CVE-2024-48307
Author: jisi-001

None

GitHub Link:
https://github.com/jisi-001/CVE-2024-48307POC

CVE-2025-9478
Author: Kamgreen50

None

GitHub Link:
https://github.com/Kamgreen50/STIG-Edge-RCE-CVE2025-9478

CVE-2024-40711
Author: birukG09

A deserialization of untrusted data vulnerability with a malicious payload can allow an unauthenticated remote code execution (RCE).

GitHub Link:
https://github.com/birukG09/veeam-rce-remediation-kit

CVE-2025-4427
Author: rxerium

An authentication bypass in the API component of Ivanti Endpoint Manager Mobile 12.5.0.0 and prior allows attackers to access protected resources without proper credentials via the API.

GitHub Link:
https://github.com/rxerium/CVE-2025-4427-CVE-2025-4428

CVE-2021-3456
Author: mrk336

None

GitHub Link:
https://github.com/mrk336/CVE-2021-3456

CVE-2025-27591
Author: danil-koltsov

A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.

GitHub Link:
https://github.com/danil-koltsov/below-log-race-poc

CVE-2025-27480
Author: mrk336

None

GitHub Link:
https://github.com/mrk336/CVE-2025-27480-The-Silent-Gateway-Risk

CVE-2017-9841
Author: Habibullah1101

Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.

GitHub Link:
https://github.com/Habibullah1101/PHPUnit-GoScan

CVE-2025-57819
Author: blueisbeautiful

None

GitHub Link:
https://github.com/blueisbeautiful/CVE-2025-57819

CVE-2024-25765
Author: dennismendes10

None

GitHub Link:
https://github.com/dennismendes10/CMD-Exploit-CVE-2024-RCE-AboRady-FUD-25765-Injection

CVE-2025-53694
Author: blueisbeautiful

None

GitHub Link:
https://github.com/blueisbeautiful/CVE-2025-53694-to-CVE-2025-53691

CVE-2025-53691
Author: blueisbeautiful

None

GitHub Link:
https://github.com/blueisbeautiful/CVE-2025-53691

CVE-2025-53693
Author: blueisbeautiful

None

GitHub Link:
https://github.com/blueisbeautiful/CVE-2025-53693

CVE-2025-34300
Author: jisi-001

None

GitHub Link:
https://github.com/jisi-001/CVE-2025-34300POC

CVE-2025-57819
Author: net-hex

None

GitHub Link:
https://github.com/net-hex/CVE-2025-57819

CVE-2019-10945
Author: Snizi

An issue was discovered in Joomla! before 3.9.5. The Media Manager component does not properly sanitize the folder parameter, allowing attackers to act outside the media manager root directory.

GitHub Link:
https://github.com/Snizi/CVE-2019-10945

CVE-2025-23266
Author: r0binak

None

GitHub Link:
https://github.com/r0binak/CVE-2025-23266

CVE-2025-6934
Author: Pwdnx1337

None

GitHub Link:
https://github.com/Pwdnx1337/CVE-2025-6934

CVE-2024-45590
Author: dhruvik-git

None

GitHub Link:
https://github.com/dhruvik-git/CVE-2024-45590

CVE-2024-53677
Author: Cythonic1

File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.

This issue affects Apache Struts: from 2.0.0 before 6.4.0.

Users are recommended to upgrade to version 6.4.0 at least and migrate to the new file upload mechanism https://struts.apache.org/core-developers/file-upload . If you are not using an old file upload logic based on FileuploadInterceptor your application is safe.

You can find more details in  https://cwiki.apache.org/confluence/display/WW/S2-067

GitHub Link:
https://github.com/Cythonic1/CVE-2024-53677-POC