Exploits from Github – Telegram

Exploits from Github

@github_exploits

337 subscribers

1 photo

28 files

2.91K links

https://t.me/PentestNotes

https://t.me/dbugs1337

Download Telegram

About

Blog

Apps

Platform

Exploits from Github

337 subscribers

Exploits from Github

CVE-2024-4577

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.

Github link:
https://github.com/tntrock/CVE-2024-4577_PowerShell

GitHub - tntrock/CVE-2024-4577_PowerShell: 使用PowsrShell掃描CVE-2024-4577

使用PowsrShell掃描CVE-2024-4577. Contribute to tntrock/CVE-2024-4577_PowerShell development by creating an account on GitHub.

40 views07:43

Exploits from Github

CVE-2023-24932

Secure Boot Security Feature Bypass Vulnerability

Github link:
https://github.com/ajf8729/BlackLotus

GitHub - ajf8729/BlackLotus: BlackLotus aka CVE-2023-24932 Detection/Remediation Scripts for Intune, ConfigMgr, and generic use

BlackLotus aka CVE-2023-24932 Detection/Remediation Scripts for Intune, ConfigMgr, and generic use - ajf8729/BlackLotus

27 views07:43

Exploits from Github

CVE-2023-42793

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible

Github link:
https://github.com/syaifulandy/Nuclei-Template-CVE-2023-42793.yaml

GitHub - syaifulandy/Nuclei-Template-CVE-2023-42793.yaml: Windows & linux support

Windows & linux support. Contribute to syaifulandy/Nuclei-Template-CVE-2023-42793.yaml development by creating an account on GitHub.

26 views07:43

Exploits from Github

CVE-2025-0411

None

Github link:
https://github.com/betulssahin/CVE-2025-0411-7-Zip-Mark-of-the-Web-Bypass

GitHub - betulssahin/CVE-2025-0411-7-Zip-Mark-of-the-Web-Bypass: CVE-2025-0411 7-Zip Mark-of-the-Web Bypass

CVE-2025-0411 7-Zip Mark-of-the-Web Bypass. Contribute to betulssahin/CVE-2025-0411-7-Zip-Mark-of-the-Web-Bypass development by creating an account on GitHub.

29 views07:44

Exploits from Github

CVE-2025-31644

None

Github link:
https://github.com/mbadanoiu/CVE-2025-31644

GitHub - mbadanoiu/CVE-2025-31644: CVE-2025-31644: Command Injection in Appliance mode in F5 BIG-IP

CVE-2025-31644: Command Injection in Appliance mode in F5 BIG-IP - mbadanoiu/CVE-2025-31644

23 views07:44

Exploits from Github

CVE-2025-24252

None

Github link:
https://github.com/cakescats/airborn-IOS-CVE-2025-24252

GitHub - cakescats/airborn-IOS-CVE-2025-24252: iOS Airborne vulnerabilities log artifact extractor from LogArchive CVE-2025-24252

iOS Airborne vulnerabilities log artifact extractor from LogArchive CVE-2025-24252 - cakescats/airborn-IOS-CVE-2025-24252

25 views07:44

Exploits from Github

CVE-2025-24203

None

Github link:
https://github.com/Ravibr87/dirtyZero

25 views07:44

Exploits from Github

CVE-2025-32583

None

Github link:
https://github.com/Nxploited/CVE-2025-32583

GitHub - Nxploited/CVE-2025-32583: WordPress PDF 2 Post Plugin <= 2.4.0 is vulnerable to Remote Code Execution (RCE) +Subscriber

WordPress PDF 2 Post Plugin <= 2.4.0 is vulnerable to Remote Code Execution (RCE) +Subscriber - Nxploited/CVE-2025-32583

25 views07:44

Exploits from Github

CVE-2025-24203

None

Github link:
https://github.com/BlueDiamond2021/iOS-CVE-2025-24203-Paths

26 views07:44

Exploits from Github

CVE-2025-31324

None

Github link:
https://github.com/sug4r-wr41th/CVE-2025-31324

GitHub - sug4r-wr41th/CVE-2025-31324: SAP NetWeaver Visual Composer Metadata Uploader <= 7.50 CVE-2025-31324 PoC

SAP NetWeaver Visual Composer Metadata Uploader <= 7.50 CVE-2025-31324 PoC - sug4r-wr41th/CVE-2025-31324

