https://cxsecurity.com/wlb/ The Exploit Database - World Laboratory of Bugtraq 2 CXSecurity.com en-US Fri, 10 Apr 2026 05:05:50 +0000 CXSecurity https://cxsecurity.com/wlb/rss/exploit/ https://cxsecurity.com/images/wlb/wlblogo.png The Exploit Database - World Laboratory of Bugtraq 2 (WLB2) https://cxsecurity.com/issue/WLB-2026030027 WLB-2026030027 2026-03-18 21:17:40 CET Mohammed Idrees Banyamer Topic: Kanboard < = 1.2.50 Authenticated SQL Injection Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: Kanboard Authenticated SQL Injection in ProjectPermissionController # CVE: ... Wed, 18 Mar 2026 21:17:40 +0000 https://cxsecurity.com/issue/WLB-2026030004 WLB-2026030004 2026-03-02 21:11:47 CET Mohammed Idrees Banyamer Topic: OpenClaw tools.exec.safeBins < = 2026.2.22 Remote Code Execution Risk: Low Text:#!/usr/bin/env python3 # Exploit Title: OpenClaw tools.exec.safeBins < = 2026.2.22 Remote Code Execution # CVE: CV... Mon, 02 Mar 2026 21:11:47 +0000 https://cxsecurity.com/issue/WLB-2026020022 WLB-2026020022 2026-02-23 22:18:20 CET nu11secur1ty Topic: Google Chrome < 145.0.7632.75 - CSSFontFeatureValuesMap Use-After-Free Risk: High Text:# Exploit Title: Google Chrome < 145.0.7632.75 - CSSFontFeatureValuesMap Use-After-Free # Date: 2026-02-23 # Exploit Author: ... Mon, 23 Feb 2026 22:18:20 +0000 https://cxsecurity.com/issue/WLB-2026020013 WLB-2026020013 2026-02-14 20:31:45 CET semaja2 Topic: Siklu EtherHaul Series EH-8010 Remote Command Execution Risk: High Text:# Exploit Title:Siklu EtherHaul Series EH-8010 - Remote Command Execution # Shodan Dork: "EH-8010" or "EH-1200" # Date: 2025-... Sat, 14 Feb 2026 20:31:45 +0000 https://cxsecurity.com/issue/WLB-2026020007 WLB-2026020007 2026-02-05 21:43:29 CET Beatriz Fresno Naumova Topic: aiohttp 3.9.1 Directory Traversal Risk: Medium Text:# Exploit Title: Python aiohttp directory traversal PoC (CVE-2024-23334) # Google Dork: N/A # Date: 2025-10-06 # Exploit Aut... Thu, 05 Feb 2026 21:43:29 +0000 https://cxsecurity.com/issue/WLB-2026020005 WLB-2026020005 2026-02-02 21:14:04 CET Mohammed Idrees Banyamer Topic: deephas < = 1.0.7 - Prototype Pollution leading to Arbitrary Code Execution / DoS Risk: High Text:#!/usr/bin/env python3 # # Exploit Title: deephas < = 1.0.7 - Prototype Pollution leading to Arbitrary Code Execution / DoS #... Mon, 02 Feb 2026 21:14:04 +0000 https://cxsecurity.com/issue/WLB-2026010017 WLB-2026010017 2026-01-26 19:48:43 CET Mohammed Idrees Banyamer Topic: LangChain Core - Serialization Injection to Jinja2 SSTI/RCE Risk: High Text:# Exploit Title: LangChain Core - Serialization Injection to Jinja2 SSTI/RCE # Date: 2025-12-29 # Exploit Author: Mohammed I... Mon, 26 Jan 2026 19:48:43 +0000 https://cxsecurity.com/issue/WLB-2026010010 WLB-2026010010 2026-01-18 21:49:23 CET Valentin Topic: AVideo Notify.ffmpeg.json.php Unauthenticated Remote Code Execution Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Sun, 18 Jan 2026 21:49:23 +0000 https://cxsecurity.com/issue/WLB-2025120031 WLB-2025120031 2025-12-28 10:40:02 CET Byte Reaper Topic: Birth Chart Compatibility WordPress Plugin 2.0 Full Path Disclosure Risk: Low Text:/* * Exploit Title : Birth Chart Compatibility