Exploits from Github

CVE-2024-23897

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

Github link:
https://github.com/slytechroot/CVE-2024-23897

GitHub

GitHub - slytechroot/CVE-2024-23897: Jenkins RCE Arbitrary File Read CVE-2024-23897

Jenkins RCE Arbitrary File Read CVE-2024-23897 . Contribute to slytechroot/CVE-2024-23897 development by creating an account on GitHub.

23 views13:37

Exploits from Github

CVE-2025-29927

None

Github link:
https://github.com/t3tra-dev/cve-2025-29927-demo

GitHub

GitHub - t3tra-dev/cve-2025-29927-demo: Next.js における認可バイパスの脆弱性を再現するデモです。

Next.js における認可バイパスの脆弱性を再現するデモです。. Contribute to t3tra-dev/cve-2025-29927-demo development by creating an account on GitHub.

17 views19:39

Exploits from Github

CVE-2024-10578

None

Github link:
https://github.com/Nxploited/CVE-2024-10578

GitHub

GitHub - Nxploited/CVE-2024-10578: Pubnews <= 1.0.7 - Unauthenticated Arbitrary Plugin Installation

Pubnews <= 1.0.7 - Unauthenticated Arbitrary Plugin Installation - Nxploited/CVE-2024-10578

16 views01:40

Exploits from Github

CVE-2025-29927

None

Github link:
https://github.com/MuhammadWaseem29/CVE-2025-29927-POC

GitHub

GitHub - MuhammadWaseem29/CVE-2025-29927-POC: Authorization Bypass in Next.js Middleware

Authorization Bypass in Next.js Middleware. Contribute to MuhammadWaseem29/CVE-2025-29927-POC development by creating an account on GitHub.

16 views01:40

Exploits from Github

CVE-2023-48292

None

Github link:
https://github.com/Mehran-Seifalinia/CVE-2023-48292

15 views01:40

Exploits from Github

CVE-2025-29927

None

Github link:
https://github.com/websecnl/CVE-2025-29927-PoC-Exploit

GitHub

GitHub - websecnl/CVE-2025-29927-PoC-Exploit: Proof-of-Concept for Authorization Bypass in Next.js Middleware

Proof-of-Concept for Authorization Bypass in Next.js Middleware - websecnl/CVE-2025-29927-PoC-Exploit

18 views01:40

Exploits from Github

CVE-2024-4577

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

Github link:
https://github.com/creamylegum/CVE-2024-4577-PHP-RCE

21 views01:40

Exploits from Github

CVE-2025-29927

None

Github link:
https://github.com/RoyCampos/CVE-2025-29927

GitHub

GitHub - RoyCampos/CVE-2025-29927: CVE-2025-29927 Exploit Checker

CVE-2025-29927 Exploit Checker. Contribute to RoyCampos/CVE-2025-29927 development by creating an account on GitHub.

24 views07:42

Exploits from Github

CVE-2025-29927

None

Github link:
https://github.com/strobes-security/nextjs-vulnerable-app

GitHub

GitHub - strobes-security/nextjs-vulnerable-app: CVE-2025-29927 lab

CVE-2025-29927 lab. Contribute to strobes-security/nextjs-vulnerable-app development by creating an account on GitHub.