Forwarded from PT from dbugs
@Dbugs1337 — automated monitoring of dbugs.ptsecurity.com
Unofficial Telegram bot channel that tracks and posts entries from dbugs with information about new vulnerabilities with the PT identifier (like CVE).
Unofficial Telegram bot channel that tracks and posts entries from dbugs with information about new vulnerabilities with the PT identifier (like CVE).
CVE-2025-5777.zip
2.6 KB
CVE-2025-5777
Author: ndr-repo
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
GitHub Link:
https://github.com/ndr-repo/CVE-2025-5777
Author: ndr-repo
Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
GitHub Link:
https://github.com/ndr-repo/CVE-2025-5777
CVE-2011-2523.zip
2.3 KB
CVE-2011-2523
Author: seerat-fatima21
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
GitHub Link:
https://github.com/seerat-fatima21/vsftpd-exploit
Author: seerat-fatima21
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp.
GitHub Link:
https://github.com/seerat-fatima21/vsftpd-exploit
CVE-2018-7600.zip
5.8 KB
CVE-2018-7600
Author: SyedGhufranRaza
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
GitHub Link:
https://github.com/SyedGhufranRaza/CVE-2018-7600-Remote-Code-Execution
Author: SyedGhufranRaza
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.
GitHub Link:
https://github.com/SyedGhufranRaza/CVE-2018-7600-Remote-Code-Execution
CVE-2021-29447.zip
961.2 KB
CVE-2021-29447
Author: ArtemCyberLab
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
GitHub Link:
https://github.com/ArtemCyberLab/Project-Project-Chimera-Exploiting-a-Modern-WordPress-XXE-to-Pillage-Secrets-
Author: ArtemCyberLab
Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.
GitHub Link:
https://github.com/ArtemCyberLab/Project-Project-Chimera-Exploiting-a-Modern-WordPress-XXE-to-Pillage-Secrets-