CVE-2025-2825
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-31161. Reason: This Record is a reservation duplicate of CVE-2025-31161. Notes: All CVE users should reference CVE-2025-31161 instead of this Record. All references and descriptions in this Record have been removed to prevent accidental usage.
Github link:
https://github.com/Shivshantp/CVE-2025-2825-CrushFTP-AuthBypass
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2025-31161. Reason: This Record is a reservation duplicate of CVE-2025-31161. Notes: All CVE users should reference CVE-2025-31161 instead of this Record. All references and descriptions in this Record have been removed to prevent accidental usage.
Github link:
https://github.com/Shivshantp/CVE-2025-2825-CrushFTP-AuthBypass
GitHub
GitHub - Shivshantp/CVE-2025-2825-CrushFTP-AuthBypass: Authentication Bypass PoC for CVE-2025-2825 – Exploiting CrushFTP 10.x
Authentication Bypass PoC for CVE-2025-2825 – Exploiting CrushFTP 10.x - Shivshantp/CVE-2025-2825-CrushFTP-AuthBypass
CVE-2025-53770
None
Github link:
https://github.com/AdityaBhatt3010/CVE-2025-53770-SharePoint-Zero-Day-Variant-Exploited-for-Full-RCE
None
Github link:
https://github.com/AdityaBhatt3010/CVE-2025-53770-SharePoint-Zero-Day-Variant-Exploited-for-Full-RCE
GitHub
GitHub - AdityaBhatt3010/CVE-2025-53770-SharePoint-Zero-Day-Variant-Exploited-for-Full-RCE: A critical zero-auth RCE vulnerability…
A critical zero-auth RCE vulnerability in SharePoint (CVE-2025-53770), now exploited in the wild, building directly on the spoofing flaw CVE-2025-49706. - AdityaBhatt3010/CVE-2025-53770-SharePoint-...
CVE-2022-1386
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
Github link:
https://github.com/fayassgit/CVE-2022-1386-FusionBuilder-SSRF
The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the server's local network bypassing firewalls and access control measures.
Github link:
https://github.com/fayassgit/CVE-2022-1386-FusionBuilder-SSRF
GitHub
GitHub - fayassgit/CVE-2022-1386-FusionBuilder-SSRF: Unauthenticated SSRF PoC in WordPress Fusion Builder <3.6.2 (CVE-2022-1386)
Unauthenticated SSRF PoC in WordPress Fusion Builder <3.6.2 (CVE-2022-1386) - fayassgit/CVE-2022-1386-FusionBuilder-SSRF
CVE-2023-51385
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
Github link:
https://github.com/saarcastified/CVE-2023-51385---OpenSSH-ProxyCommand-Injection-PoC
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name.
Github link:
https://github.com/saarcastified/CVE-2023-51385---OpenSSH-ProxyCommand-Injection-PoC
GitHub
GitHub - saarcastified/CVE-2023-51385---OpenSSH-ProxyCommand-Injection-PoC: This repository contains a proof-of-concept (PoC) for…
This repository contains a proof-of-concept (PoC) for exploiting the OpenSSH ProxyCommand vulnerability — CVE-2025-51385 — affecting OpenSSH servers <9.6 Version - saarcastified/CVE-2023-513...
CVE-2025-34085
An unrestricted file upload vulnerability in the WordPress Simple File List plugin prior to version 4.2.3 allows unauthenticated remote attackers to achieve remote code execution. The plugin's upload endpoint (ee-upload-engine.php) restricts file uploads based on extension, but lacks proper validation after file renaming. An attacker can first upload a PHP payload disguised as a .png file, then use the plugin’s ee-file-engine.php rename functionality to change the extension to .php. This bypasses upload restrictions and results in the uploaded payload being executable on the server.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-34085
An unrestricted file upload vulnerability in the WordPress Simple File List plugin prior to version 4.2.3 allows unauthenticated remote attackers to achieve remote code execution. The plugin's upload endpoint (ee-upload-engine.php) restricts file uploads based on extension, but lacks proper validation after file renaming. An attacker can first upload a PHP payload disguised as a .png file, then use the plugin’s ee-file-engine.php rename functionality to change the extension to .php. This bypasses upload restrictions and results in the uploaded payload being executable on the server.
