CVE-2025-63420

CVE-2025-63420 affects CrushFTP11 prior to 11.3.7_57, where a stored HTML injection in the Admin Panel (Reports / “Who Created Folder”) enables HTML execution in authenticated admin sessions. The root cause is stored HTML injection via folder-creation input, leading to persistent XSS. The exploit...

PT-2025-45509

Name of the Vulnerable Software and Affected Versions CrushFTP version 11.3.7 50 Description A stored cross-site scripting XSS issue exists in the CrushFTP Admin Panel, specifically within the Reports / 'Who Created Folder' section. Authenticated attackers who have folder creation permissions can...

CVE-2025-63420

CrushFTP11 before 11.3.757 is vulnerable to stored HTML injection in the CrushFTP Admin Panel Reports / "Who Created Folder", enabling persistent HTML execution in admin sessions...

Metasploit Wrap-Up 10/31/2025

New module content 3 ReDoc API Docs UI Exposed Author: Hamza Sahin Type: Auxiliary Pull request: 20594 contributed by HamzaSahin61 Path: scanner/http/redocexposed Description: Adds a module to detect publicly exposed ReDoc API documentation pages using read-only HTTP GET requests searching for...

Windows Persistent Startup Folder

This module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems. Module Options msf use exploit/windows/persistence/startupfolder msf exploitstartupfolder show targets ...targets... msf exploitstartupfolder set TARGET msf...

EUVD-2025-36694

An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder...

CVE-2025-57227

An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder...

📄 Windows Persistent Startup Folder

This Metasploit module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...

CVE-2025-57227

CVE-2025-57227 affects Kingo ROOT v1.5.8.3353 by Kingosoft Technology Ltd. The vulnerability is an unquoted service path that allows local privilege escalation by placing a crafted executable in the parent folder. Public sources (e.g., PT-2025-44334) suggest updating to a newer Kingo ROOT version...

Windows Persistent Startup Folder

This Metasploit module establishes persistence by creating a payload in the user or system startup folder. Works on Vista and newer systems...

CVE-2025-57227

An unquoted service path in Kingosoft Technology Ltd Kingo ROOT v1.5.8.3353 allows attackers to escalate privileges via placing a crafted executable file into a parent folder...

CVE-2025-9164

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

CVE-2025-9164 Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

EUVD-2025-36191

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

CVE-2025-9164 Multiple DLL Search Order Hijacking Vulnerabilities in Docker Desktop Installer for Windows

Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This issue affects Docker...

PT-2025-43961

Name of the Vulnerable Software and Affected Versions Docker Desktop versions through 4.48.0 Description The Docker Desktop Installer.exe is susceptible to a DLL hijacking issue stemming from an insecure DLL search order. The installer prioritizes searching for necessary DLLs within the user's...

CVE-2025-56799

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself...

CVE-2025-56799

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself...

CVE-2025-56799

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself...

CVE-2025-62510

FileRise is a self-hosted web-based file manager with multi-file upload, editing, and batch operations. In version 1.4.0, a regression allowed folder visibility/ownership to be inferred from folder names. Low-privilege users could see or interact with folders matching their username and, in some...