Web Application Authentication Vulnerabilites
Comprehensive notes and practical lab walkthroughs on web application authentication vulnerabilities. Covers topics such as username…
CVE-2025-32433-Erlang-OTP-SSH-Unauthenticated-RCE
PoC showing unauthenticated remote code execution in Erlang/OTP SSH server. By exploiting a flaw in SSH protocol message handling, an attacker…
Privilege Escalation PoC: Terraform sudo Exploit
PoC showing Linux privilege escalation via sudo Terraform. By abusing provider_installation dev_overrides and TF_CLI_CONFIG_FILE, a malicious…
CVE-2024-47533 – Cobbler XMLRPC Authentication Bypass RCE Exploit POC
CVE-2024-47533 is a critical authentication bypass vulnerability in Cobbler (versions 3.0.0 to before 3.2.3 and 3.3.7) allowing…
CVE-2025-24893 – XWiki Unauthenticated RCE Exploit POC
CVE-2025-24893 is a critical unauthenticated remote code execution vulnerability in XWiki (versions < 15.10.11, 16.4.1, 16.5.0RC1) caused by…
CVE-2024-32019 – Netdata ndsudo PATH Vulnerability Exploit (LPE to Root)
CVE-2024-32019 is a high-severity local privilege escalation vulnerability in Netdata (versions >= 1.44.0-60 < 1.45.3), caused by insecure use…
CVE-2025-27591 – Privilege Escalation via Writable Symlink in below
CVE-2025-27591 is a known privilege escalation vulnerability in the Below service (version < v0.9.0)