WordPress Plugin 2.0 - Full Path Disclosure * Author : Byte Reaper *... Sun, 28 Dec 2025 10:40:02 +0000 https://cxsecurity.com/issue/WLB-2025120017 WLB-2025120017 2025-12-17 23:01:51 CET Matan Sandori Topic: dotCMS 25.07.02-1 Authenticated Blind SQL Injection Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: dotCMS 25.07.02-1 - Authenticated Blind SQL Injection # Google Dork: N/A # Date: 2... Wed, 17 Dec 2025 23:01:51 +0000 https://cxsecurity.com/issue/WLB-2025120009 WLB-2025120009 2025-12-09 21:45:49 CET Byte Reaper Topic: Mbed TLS 3.6.4 Use-After-Free Risk: High Text:/* * Exploit Title: Mbed TLS 3.6.4 - Use-After-Free * Google Dork: N/A * Date: 2025-08-29 * Exploit Author: Byte Reaper... Tue, 09 Dec 2025 21:45:49 +0000 https://cxsecurity.com/issue/WLB-2025120002 WLB-2025120002 2025-12-01 16:53:54 CET ibrahimsql Topic: MonstaFTP Unauthenticated File Upload Risk: Medium Text:# Titles: MonstaFTP Unauthenticated File Upload CVE-2025-34299 # Author: ibrahimsql # Date: 11/21/2025 # Vendor: https://www... Mon, 01 Dec 2025 16:53:54 +0000 https://cxsecurity.com/issue/WLB-2025110001 WLB-2025110001 2025-11-01 19:53:50 CET nltt0 Topic: Flowise 3.0.4 Remote Code Execution Risk: High Text:# Exploit Title: Flowise 3.0.4 - Remote Code Execution (RCE) # Date: 10/11/2025 # Exploit Author: [nltt0] (https://github.com... Sat, 01 Nov 2025 19:53:49 +0000 https://cxsecurity.com/issue/WLB-2025100015 WLB-2025100015 2025-10-29 20:23:08 CET ByteReaper0 Topic: Swagger UI 1.0.3 Cross-Site Scripting (XSS) Risk: Low Text:/* * Author : Byte Reaper * Telegram : @ByteReaper0 * CVE : CVE-2025-8191 * Title : Swagger UI 1.0.3... Wed, 29 Oct 2025 20:23:07 +0000 https://cxsecurity.com/issue/WLB-2025100013 WLB-2025100013 2025-10-24 07:39:12 CET Maksim Topic: Vvveb CMS 1.0.5 Remote Code Execution Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Fri, 24 Oct 2025 07:39:11 +0000 https://cxsecurity.com/issue/WLB-2025100006 WLB-2025100006 2025-10-07 21:08:12 CET DANG Topic: SugarCRM unauthenticated Remote Code Execution (RCE) Risk: High Text:# Exploit Title: SugarCRM unauthenticated Remote Code Execution (RCE) # Exploit Author: DANG # Vendor Homepage: https://www.s... Tue, 07 Oct 2025 21:08:12 +0000 https://cxsecurity.com/issue/WLB-2025090014 WLB-2025090014 2025-09-30 20:51:35 CET Byte Topic: Belkin F9K1009 F9K1010 2.00.04/2.00.09 Hard Coded Credentials Risk: High Text:/* * Title : Belkin F9K1009 F9K1010 2.00.04/2.00.09 - Hard Coded Credentials * Author : Byte Reaper * CVE... Tue, 30 Sep 2025 20:51:34 +0000 https://cxsecurity.com/issue/WLB-2025090011 WLB-2025090011 2025-09-21 17:30:38 CET Piotr Bazydlo Topic: Commvault CLI Argument Injection / Traversal / Remote Code Execution Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Sun, 21 Sep 2025 17:30:38 +0000 https://cxsecurity.com/issue/WLB-2025090008 WLB-2025090008 2025-09-14 16:43:46 CET Piotr Bazydlo Topic: Sitecore XP Post-Authentication File Upload Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Sun, 14 Sep 2025 16:43:46 +0000 https://cxsecurity.com/issue/WLB-2025080025 WLB-2025080025 2025-08-28 11:18:51 CET Gurjot Singh Topic: Ultimate Member WordPress Plugin 2.6.6 Privilege Escalation Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: Ultimate Member WordPress Plugin 2.6.6 - Privilege Escalation # Exploit Author: Gur... Thu, 28 Aug 2025 11:18:51 +0000 https://cxsecurity.com/issue/WLB-2025080024 WLB-2025080024 2025-08-28 11:18:21 CET ibrahimsql Topic: Ghost CMS 5.59.1 Arbitrary File Read Risk: Medium Text:#!