💥 Identify critical vulnerabilities in the SourceCodester Online Banking System v1.0, ensuring financial security and awareness of unpatched risks.
🚨 Demonstrate CVE-2025-55182, a critical React vulnerability allowing remote code execution via prototype chain pollution in `react-server-dom-webpack@19.0.0`.
Syntropy Security's comprehensive security audit of the Online Banking Management System v1.0. Our assessment concludes that the application in its current state poses unacceptable risk to the organization. We identified five (5) critical security failures that would cause catastrophic financial loss and total operational paralysis if deployed.
Detect CVE-2025-55182 (React2Shell) RCE vulnerability in React Server Components. Fast, accurate scanner with zero false positives.
Hack The Box Writeup for Retired Challenge ReactOOPS - Complete solution and educational guide to CVE-2025-55182/CVE-2025-66478 (React2Shell RCE). Includes detailed vulnerability analysis, exploitation techniques, and team learning materials.
React2Shell vulnerability (CVE-2025-55182 / CVE-2025-66478)
OWASP Security Training & Penetration Testing Lab
FreePBX CVE-2025-57819 lab (Docker) + Nuclei POC for unauth SQLi (time-based).
CVE-2025-3515 WordPress lab for Drag and Drop Multiple File Upload for CF7: Dockerized PoC & Nuclei testing
CVE-2016-15042 lab: Dockerized WordPress PoC for unauthenticated file upload in Frontend File Manager <4.0 and N‑Media Post Front‑end Form <1.1
POC - CVE-2024-21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input sanitization
Script for checking CVE-2024-6387 (regreSSHion)
local poc for CVE-2024-32002
Add a description, image, and links to the rce topic page so that developers can more easily learn about it.
To associate your repository with the rce topic, visit your repo's landing page and select "manage topics."