Share
## https://sploitus.com/exploit?id=5DDABBFC-F0C6-5FAB-B7AE-841D4EB78E0A
# security-research

Personal CVE PoC repository โ€” exploit scripts, technical analysis, and mitigation notes for vulnerabilities discovered during HackTheBox, CTF, and independent research.

---

## CVE Index

| CVE | Description | Severity | Affected Software | Machine |
|-----|-------------|----------|-------------------|---------|
| [CVE-2026-4480](./CVE-2026-4480/) | Samba `%J` print job name shell injection โ€” Unauthenticated RCE via print spooler | ๐Ÿ”ด Critical | Samba (printing subsystem) | HTB โ€” Abducted |
| [CVE-2025-57819](./CVE-2025-57819/) | FreePBX unauthenticated remote code execution | ๐Ÿ”ด Critical | FreePBX | HTB โ€” Connected |
| [CVE-2025-2304](./CVE-2025-2304/) | Camaleon CMS mass assignment โ€” role escalation to admin via `permit!` | ๐ŸŸ  High | Camaleon CMS < 2.9.1 | HTB โ€” Facts |

---

## Repository Structure

```
security-research/
โ”œโ”€โ”€ CVE-2026-4480/
โ”‚   โ”œโ”€โ”€ exploit/
โ”‚   โ”‚   โ””โ”€โ”€ cve-2026-4480.py
โ”‚   โ”œโ”€โ”€ docs/
โ”‚   โ”‚   โ””โ”€โ”€ analysis.md
โ”‚   โ””โ”€โ”€ README.md
โ”œโ”€โ”€ CVE-2025-57819/
โ”‚   โ”œโ”€โ”€ exploit/
โ”‚   โ”œโ”€โ”€ docs/
โ”‚   โ”‚   โ””โ”€โ”€ analysis.md
โ”‚   โ””โ”€โ”€ README.md
โ”œโ”€โ”€ CVE-2025-2304/
โ”‚   โ”œโ”€โ”€ exploit/
โ”‚   โ”‚   โ””โ”€โ”€ cve-2025-2304.py
โ”‚   โ”œโ”€โ”€ docs/
โ”‚   โ”‚   โ””โ”€โ”€ analysis.md
โ”‚   โ””โ”€โ”€ README.md
โ””โ”€โ”€ README.md
```

---

## Usage

Each CVE folder contains its own `README.md` with full usage instructions, prerequisites, and mitigation notes.

Quick start for any exploit:

```bash
cd CVE-XXXX-XXXXX/exploit
pip install -r requirements.txt   # if present
python3 cve-XXXX-XXXXX.py --help
```

---

## Disclaimer

All tools and PoCs in this repository are provided for **educational purposes and authorised security testing only**. Usage against systems without explicit written permission is illegal. The author accepts no responsibility for misuse.

---

## Author

**Exploitnotes** โ€” Offensive security practitioner | HackTheBox | CTF player

[![HTB](https://img.shields.io/badge/HackTheBox-9FEF00?style=flat&logo=hackthebox&logoColor=black)](https://app.hackthebox.com)