1789 matches found
CVE-2023-53875
GOM Player 2.3.90.5360 contains a remote code execution vulnerability in the Internet Explorer component. The issue can be triggered via DNS spoofing with a malicious URL shortcut and WebDAV, enabling an attacker to execute arbitrary code and potentially run a reverse shell with SMB server intera...
PT-2025-51293
Name of the Vulnerable Software and Affected Versions GOM Player version 2.3.90.5360 Description GOM Player has a remote code execution issue in its Internet Explorer component. An attacker can execute arbitrary code through DNS spoofing. The attack involves redirecting a victim using a malicious...
Exploit for Improper Neutralization of Line Delimiters in Cacti
Cacti CVE-2025-24367 Authenticated RCE PoC This repository co...
CVE-2024-58305
WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...
CVE-2025-34506
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed...
EUVD-2024-55351
WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...
CVE-2024-58305
WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...
CVE-2024-58305
WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...
CVE-2024-58305
WonderCMS 4.3.2 has a cross-site scripting vulnerability at the module installation endpoint. An attacker can craft a payload to inject JavaScript and trick an authenticated administrator into visiting a malicious link, enabling installation of a reverse shell module and remote command execution....
CVE-2024-58305 WonderCMS 4.3.2 Cross-Site Scripting Remote Code Execution via Module Installation
WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...
Exploit for Deserialization of Untrusted Data in Facebook React
React2Shell CVE-2025-55182 PoC A Proof-of-Concept exploit f...
HackTheBox-Penetration-Testing-Methodology
HackTheBox Penetration Testing Methodology by 9mmpterodacty...
EUVD-2025-202933
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed...
CVE-2025-34506
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed...
CVE-2025-34506
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed...
CVE-2025-34506
WBCE CMS is affected: version 1.6.3 and earlier are vulnerable to authenticated remote code execution via uploading a malicious module. The flaw arises when an administrator can upload a ZIP module containing embedded PHP reverse shell code, enabling remote system access when installed. Exploitat...
CVE-2025-34506 WBCE CMS 1.6.3 Authenticated Remote Code Execution via Module Upload
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed...
CVE-2025-34506 WBCE CMS 1.6.3 Authenticated Remote Code Execution via Module Upload
WBCE CMS version 1.6.3 and prior contains an authenticated remote code execution vulnerability that allows administrators to upload malicious modules. Attackers can craft a specially designed ZIP module with embedded PHP reverse shell code to gain remote system access when the module is installed...
PT-2025-50767
Name of the Vulnerable Software and Affected Versions WBCE CMS versions prior to 1.6.3 WBCE CMS version 1.6.3 Description WBCE CMS versions 1.6.3 and earlier have a flaw that permits administrators to execute code remotely by uploading malicious modules. An attacker can create a ZIP module...
Exploit for Deserialization of Untrusted Data in Facebook React
🛡️ React2Shell CTF 🚀 !Securityhttps://img.shields.io/badge...