Some exploits I have written to showcase and to share.
All exploits are for vulnerabilities that have been fixed for months prior to release and are not meant to be used for exploitation in any way, but for educational purposes only.
Here is the list of the exploits you can find here:
| CVE | Software | Impact | Write-Up |
|---|---|---|---|
| CVE-2021-27889+CVE-2021-27890 | MyBB | XSS to RCE | https://blog.sonarsource.com/mybb-remote-code-execution-chain |
| CVE-2020-27194 | Linux | LPE | https://scannell.me/fuzzing-for-ebpf-jit-bugs-in-the-linux-kernel/ |
| CVE-2019-8943 | WordPress | RCE | https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/ |
| CVE-2019-6977 | PHP | Sandbox escape | https://hackerone.com/reports/478368 |