CVE-2024-25600
Author: h0w1tzxr

Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.

GitHub Link:
https://github.com/h0w1tzxr/TryHack3M-Bricks-Heist

CVE-2025-9074
Author: x0da6h

None

GitHub Link:
https://github.com/x0da6h/POC-for-CVE-2025-9074

CVE-2025-68926
Author: Chocapikk

None

GitHub Link:
https://github.com/Chocapikk/CVE-2025-68926

CVE-2017-5638
Author: louislafosse

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

GitHub Link:
https://github.com/louislafosse/CVE-2017-5638-assignement

CVE-2023-46604
Author: RockyDesigne

Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath. 

Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.

GitHub Link:
https://github.com/RockyDesigne/SSP-Assignment-3-RCEYouLater

CVE-2025-55182
Author: gahoole77

None

GitHub Link:
https://github.com/gahoole77/gahoole77.github.io

CVE-2017-9805
Author: Fl5xia

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

GitHub Link:
https://github.com/Fl5xia/CVE-2017-9805

CVE-2025-14998
Author: KTN1990

None

GitHub Link:
https://github.com/KTN1990/CVE-2025-14998

CVE-2025-55182
Author: hyan0116

None

GitHub Link:
https://github.com/hyan0116/Next.js-RCE-CVE-2025-55182

CVE-2025-55182
Author: lucyz1125

None

GitHub Link:
https://github.com/lucyz1125/CVE-2025-55182-Next.js-RCE

CVE-2025-13390
Author: Nxploited

None

GitHub Link:
https://github.com/Nxploited/CVE-2025-13390

CVE-2025-61246
Author: hackergovind

None

GitHub Link:
https://github.com/hackergovind/CVE-2025-61246

CVE-2025-68926
Author: Arcueld

None

GitHub Link:
https://github.com/Arcueld/CVE-2025-68926

CVE-2012-2982
Author: JRrooot

file/show.cgi in Webmin 1.590 and earlier allows remote authenticated users to execute arbitrary commands via an invalid character in a pathname, as demonstrated by a | (pipe) character.

GitHub Link:
https://github.com/JRrooot/CVE-2012-2982-Webmin-RCE

CVE-2026-21440
Author: Ashwesker

None

GitHub Link:
https://github.com/Ashwesker/Ashwesker-CVE-2026-21440

CVE-2025-52691
Author: nxgn-kd01

None

GitHub Link:
https://github.com/nxgn-kd01/smartermail-cve-scanner

CVE-2026-21440
Author: you-ssef9

None

GitHub Link:
https://github.com/you-ssef9/CVE-2026-21440

CVE-2025-12674
Author: Nxploited

None

GitHub Link:
https://github.com/Nxploited/CVE-2025-12674

CVE-2025-55182
Author: MyCompanyOrganization

None

GitHub Link:
https://github.com/MyCompanyOrganization/React2Shell-Kingdom

CVE-2025-43529
Author: jir4vv1t

None

GitHub Link:
https://github.com/jir4vv1t/CVE-2025-43529