Github link:
https://github.com/B1ack4sh/Blackash-CVE-2025-34085
GitHub
GitHub - B1ack4sh/Blackash-CVE-2025-34085: CVE-2025-34085
CVE-2025-34085. Contribute to B1ack4sh/Blackash-CVE-2025-34085 development by creating an account on GitHub.
CVE-2024-39930
The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.
Github link:
https://github.com/alexander47777/-CVE-2024-39930
The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated. Windows installations are unaffected.
Github link:
https://github.com/alexander47777/-CVE-2024-39930
GitHub
GitHub - alexander47777/-CVE-2024-39930: Gogs Under Attack: Unpacking the Critical SSH Vulnerability (CVE-2024–39930)
Gogs Under Attack: Unpacking the Critical SSH Vulnerability (CVE-2024–39930) - alexander47777/-CVE-2024-39930
CVE-2025-49144
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/0xCZR1/cve-2025-49144
Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2.
Github link:
https://github.com/0xCZR1/cve-2025-49144
GitHub
GitHub - 0xCZR1/cve-2025-49144: Notepad++ Privilege Escalation
Notepad++ Privilege Escalation. Contribute to 0xCZR1/cve-2025-49144 development by creating an account on GitHub.
CVE-2018-1207
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code.
Github link:
https://github.com/SYNKTeam/CVE-2018-1207
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code.
Github link:
https://github.com/SYNKTeam/CVE-2018-1207
GitHub
GitHub - SYNKTeam/CVE-2018-1207: Reverse Shell CVE for iDRAC 7 & 8 with firmware 2.52.52.52 and below.
Reverse Shell CVE for iDRAC 7 & 8 with firmware 2.52.52.52 and below. - SYNKTeam/CVE-2018-1207
CVE-2015-10137
None
Github link:
https://github.com/Kai-One001/-CVE-2015-10137-WordPress-N-Media-Website-Contact-Form-with-File-Upload-1.3.4
None
Github link:
https://github.com/Kai-One001/-CVE-2015-10137-WordPress-N-Media-Website-Contact-Form-with-File-Upload-1.3.4
GitHub
GitHub - Kai-One001/-CVE-2015-10137-WordPress-N-Media-Website-Contact-Form-with-File-Upload-1.3.4: WordPress联系表单插件 - 未授权任意文件上传漏洞
WordPress联系表单插件 - 未授权任意文件上传漏洞. Contribute to Kai-One001/-CVE-2015-10137-WordPress-N-Media-Website-Contact-Form-with-File-Upload-1.3.4 development by creating an account on GitHub.
CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/CirqueiraDev/MassExploit-CVE-2024-4577
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may misinterpret those characters as PHP options, which may allow a malicious user to pass options to PHP binary being run, and thus reveal the source code of scripts, run arbitrary PHP code on the server, etc.
Github link:
https://github.com/CirqueiraDev/MassExploit-CVE-2024-4577
GitHub
GitHub - CirqueiraDev/MassExploit-CVE-2024-4577: CVE-2024-4577 Mass Scanner & Exploit Tool
CVE-2024-4577 Mass Scanner & Exploit Tool. Contribute to CirqueiraDev/MassExploit-CVE-2024-4577 development by creating an account on GitHub.
CVE-2025-5777
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/Shivshantp/CVE-2025-5777-TrendMicro-ApexCentral-RCE
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
Github link:
https://github.com/Shivshantp/CVE-2025-5777-TrendMicro-ApexCentral-RCE
GitHub
GitHub - Shivshantp/CVE-2025-5777-TrendMicro-ApexCentral-RCE: PoC for CVE-2025-5777 – Auth Bypass and RCE in Trend Micro Apex Central
PoC for CVE-2025-5777 – Auth Bypass and RCE in Trend Micro Apex Central - Shivshantp/CVE-2025-5777-TrendMicro-ApexCentral-RCE