PoC Week 2025-03-03
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count. Older CVEs, trivially exploitable vulnerabilities (such as using hard-coded credentials) and those affecting open source projects with very small userbases aren’t listed.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them.
CVE-2024-54820
- Severity: 9.8 CRITICAL
- Impacted Products: XOne Web Monitor v02.10.2024.530 framework 1.0.4.9
- Description: SQL injection vulnerability in the login page. This vulnerability allows attackers to extract all usernames and passwords via a crafted input.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2024-54820
- PoC: https://github.com/jcarabantes/CVE-2024-54820/
CVE-2025-26794
- Severity: 7.5 HIGH
- Impacted Products: Exim 4.98 before 4.98.1
- Description: SQLite hints and ETRN serialization are used, allows remote SQL injection.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-26794
- PoC: https://github.com/OscarBataille/CVE-2025-26794/
CVE-2024-55460
- Severity: 9.8 CRITICAL
- Impacted Products: BoardRoom Limited Dividend Distribution Tax Election System Version v2.0
- Description: A time-based SQL injection vulnerability in the login page of BoardRoom Limited Dividend Distribution Tax Election System Version v2.0 allows attackers to execute arbitrary code via a crafted input.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2024-55460
- PoC: https://github.com/Ap0k4L1p5/CVE-research/tree/master/CVE-2024-55460
CVE-2025-27364
- Severity: 10 CRITICAL
- Impacted Products: MITRE Caldera through 4.2.0 and 5.0.0 before 35bc06e
- Description: Remote Code Execution (RCE) vulnerability was found in the dynamic agent (implant) compilation functionality of the server. This allows remote attackers to execute arbitrary code on the server that Caldera is running on via a crafted web request to the Caldera server API used for compiling and downloading of Caldera’s Sandcat or Manx agent (implants). This web request can use the gcc -extldflags linker flag with sub-commands.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-27364
- PoC: https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e
CVE-2025-26615
- Severity: 10 CRITICAL
- Impacted Products: WeGIA < v.3.2.14
- Description: A Path Traversal vulnerability was discovered in the WeGIA application,
examples.php
endpoint. This vulnerability could allow an attacker to gain unauthorized access to sensitive information stored inconfig.php
.config.php
contains information that could allow direct access to the database. - Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-26615
- PoC: https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-p5wx-pv8j-f96h
CVE-2025-25279
- Severity: 9.9 CRITICAL
- Impacted Products: Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2
- Description: Failure to properly validate board blocks when importing boards allows an attacker to read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.
- Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-25279
- PoC: https://github.com/numanturle/CVE-2025-25279/
CVE-2025-24893
- Severity: 9.8 CRITICAL
- Impacted Products: XWiki Platform
- Description: Any guest can perform arbitrary remote code execution through a request to
SolrSearch
. This impacts the confidentiality, integrity and availability of the whole XWiki installation. To reproduce on an instance, without being logged in, go to<host>/xwiki/bin/get/Main/SolrSearch?media=rss&text=%7D%7D%7D%7B%7Basync%20async%3Dfalse%7D%7D%7B%7Bgroovy%7D%7Dprintln%28"Hello%20from"%20%2B%20"%20search%20text%3A"%20%2B%20%2823%20%2B%2019%29%29%7B%7B%2Fgroovy%7D%7D%7B%7B%2Fasync%7D%7D%20
. If there is an output, and the title of the RSS feed containsHello from search text:42
, then the instance is vulnerable. This vulnerability has been patched in XWiki 15.10.11, 16.4.1 and 16.5.0RC1. Users are advised to upgrade. Users unable to upgrade may editMain.SolrSearchMacros
inSolrSearchMacros.xml
on line 955 to match therawResponse
macro inmacros.vm#L2824
with a content type ofapplication/xml
, instead of simply outputting the content of the feed. - Remediation: Follow developer advice.
- More Info: NVD - CVE-2025-24893
- PoC: https://github.com/iSee857/CVE-2025-24893-PoC/
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.