Share
## https://sploitus.com/exploit?id=5DDABBFC-F0C6-5FAB-B7AE-841D4EB78E0A
# security-research
Personal CVE PoC repository โ exploit scripts, technical analysis, and mitigation notes for vulnerabilities discovered during HackTheBox, CTF, and independent research.
---
## CVE Index
| CVE | Description | Severity | Affected Software | Machine |
|-----|-------------|----------|-------------------|---------|
| [CVE-2026-4480](./CVE-2026-4480/) | Samba `%J` print job name shell injection โ Unauthenticated RCE via print spooler | ๐ด Critical | Samba (printing subsystem) | HTB โ Abducted |
| [CVE-2025-57819](./CVE-2025-57819/) | FreePBX unauthenticated remote code execution | ๐ด Critical | FreePBX | HTB โ Connected |
| [CVE-2025-2304](./CVE-2025-2304/) | Camaleon CMS mass assignment โ role escalation to admin via `permit!` | ๐ High | Camaleon CMS < 2.9.1 | HTB โ Facts |
---
## Repository Structure
```
security-research/
โโโ CVE-2026-4480/
โ โโโ exploit/
โ โ โโโ cve-2026-4480.py
โ โโโ docs/
โ โ โโโ analysis.md
โ โโโ README.md
โโโ CVE-2025-57819/
โ โโโ exploit/
โ โโโ docs/
โ โ โโโ analysis.md
โ โโโ README.md
โโโ CVE-2025-2304/
โ โโโ exploit/
โ โ โโโ cve-2025-2304.py
โ โโโ docs/
โ โ โโโ analysis.md
โ โโโ README.md
โโโ README.md
```
---
## Usage
Each CVE folder contains its own `README.md` with full usage instructions, prerequisites, and mitigation notes.
Quick start for any exploit:
```bash
cd CVE-XXXX-XXXXX/exploit
pip install -r requirements.txt # if present
python3 cve-XXXX-XXXXX.py --help
```
---
## Disclaimer
All tools and PoCs in this repository are provided for **educational purposes and authorised security testing only**. Usage against systems without explicit written permission is illegal. The author accepts no responsibility for misuse.
---
## Author
**Exploitnotes** โ Offensive security practitioner | HackTheBox | CTF player
[](https://app.hackthebox.com)