CVE-2015-5736
Author: avielzecharia
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
GitHub Link:
https://github.com/avielzecharia/CVE-2015-5736
Author: avielzecharia
The Fortishield.sys driver in Fortinet FortiClient before 5.2.4 allows local users to execute arbitrary code with kernel privileges by setting the callback function in a (1) 0x220024 or (2) 0x220028 ioctl call.
GitHub Link:
https://github.com/avielzecharia/CVE-2015-5736
CVE-2025-24204.zip
1.6 MB
CVE-2025-24204
Author: bale170501
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
GitHub Link:
https://github.com/bale170501/decrypted
Author: bale170501
The issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to access protected user data.
GitHub Link:
https://github.com/bale170501/decrypted
CVE-2023-46818.zip
2.7 KB
CVE-2023-46818
Author: zs1n
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if adminallowlangedit is enabled.
GitHub Link:
https://github.com/zs1n/CVE-2023-46818
Author: zs1n
An issue was discovered in ISPConfig before 3.2.11p1. PHP code injection can be achieved in the language file editor by an admin if adminallowlangedit is enabled.
GitHub Link:
https://github.com/zs1n/CVE-2023-46818
CVE-2024-22722.zip
5.5 KB
CVE-2024-22722
Author: terribledactyl
Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms section of the application.
GitHub Link:
https://github.com/terribledactyl/Form-Tools-3.1.1-RCE
Author: terribledactyl
Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms section of the application.
GitHub Link:
https://github.com/terribledactyl/Form-Tools-3.1.1-RCE
CVE-2021-42013.zip
9.8 KB
CVE-2021-42013
Author: Makavellik
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
GitHub Link:
https://github.com/Makavellik/POC-CVE-2021-42013-EXPLOIT
Author: Makavellik
It was found that the fix for CVE-2021-41773 in Apache HTTP Server 2.4.50 was insufficient. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration "require all denied", these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier versions.
GitHub Link:
https://github.com/Makavellik/POC-CVE-2021-42013-EXPLOIT
CVE-2025-2502.zip
1.8 KB
CVE-2025-2502
Author: IHK-ONE
An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.
GitHub Link:
https://github.com/IHK-ONE/CVE-2025-2502
Author: IHK-ONE
An improper default permissions vulnerability was reported in Lenovo PC Manager that could allow a local attacker to elevate privileges.
GitHub Link:
https://github.com/IHK-ONE/CVE-2025-2502
CVE-2025-22131.zip
134.1 KB
CVE-2025-22131
Author: s0ck37
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response.
GitHub Link:
https://github.com/s0ck37/CVE-2025-22131-POC
Author: s0ck37
PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Cross-Site Scripting (XSS) vulnerability in the code which translates the XLSX file into a HTML representation and displays it in the response.
GitHub Link:
https://github.com/s0ck37/CVE-2025-22131-POC
CVE-2025-24071.zip
3 KB
CVE-2025-24071
Author: AC8999
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
GitHub Link:
https://github.com/AC8999/CVE-2025-24071
Author: AC8999
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
GitHub Link:
https://github.com/AC8999/CVE-2025-24071
CVE-2025-24813.zip
17 KB
CVE-2025-24813
Author: Makavellik
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malic...
Author: Makavellik
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.
This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.
If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:
- writes enabled for the default servlet (disabled by default)
- support for partial PUT (enabled by default)
- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads
- attacker knowledge of the names of security sensitive files being uploaded
- the security sensitive files also being uploaded via partial PUT
If all of the following were true, a malic...
CVE-2023-50164.zip
21.3 KB
CVE-2023-50164
Author: MKIRAHMET
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
GitHub Link:
https://github.com/MKIRAHMET/CVE-2023-50164-HTB-strutted
Author: MKIRAHMET
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
GitHub Link:
https://github.com/MKIRAHMET/CVE-2023-50164-HTB-strutted
CVE-2025-24799.zip
8.7 KB
CVE-2025-24799
Author: Rosemary1337
GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18.
GitHub Link:
https://github.com/Rosemary1337/CVE-2025-24799
Author: Rosemary1337
GLPI is a free asset and IT management software package. An unauthenticated user can perform a SQL injection through the inventory endpoint. This vulnerability is fixed in 10.0.18.
GitHub Link:
https://github.com/Rosemary1337/CVE-2025-24799