😈 Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!

burpsuite extension for check unauthorized vulnerability

Apache HugeGraph Server Unauthenticated RCE - CVE-2024-27348 Proof of concept Exploit

A Python script to extract the list of users of a GiTea instance, unauthenticated or authenticated.

Kumpulan Exploit Wordpress Plugins + Tools + and cara penggunaannya

Perform With Massive Openfire Unauthenticated Users

DroidSniper - Misconfigured Android Debug Bridge Scanner

Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE).

CVE-2023-26269: Misconfigured JMX in Apache James

This will check if your server is vulnerable to SMBGhost, and partially mitigate it

NTP is not authenticated... but trusted

A light & organized Python module built with the sole purpose of extracting a Twitter user-object while conforming to Tweepy standards, all without using Twitter's authenticated API.

MAL-004: Command Injection Bypass for CVE-2020-12641 in Roundcube Webmail

CVE-2020-13965: Cross-Site Scripting via Malicious XML Attachment in Roundcube Webmail

CVE-2021-46362: FreeMarker Server-Side Template Injection in Magnolia CMS

Case Study: SSHtranger Things (CVE-2019-6111, CVE-2019-6110) in Cisco SD-WAN

CVE-2020-12641: Command Injection via “_im_convert_path” Parameter in Roundcube Webmail

CVE-2020-12625: Cross-Site Scripting via Malicious HTML Attachment in Roundcube Webmail

WSO2-2021-1261: Multiple Cross-Site Scripting in WSO2 ESB