
- ☆78Updated 4 months ago
- Proof of Concept demonstrating Remote Code Execution through insecure deserialization in Roundcube (CVE-2025-49113).☆80Updated 4 months ago
- Enumerate / Dump Docker Registry☆180Updated last year
- POC & $BASH script for CVE-2024-4577☆44Updated last year
- ☆100Updated last year
- Microsoft SharePoint Server Elevation of Privilege Vulnerability☆234Updated 2 years ago
- A tool designed to exploit bad implementations of decryption mechanisms in Laravel applications.☆106Updated 4 months ago
- Joomla! < 4.2.8 - Unauthenticated information disclosure☆90Updated last year
- CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61. These flaws pose significant risks to web …☆84Updated last year
- Blinks is a powerful Burp Suite extension that automates active scanning with Burp Suite Pro and enhances its functionality. With the int…☆138Updated 10 months ago
- Local File Inclusion discovery and exploitation tool☆330Updated 9 months ago
- Openfire Console Authentication Bypass Vulnerability with RCE plugin☆55Updated last year
- Helios: Automated XSS Testing☆155Updated last year