29 views07:45

Exploits from Github

CVE-2025-4403

None

Github link:
https://github.com/Yucaerin/CVE-2025-4403

GitHub - Yucaerin/CVE-2025-4403: Drag and Drop Multiple File Upload for WooCommerce <= 1.1.6 - Unauthenticated Arbitrary File Upload…

Drag and Drop Multiple File Upload for WooCommerce <= 1.1.6 - Unauthenticated Arbitrary File Upload via upload Function - Yucaerin/CVE-2025-4403

28 views07:45

Exploits from Github

CVE-2025-24813

None

Github link:
https://github.com/Eduardo-hardvester/CVE-2025-24813

GitHub - Eduardo-hardvester/CVE-2025-24813: Remote Code Execution (RCE) vulnerability in Apache Tomcat.

Remote Code Execution (RCE) vulnerability in Apache Tomcat. - Eduardo-hardvester/CVE-2025-24813

25 views07:45

Exploits from Github

CVE-2024-21533

None

Github link:
https://github.com/lirantal/CVE-2024-21533-PoC-ggit

GitHub - lirantal/CVE-2024-21533-PoC-ggit: CVE-2024-21533 PoC ggit

CVE-2024-21533 PoC ggit. Contribute to lirantal/CVE-2024-21533-PoC-ggit development by creating an account on GitHub.

29 views07:45

Exploits from Github

CVE-2024-21532

None

Github link:
https://github.com/lirantal/CVE-2024-21532-PoC-ggit

GitHub - lirantal/CVE-2024-21532-PoC-ggit: CVE-2024-21532 PoC ggit

CVE-2024-21532 PoC ggit. Contribute to lirantal/CVE-2024-21532-PoC-ggit development by creating an account on GitHub.

29 views07:45

Exploits from Github

CVE-2024-28752

None

Github link:
https://github.com/ReaJason/CVE-2024-28752

GitHub - ReaJason/CVE-2024-28752: Apache CXF SSRF CVE-2024-28752

Apache CXF SSRF CVE-2024-28752. Contribute to ReaJason/CVE-2024-28752 development by creating an account on GitHub.

27 views07:45

Exploits from Github

CVE-2025-21307

None

Github link:
https://github.com/git-account7/CVE-2025-21307

GitHub - git-account7/CVE-2025-21307: CVE-2025-21307

CVE-2025-21307. Contribute to git-account7/CVE-2025-21307 development by creating an account on GitHub.

28 views07:46

Exploits from Github

CVE-2025-3605

None

Github link:
https://github.com/Nxploited/CVE-2025-3605

GitHub - Nxploited/CVE-2025-3605: WordPress Frontend Login and Registration Blocks Plugin <= 1.0.7 is vulnerable to Privilege Escalation

WordPress Frontend Login and Registration Blocks Plugin <= 1.0.7 is vulnerable to Privilege Escalation - GitHub - Nxploited/CVE-2025-3605: WordPress Frontend Login and Registration Blocks ...

33 views07:46

Exploits from Github

CVE-2025-2748

None

Github link:
https://github.com/xirtam2669/Kentico-Xperience-before-13.0.178---XSS-POC

GitHub - xirtam2669/Kentico-Xperience-before-13.0.178---XSS-POC: PoC for CVE-2025-2748 - Unauthenticated ZIP file upload with embedded…

PoC for CVE-2025-2748 - Unauthenticated ZIP file upload with embedded SVG for XSS - xirtam2669/Kentico-Xperience-before-13.0.178---XSS-POC

31 views07:46

Exploits from Github

CVE-2024-25600

Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6.

Github link:
https://github.com/DedsecTeam-BlackHat/Poleposph

GitHub - DedsecTeam-BlackHat/Poleposph: Tools for scan CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE)

Tools for scan CVE-2024-25600 - WordPress Bricks Builder Remote Code Execution (RCE) - GitHub - DedsecTeam-BlackHat/Poleposph: Tools for scan CVE-2024-25600 - WordPress Bricks Builder Remote Code ...

38 views07:46

Exploits from Github

CVE-2024-38475

None

Github link:
https://github.com/syaifulandy/CVE-2024-38475

GitHub - syaifulandy/CVE-2024-38475: CVE-2024-38475 Scanner using FFUF + Seclists

CVE-2024-38475 Scanner using FFUF + Seclists. Contribute to syaifulandy/CVE-2024-38475 development by creating an account on GitHub.

41 views07:46