/usr/bin/env python3 # -*- coding: utf-8 -*- """ # Exploit Title: Ghost CMS 5.59.1 - Arbitrary File Read # Date: 2023-09-... Thu, 28 Aug 2025 11:18:21 +0000 https://cxsecurity.com/issue/WLB-2025080022 WLB-2025080022 2025-08-28 11:16:57 CET Érick Sousa Topic: DOS Baby POP3 Server 1.04 Risk: Medium Text:# Exploit Title: DOS Baby POP3 Server 1.04 # Date: 12/08/2025 # Exploit Author: Érick Sousa (https://www.linkedin.com/in/eri... Thu, 28 Aug 2025 11:16:57 +0000 https://cxsecurity.com/issue/WLB-2025080017 WLB-2025080017 2025-08-20 19:34:44 CET Topic: Tenda AC20 16.03.08.12 Command Injection Risk: Medium Text:/* * Exploit Title : Tenda AC20 16.03.08.12 - Command Injection * Author : Byte Reaper * CVE : CVE-2025-90... Wed, 20 Aug 2025 19:34:42 +0000 https://cxsecurity.com/issue/WLB-2025080011 WLB-2025080011 2025-08-11 20:53:04 CET Byte Reaper Topic: Projectworlds Online Admission System 1.0 SQL Injection Risk: Medium Text:/* * Title : projectworlds Online Admission System 1.0 - SQL Injection * Author : Byte Reaper * CVE ... Mon, 11 Aug 2025 20:53:04 +0000 https://cxsecurity.com/issue/WLB-2025080010 WLB-2025080010 2025-08-11 20:50:58 CET ibrahimsql (https://github.com/ibrahimsql) Topic: JetBrains TeamCity 2023.11.4 Authentication Bypass Risk: High Text:#!/usr/bin/env python3 # -*- coding: utf-8 -*- """ # Exploit Title: JetBrains TeamCity 2023.11.4 - Authentication Bypass # ... Mon, 11 Aug 2025 20:50:58 +0000 https://cxsecurity.com/issue/WLB-2025080009 WLB-2025080009 2025-08-11 20:50:08 CET ibrahimsql Topic: Cisco ISE 3.0 Remote Code Execution Risk: High Text:# Exploit Title: Cisco ISE 3.0 - Remote Code Execution (RCE) # Exploit Author: @ibrahimsql ibrahimsql.com # Exploit Author's ... Mon, 11 Aug 2025 20:50:08 +0000 https://cxsecurity.com/issue/WLB-2025080007 WLB-2025080007 2025-08-10 21:39:55 CET h00die-gr3y Topic: Pandora ITSM Authenticated Command Injection Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Sun, 10 Aug 2025 21:39:55 +0000 https://cxsecurity.com/issue/WLB-2025080006 WLB-2025080006 2025-08-08 23:13:17 CET Anonymous Topic: Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated RCE Risk: High Text:package main import ( "flag" "fmt" "io" "net/http" "net/url" "os" "strings" ) /* Shenzhen Aitemi M300 Wi-... Fri, 08 Aug 2025 23:13:16 +0000 https://cxsecurity.com/issue/WLB-2025080005 WLB-2025080005 2025-08-05 12:00:26 CET Brendan coles Topic: Malicious XDG Desktop File Risk: Medium Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Tue, 05 Aug 2025 12:00:26 +0000 https://cxsecurity.com/issue/WLB-2025080001 WLB-2025080001 2025-08-03 15:18:20 CET Raghad Abdallah Al-syouf Topic: Langflow 1.2.x Remote Code Execution (RCE) Risk: High Text:#!