CVE-2026-21440

The repository contains a functional exploit for CVE-2026-21440, demonstrating path traversal and arbitrary file upload leading to remote code execution (RCE). The script includes verification and exploitation modes, with preset paths for common Windows files and shell upload capabilities.

This repository contains a Python-based exploit for CVE-2026-21440, a path traversal vulnerability in @adonisjs/bodyparser. The exploit allows arbitrary file writes outside the intended upload directory by crafting malicious filenames with directory traversal sequences.

This is a detection-only scanner for CVE-2026-21440, a path traversal vulnerability in AdonisJS BodyParser. It fingerprints AdonisJS applications and probes for upload endpoints without exploiting the vulnerability.

This PoC exploits CVE-2026-21440, a path traversal vulnerability allowing arbitrary file read and web shell upload for remote command execution. It includes verification and exploitation modes with preset Windows file paths.

This is a functional PoC exploit for CVE-2026-21440, a path traversal vulnerability in AdonisJS bodyparser that allows arbitrary file writes, potentially leading to RCE. The script supports multiple payload types, traversal depths, and includes features like proxy support and safe testing mode.