CVE-2021-29447
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
Github link:
https://github.com/Tea-On/CVE-2021-29447-Authenticated-XXE-WordPress-5.6-5.7
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
Github link:
https://github.com/Tea-On/CVE-2021-29447-Authenticated-XXE-WordPress-5.6-5.7
GitHub
GitHub - Tea-On/CVE-2021-29447-Authenticated-XXE-WordPress-5.6-5.7: POC to exploit WordPress 5.6-5.7 (PHP 8+) Authenticated XXE…
POC to exploit WordPress 5.6-5.7 (PHP 8+) Authenticated XXE Injection. - GitHub - Tea-On/CVE-2021-29447-Authenticated-XXE-WordPress-5.6-5.7: POC to exploit WordPress 5.6-5.7 (PHP 8+) Authenticated...
CVE-2025-41646
None
Github link:
https://github.com/cyberre124/CVE-2025-41646---Critical-Authentication-Bypass-
None
Github link:
https://github.com/cyberre124/CVE-2025-41646---Critical-Authentication-Bypass-
GitHub
GitHub - GreenForceNetworks/CVE-2025-41646---Critical-Authentication-Bypass-: CVE-2025-41646 - Critical Authentication bypass
CVE-2025-41646 - Critical Authentication bypass. Contribute to GreenForceNetworks/CVE-2025-41646---Critical-Authentication-Bypass- development by creating an account on GitHub.
CVE-2025-20281
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
Github link:
https://github.com/ill-deed/Cisco-CVE-2025-20281-illdeed
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability.
This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to obtain root privileges on an affected device.
Github link:
https://github.com/ill-deed/Cisco-CVE-2025-20281-illdeed
GitHub
GitHub - ill-deed/Cisco-CVE-2025-20281-illdeed: Unauthenticated Remote Code Execution exploit for CVE-2025-20281 in Cisco ISE ERS…
Unauthenticated Remote Code Execution exploit for CVE-2025-20281 in Cisco ISE ERS API. Execute commands or launch reverse shells as root — no authentication required. - ill-deed/Cisco-CVE-2025-2028...
CVE-2024-4040
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/ill-deed/CrushFTP-CVE-2024-4040-illdeed
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows remote attackers with low privileges to read files from the filesystem outside of VFS Sandbox.
Github link:
https://github.com/ill-deed/CrushFTP-CVE-2024-4040-illdeed
GitHub
GitHub - ill-deed/CrushFTP-CVE-2024-4040-illdeed: Exploit for CVE-2024-4040 – Authentication bypass in CrushFTP via CrushAuth cookie…
Exploit for CVE-2024-4040 – Authentication bypass in CrushFTP via CrushAuth cookie and AWS-style header spoofing. Stealthy Python PoC with secure token generation, SSL bypass, and improved output. ...
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/RickGeex/CVE-2025-5777-CitrixBleed
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/RickGeex/CVE-2025-5777-CitrixBleed
GitHub
GitHub - RickGeex/CVE-2025-5777-CitrixBleed: CitrixBleed-2 (CVE-2025-5777) – proof-of-concept exploit for NetScaler ADC/Gateway…
CitrixBleed-2 (CVE-2025-5777) – proof-of-concept exploit for NetScaler ADC/Gateway “memory bleed” - RickGeex/CVE-2025-5777-CitrixBleed
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/idobarel/CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/idobarel/CVE-2025-5777
GitHub
GitHub - idobarel/CVE-2025-5777: CitrixBleed2 poc
CitrixBleed2 poc. Contribute to idobarel/CVE-2025-5777 development by creating an account on GitHub.
CVE-2025-0411
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-0411
7-Zip Mark-of-the-Web Bypass Vulnerability. This vulnerability allows remote attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of 7-Zip. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, 7-Zip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current user. Was ZDI-CAN-25456.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-0411
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-0411: CVE-2025-0411
CVE-2025-0411. Contribute to B1ack4sh/Blackash-CVE-2025-0411 development by creating an account on GitHub.
CVE-2023-27350
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
Github link:
https://github.com/Royall-Researchers/CVE-2023-27350
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from improper access control. An attacker can leverage this vulnerability to bypass authentication and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-18987.
Github link:
https://github.com/Royall-Researchers/CVE-2023-27350
GitHub
GitHub - Royall-Researchers/CVE-2023-27350: Papercut Vulnerability, Affected Versions are PaperCut MF or NG version 8.0 or later…
Papercut Vulnerability, Affected Versions are PaperCut MF or NG version 8.0 or later (excluding patched versions) on all OS platforms. - GitHub - Royall-Researchers/CVE-2023-27350: Papercut Vulner...