Exploit Intelligence Platform

CVE-2025-54236 9.1 CRITICAL KEV 5 PoCs Analysis NUCLEI EPSS 0.74

Magento SessionReaper

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.

CWE-20 Sep 09, 2025

CVE-2025-49113 9.9 CRITICAL KEV 28 PoCs Analysis NUCLEI EPSS 0.90

Roundcube Webmail < 1.5.10 - Insecure Deserialization

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.

CWE-502 Jun 02, 2025

CVE-2025-35939 5.3 MEDIUM KEV EPSS 0.30

Craft CMS - RCE

Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an independent vulnerability. Craft CMS redirects requests that require authentication to the login page and generates a session file on the server at '/var/lib/php/sessions'. Such session files are named 'sess_[session_value]', where '[session_value]' is provided to the client in a 'Set-Cookie' response header. Craft CMS stores the return URL requested by the client without sanitizing parameters. Consequently, an unauthenticated client can introduce arbitrary values, such as PHP code, to a known local file location on the server. Craft CMS versions 5.7.5 and 4.15.3 have been released to address this issue.

CWE-472 May 07, 2025

CVE-2024-58136 9.0 CRITICAL KEV 1 Writeup NUCLEI EPSS 0.61

Yii 2 <2.0.52 - RCE

Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an __class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025.

CWE-424 Apr 10, 2025

CVE-2025-23209 8.0 HIGH KEV 1 Writeup EPSS 0.19

Craftcms Craft Cms < 4.13.8 - Code Injection

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. This is an remote code execution (RCE) vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised. Anyone running an unpatched version of Craft with a compromised security key is affected. This vulnerability has been patched in Craft 5.5.8 and 4.13.8. Users who cannot update to a patched version, should rotate their security keys and ensure their privacy to help migitgate the issue.

CWE-94 Jan 18, 2025

CVE-2024-56145 9.8 CRITICAL KEV 4 PoCs Analysis NUCLEI EPSS 0.94

Craft CMS Twig Template Injection RCE via FTP Templates Path

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has `register_argc_argv` enabled. For these users an unspecified remote code execution vector is present. Users are advised to update to version 3.9.14, 4.13.2, or 5.5.2. Users unable to upgrade should disable `register_argc_argv` to mitigate the issue.

CWE-94 Dec 18, 2024

CVE-2024-34102 9.8 CRITICAL KEV 27 PoCs Analysis NUCLEI EPSS 0.94

CosmicSting: Magento Arbitrary File Read (CVE-2024-34102) + PHP Buffer Overflow in the iconv() function of glibc (CVE-2024-2961)

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.

CWE-611 Jun 13, 2024

CVE-2022-24086 9.8 CRITICAL KEV 10 PoCs Analysis NUCLEI EPSS 0.94

Adobe Commerce <2.4.3-p1, <2.3.7-p2 - RCE

Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.

CWE-20 Feb 16, 2022

CVE-2021-32648 8.2 HIGH KEV 2 PoCs 1 Writeup Analysis NUCLEI EPSS 0.93

October < 1.1.5 - Authentication Bypass

octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.

CWE-287 Aug 26, 2021

CVE-2021-21311 7.2 HIGH KEV 4 PoCs Analysis NUCLEI EPSS 0.94

Adminer < 4.7.9 - SSRF

Adminer is an open-source database management in a single PHP file. In adminer from version 4.0.0 and before 4.7.9 there is a server-side request forgery vulnerability. Users of Adminer versions bundling all drivers (e.g. `adminer.php`) are affected. This is fixed in version 4.7.9.

CWE-918 Feb 11, 2021

CVE-2020-36193 7.5 HIGH KEV RANSOMWARE 1 Writeup EPSS 0.71

PHP Archive Tar < 1.4.11 - Path Traversal

Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.

CWE-22 Jan 18, 2021

CVE-2021-3129 9.8 CRITICAL KEV RANSOMWARE 34 PoCs Analysis NUCLEI EPSS 0.94

Ignition <2.5.2 - RCE

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.

Jan 12, 2021

CVE-2020-13671 8.8 HIGH KEV RANSOMWARE EPSS 0.05

Drupal < 7.74 - Unrestricted File Upload

Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.

CWE-434 Nov 20, 2020

CVE-2020-28949 7.8 HIGH KEV RANSOMWARE 2 PoCs Analysis EPSS 0.93

Archive_Tar <1.4.10 - Code Injection

Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed.

Nov 19, 2020

CVE-2020-11023 6.9 MEDIUM KEV 7 PoCs Analysis EPSS 0.36

jQuery <3.5.0 - XSS

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CWE-79 Apr 29, 2020

CVE-2019-6340 8.1 HIGH KEV 16 PoCs Analysis NUCLEI EPSS 0.94

Drupal < 8.5.11 - Insecure Deserialization

Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows PATCH or POST requests, or the site has another web services module enabled, like JSON:API in Drupal 8, or Services or RESTful Web Services in Drupal 7. (Note: The Drupal 7 Services module itself does not require an update at this time, but you should apply other contributed updates associated with this advisory if Services is in use.)

CWE-502 Feb 21, 2019

CVE-2018-15133 8.1 HIGH KEV 15 PoCs Analysis EPSS 0.84

Laravel Framework <5.6.30 - RCE

In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.

CWE-502 Aug 09, 2018

CVE-2018-7602 9.8 CRITICAL KEV RANSOMWARE 11 PoCs Analysis NUCLEI EPSS 0.94

Drupal < 7.59 - Code Injection

A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.

CWE-94 Jul 19, 2018

CVE-2018-7600 9.8 CRITICAL KEV RANSOMWARE 61 PoCs Analysis NUCLEI EPSS 0.94

Drupal Drupalgeddon 2 Forms API Property Injection

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

CWE-20 Mar 29, 2018

CVE-2017-9841 9.8 CRITICAL KEV 21 PoCs Analysis NUCLEI EPSS 0.94

PHPUnit <4.8.28, <5.6.3 - RCE

Util/PHP/eval-stdin.php in PHPUnit before 4.8.28 and 5.x before 5.6.3 allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "<?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI.

CWE-94 Jun 27, 2017

CVE & Exploit Intelligence Database

Investigate

Ecosystems

Reference Indexes

Recent Blog Posts

CVEForge Labs

KEV Gaps