Forwarded from CyberSecurityTechnologies (-CST-)
#exploit
1. CVE-2023-31779:
Stored XSS in Wekan
https://github.com/jet-pentest/CVE-2023-31779
2. CVE-2023-31726:
AList 3.15.1 - Incorrect Access Control
https://github.com/J6451/CVE-2023-31726
3. Vulnerabilities of Goby supported with exploitation
https://github.com/gobysec/GobyVuls
1. CVE-2023-31779:
Stored XSS in Wekan
https://github.com/jet-pentest/CVE-2023-31779
2. CVE-2023-31726:
AList 3.15.1 - Incorrect Access Control
https://github.com/J6451/CVE-2023-31726
3. Vulnerabilities of Goby supported with exploitation
https://github.com/gobysec/GobyVuls
Forwarded from CyberSecurityTechnologies
#exploit
1⃣ CVE-2025-20281:
Cisco ISE API Unauthenticated RCE
2⃣ CVE-2025-29017:
Internet Banking System 2.0 RCE via Profile Picture Upload
3⃣ CVE-2025-22230, CVE-2025-22247:
The Guest Who Could - Exploiting LPE in VMWare Tools
4⃣ CVE-2025-6554:
A Brief Analysis of Chrome's 0day in the Wild
5⃣ CVE-2025-7783:
form-data boundary randomness vulnerability
6⃣ CVE-2025-31161:
CrushFTP Authentication Bypass
7⃣ CVE-2025-53770 SharePoint Vulnerability Scanner:
- Machine key extraction patterns
- Secondary payload indicators
- ExcelDataSet/Scorecard component processing
- ToolPane error patterns and anomalous response characteristics
+ SIEM Detection Rules
// Disclaimer
1⃣ CVE-2025-20281:
Cisco ISE API Unauthenticated RCE
2⃣ CVE-2025-29017:
Internet Banking System 2.0 RCE via Profile Picture Upload
3⃣ CVE-2025-22230, CVE-2025-22247:
The Guest Who Could - Exploiting LPE in VMWare Tools
4⃣ CVE-2025-6554:
A Brief Analysis of Chrome's 0day in the Wild
5⃣ CVE-2025-7783:
form-data boundary randomness vulnerability
6⃣ CVE-2025-31161:
CrushFTP Authentication Bypass
7⃣ CVE-2025-53770 SharePoint Vulnerability Scanner:
- Machine key extraction patterns
- Secondary payload indicators
- ExcelDataSet/Scorecard component processing
- ToolPane error patterns and anomalous response characteristics
+ SIEM Detection Rules
// Disclaimer