shamo0 / CVE-2023-38646-PoC
Metabase Pre-auth RCE
☆13Updated last year
Related projects ⓘ
Alternatives and complementary repositories for CVE-2023-38646-PoC
- A Proof-Of-Concept for the CVE-2023-43770 vulnerability.☆33Updated last year
- ☆43Updated last year
- Drupalwned is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆35Updated 10 months ago
- Mass Exploit - CVE-2023-38388 < Unauthenticated < Arbitrary File Upload☆20Updated last year
- PrestaXSRF is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆30Updated 10 months ago
- JoomSploit is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's critical…☆26Updated 11 months ago
- Little thing put together quickly to demonstrate this CVE☆28Updated 2 years ago
- Windows priviledge escalation script☆13Updated 11 months ago
- A BurpSuite extension to deploy an OpenVPN config file to DigitalOcean and set up a SOCKS proxy to route traffic through it☆48Updated 8 months ago
- CVE-2023-6063 (WP Fastest Cache < 1.2.2 - UnAuth SQL Injection)☆30Updated last year
- Dompdf RCE PoC Exploit - CVE-2022-28368☆17Updated 10 months ago
- Burp Suite extension to encode an IP address focused to bypass application IP / domain blacklist.☆42Updated 8 months ago
- A simple automation tool to detect lfi, rce and ssti vulnerability☆55Updated 2 years ago
- ☆69Updated 6 months ago
- Help recon of hostnames from specific ASN or CIDR, thanks to Robtex and BGP.HE☆52Updated 3 weeks ago
- 「💥」CVE-2022-33891 - Apache Spark Command Injection☆27Updated 2 years ago
- WPXStrike is a script designed to escalate a Cross-Site Scripting (XSS) vulnerability to Remote Code Execution (RCE) or other's criticals…☆60Updated 10 months ago
- Pwndoc local file inclusion to remote code execution of Node.js code on the server☆46Updated last year
- POC for CVE-2024-40348. Will attempt to read /etc/passwd from target☆27Updated 4 months ago
- ☆32Updated last year
- WEB-Wordlist-Generator creates related wordlists after scanning your web applications.☆43Updated 5 months ago
- XML-RPC Vulnerability Checker and Directory Fuzzer☆23Updated last year
- ☆41Updated last year
- WooCommerce Payments: Unauthorized Admin Access Exploit☆39Updated last year
- Highly configurable script for dictionary/spray attacks against online web applications.☆54Updated 2 years ago
- Returns results from Google search.☆47Updated last year
- PoC for CVE-2022-46169 - Unauthenticated RCE on Cacti <= 1.2.22☆29Updated last year
- Python tool to test known techniques to bypass 403 and 401 HTTP responses.☆35Updated last year
- CVE-2023-4634☆45Updated last year