/usr/bin/env python3 # Exploit Title: Langflow 1.2.x - Remote Code Execution (RCE) # Date: 2025-07-11 # Exploit Author: Ra... Sun, 03 Aug 2025 15:18:19 +0000 https://cxsecurity.com/issue/WLB-2025070040 WLB-2025070040 2025-07-31 15:32:12 CET nu11secur1ty Topic: Microsoft Excel LTSC 2024 Remote Code Execution Risk: High Text:# Titles: Microsoft Excel LTSC 2024 - Remote Code Execution (RCE) # Author: nu11secur1ty # Date: 06/16/2025 # Vendor: Micros... Thu, 31 Jul 2025 15:32:12 +0000 https://cxsecurity.com/issue/WLB-2025070036 WLB-2025070036 2025-07-28 21:37:58 CET @İbrahimsql Topic: Adobe ColdFusion 2023.6 Remote File Read Risk: High Text:# Exploit Title: Adobe ColdFusion 2023.6 - Remote File Read # Exploit Author: @İbrahimsql # Exploit Author's github: https:/... Mon, 28 Jul 2025 21:37:58 +0000 https://cxsecurity.com/issue/WLB-2025070033 WLB-2025070033 2025-07-24 19:42:45 CET bcoles Topic: Malicious Windows Registration Entries (.reg) File Risk: Medium Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Thu, 24 Jul 2025 19:42:45 +0000 https://cxsecurity.com/issue/WLB-2025070032 WLB-2025070032 2025-07-24 19:41:18 CET Mohammed Idrees Banyamer Topic: Microsoft PowerPoint 2019 Remote Code Execution (RCE) Risk: High Text:#!/usr/bin/env python3 # Exploit Title: Microsoft PowerPoint 2019 - Remote Code Execution (RCE) # Author: Mohammed Idrees Ban... Thu, 24 Jul 2025 19:41:18 +0000 https://cxsecurity.com/issue/WLB-2025070012 WLB-2025070012 2025-07-11 21:16:20 CET ibrahimsql Topic: Discourse 3.2.x Anonymous Cache Poisoning Risk: Low Text:#!/usr/bin/env python3 """ Exploit Title: Discourse 3.2.x - Anonymous Cache Poisoning Date: 2024-10-15 Exploit Author: ibra... Fri, 11 Jul 2025 21:16:20 +0000 https://cxsecurity.com/issue/WLB-2025070006 WLB-2025070006 2025-07-02 11:12:26 CET nu11secur1ty Topic: VBA Bypass Windows Defender Exploit PoC Risk: High Text:# CVE-2025-47170 Exploit PoC VBA Bypass Windows Defender - Overview This Python script is a proof-of-concept (PoC) exploit de... Wed, 02 Jul 2025 11:12:26 +0000 https://cxsecurity.com/issue/WLB-2025070002 WLB-2025070002 2025-07-01 18:43:33 CET Huseyin Mardini Topic: Social Warfare WordPress Plugin 3.5.2 Remote Code Execution (RCE) Risk: High Text:#!/usr/bin/env python3 # Exploit Title: Social Warfare WordPress Plugin 3.5.2 - Remote Code Execution (RCE) # Date: 25-06-2... Tue, 01 Jul 2025 18:43:33 +0000 https://cxsecurity.com/issue/WLB-2025070001 WLB-2025070001 2025-07-01 18:42:45 CET ibrahimsql Topic: PHP CGI Module 8.3.4 Remote Code Execution Risk: High Text:#!/usr/bin/env python3 # Exploit Title: PHP CGI Module 8.3.4 - Remote Code Execution (RCE) # Date: 2025-06-13 # Exploit Au... Tue, 01 Jul 2025 18:42:44 +0000 https://cxsecurity.com/issue/WLB-2025060031 WLB-2025060031 2025-06-29 19:42:24 CET Pepelux Topic: Grandstream GSD3710 1.0.11.13 Stack Overflow Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: Grandstream GSD3710 1.0.11.13 - Stack Overflow # Date: 2025-05-29 # Exploit Auth... Sun, 29 Jun 2025 19:42:24 +0000 https://cxsecurity.com/issue/WLB-2025060026 WLB-2025060026 2025-06-26 21:43:59 CET Mohammed Idrees Banyamer Topic: Parrot and DJI variants Drone OSes Kernel Panic Exploit Risk: Low Text:#!/usr/bin/env python3 # Exploit Title: Parrot and DJI variants Drone OSes - Kernel Panic Exploit # Author: Mohammed Idrees B... Thu, 26 Jun 2025 21:43:59 +0000