CVE-2025-31324
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
Github link:
https://github.com/antichainalysis/sap-netweaver-0day-CVE-2025-31324
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availability of the targeted system.
Github link:
https://github.com/antichainalysis/sap-netweaver-0day-CVE-2025-31324
GitHub
GitHub - antichainalysis/sap-netweaver-0day-CVE-2025-31324: sap netweaver 0day poc by shinyhunters (scattered lapsus$ hunters)…
sap netweaver 0day poc by shinyhunters (scattered lapsus$ hunters) affecting all 7.x CVE-2025-31324 - antichainalysis/sap-netweaver-0day-CVE-2025-31324
👎1
CVE-2019-15107
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/ArtemCyberLab/Project-Exploitation-of-Webmin-Authentication-Vulnerability
An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
Github link:
https://github.com/ArtemCyberLab/Project-Exploitation-of-Webmin-Authentication-Vulnerability
GitHub
GitHub - ArtemCyberLab/Project-Exploitation-of-Webmin-Authentication-Vulnerability: Research Objective: To conduct a comprehensive…
Research Objective: To conduct a comprehensive analysis and successful exploitation of a Remote Code Execution (RCE) vulnerability in Webmin version 1.890 (CVE-2019-15107), ultimately gaining full ...
👎1
CVE-2018-7422
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.
Github link:
https://github.com/ndr-repo/CVE-2018-7422
A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal.
Github link:
https://github.com/ndr-repo/CVE-2018-7422
GitHub
GitHub - ndr-repo/CVE-2018-7422: Exploit for CVE-2018-7422: Local File Inclusion in WordPress Plugin Site Editor 1.1.1 [T1574.008]
Exploit for CVE-2018-7422: Local File Inclusion in WordPress Plugin Site Editor 1.1.1 [T1574.008] - ndr-repo/CVE-2018-7422
👎1
CVE-2025-27591
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/umutcamliyurt/CVE-2025-27591
A privilege escalation vulnerability existed in the Below service prior to v0.9.0 due to the creation of a world-writable directory at /var/log/below. This could have allowed local unprivileged users to escalate to root privileges through symlink attacks that manipulate files such as /etc/shadow.
Github link:
https://github.com/umutcamliyurt/CVE-2025-27591
GitHub
GitHub - umutcamliyurt/CVE-2025-27591: Below <v0.9.0 PoC Privilege Escalation Exploit
Below <v0.9.0 PoC Privilege Escalation Exploit. Contribute to umutcamliyurt/CVE-2025-27591 development by creating an account on GitHub.
👎1
CVE-2024-28397
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
Github link:
https://github.com/waleed-hassan569/CVE-2024-28397-command-execution-poc
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
Github link:
https://github.com/waleed-hassan569/CVE-2024-28397-command-execution-poc
GitHub
GitHub - waleed-hassan569/CVE-2024-28397-command-execution-poc: This vulnerability arises from incomplete sandboxing in js2py,…
This vulnerability arises from incomplete sandboxing in js2py, where crafted JavaScript can traverse Python’s internal object model and access dangerous classes like subprocess.Popen, leading to ar...
CVE-2019-12185
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
Github link:
https://github.com/Drew-Alleman/CVE-2019-12185
eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/controllers/EntityController.php component. This may result in remote command execution. An attacker can use a user account to fully compromise the system using a POST request. This will allow for PHP files to be written to the web root, and for code to execute on the remote server.
Github link:
https://github.com/Drew-Alleman/CVE-2019-12185
GitHub
GitHub - Drew-Alleman/CVE-2019-12185: CVE-2019-12185 - eLabFTW 1.8.5 Python3 Exploit POC
CVE-2019-12185 - eLabFTW 1.8.5 Python3 Exploit POC - Drew-Alleman/CVE-2019-12185
CVE-2015-10141
An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user.
Github link:
https://github.com/n0m4d22/PoC-CVE-2015-10141-Xdebug
An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker can send a crafted eval command over this interface to execute arbitrary PHP code, which may invoke system-level functions such as system() or passthru(). This results in full compromise of the host under the privileges of the web server user.
Github link:
https://github.com/n0m4d22/PoC-CVE-2015-10141-Xdebug
GitHub
GitHub - n0m4d22/PoC-CVE-2015-10141-Xdebug: Proof-of-Concept exploit script for Xdebug 2.5.5 and earlier versions (CVE-2015-10141).
Proof-of-Concept exploit script for Xdebug 2.5.5 and earlier versions (CVE-2015-10141). - n0m4d22/PoC-CVE-2015-10141-Xdebug
CVE-2024-28397
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
Github link:
https://github.com/0timeday/exploit-js2py
An issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call.
Github link:
https://github.com/0timeday/exploit-js2py
GitHub
GitHub - 0timeday/exploit-js2py: The CVE-2024-28397 vulnerability affects versions of js2py up to v0.74, a Python library that…
The CVE-2024-28397 vulnerability affects versions of js2py up to v0.74, a Python library that allows JavaScript code to be executed within the Python interpreter. - GitHub - 0timeday/exploit-js2py...
CVE-2025-49132
Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it could be used to gain access to the Panel's server, read credentials from the Panel's config, extract sensitive information from the database, access files of servers managed by the panel, etc. This issue has been patched in version 1.11.11. There are no software workarounds for this vulnerability, but use of an external Web Application Firewall (WAF) could help mitigate this attack.
Github link:
https://github.com/GRodolphe/CVE-2025-49132_poc
Pterodactyl is a free, open-source game server management panel. Prior to version 1.11.11, using the /locales/locale.json with the locale and namespace query parameters, a malicious actor is able to execute arbitrary code without being authenticated. With the ability to execute arbitrary code it could be used to gain access to the Panel's server, read credentials from the Panel's config, extract sensitive information from the database, access files of servers managed by the panel, etc. This issue has been patched in version 1.11.11. There are no software workarounds for this vulnerability, but use of an external Web Application Firewall (WAF) could help mitigate this attack.
Github link:
https://github.com/GRodolphe/CVE-2025-49132_poc
GitHub
GitHub - GRodolphe/CVE-2025-49132_poc: This is an improved version of the CVE-2025-49132 proof of concept exploit.
This is an improved version of the CVE-2025-49132 proof of concept exploit. - GRodolphe/CVE-2025-49132_poc