CVE-2020-0610
Author: Riocipta75

A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.

GitHub Link:
https://github.com/Riocipta75/lab-cve-2020-0610

CVE-2025-8067
Author: born0monday

None

GitHub Link:
https://github.com/born0monday/CVE-2025-8067

CVE-2025-24071
Author: AC8999

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

GitHub Link:
https://github.com/AC8999/CVE-2025-24071

CVE-2025-58440
Author: ph-hitachi

None

GitHub Link:
https://github.com/ph-hitachi/CVE-2025-58440

CVE-2025-53690
Author: rxerium

None

GitHub Link:
https://github.com/rxerium/CVE-2025-53690

CVE-2023-50164
Author: MKIRAHMET

An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.


GitHub Link:
https://github.com/MKIRAHMET/CVE-2023-50164-HTB-strutted

CVE-2025-22131
Author: s0ck37

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response.

GitHub Link:
https://github.com/s0ck37/CVE-2025-22131-POC

CVE-2025-57833
Author: Mkway

None

GitHub Link:
https://github.com/Mkway/CVE-2025-57833

CVE-2025-58780
Author: SexyShoelessGodofWar

None

GitHub Link:
https://github.com/SexyShoelessGodofWar/CVE-2025-58780

CVE-2025-49388
Author: Nxploited

None

GitHub Link:
https://github.com/Nxploited/CVE-2025-49388

CVE-2025-2502
Author: IHK-ONE

None

GitHub Link:
https://github.com/IHK-ONE/CVE-2025-2502

CVE-2025-53690
Author: B1ack4sh

None

GitHub Link:
https://github.com/B1ack4sh/Blackash-CVE-2025-53690

CVE-2024-22722
Author: terribledactyl

None

GitHub Link:
https://github.com/terribledactyl/Form-Tools-3.1.1-RCE

CVE-2021-42013
Author: Makavellik

It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.

GitHub Link:
https://github.com/Makavellik/POC-CVE-2021-42013-EXPLOIT

CVE-2025-58443
Author: casp3r0x0

None

GitHub Link:
https://github.com/casp3r0x0/CVE-2025-58443

CVE-2023-46818
Author: zs1n

An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if adminallowlangedit is enabled.

GitHub Link:
https://github.com/zs1n/CVE-2023-46818

CVE-2025-24204
Author: bale170501

The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.

GitHub Link:
https://github.com/bale170501/decrypted

CVE-2015-5736
Author: avielzecharia

None

GitHub Link:
https://github.com/avielzecharia/CVE-2015-5736

CVE-2025-10046
Author: byteReaper77

None

GitHub Link:
https://github.com/byteReaper77/CVE-2025-10046

CVE-2025-52389
Author: ktr4ck3r

None

GitHub Link:
https://github.com/ktr4ck3r/CVE-2025-52389