Julien Voisin

7 exploits Active since Feb 2023
CVE-2025-14611 METASPLOIT CRITICAL ruby WORKING POC
Gladinet CentreStack & Triofox <16.12.10420.56791 - Code Injection
Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 used hardcoded values for their implementation of the AES cryptoscheme. This degrades security for public exposed endpoints that may make use of it and may offer arbitrary local file inclusion when provided a specially crafted request without authentication. This opens the door for future exploitation and can be leveraged with previous vulnerabilities to gain a full system compromise.
CVSS 9.8
CVE-2023-6063 METASPLOIT HIGH ruby WORKING POC
WordPress WP Fastest Cache Unauthenticated SQLi (CVE-2023-6063)
The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.
CVSS 7.5
CVE-2025-58360 METASPLOIT HIGH ruby WORKING POC
GeoServer WMS GetMap XXE Arbitrary File Read
GeoServer is an open source server that allows users to share and edit geospatial data. From version 2.26.0 to before 2.26.2 and before 2.25.6, an XML External Entity (XXE) vulnerability was identified. The application accepts XML input through a specific endpoint /geoserver/wms operation GetMap. However, this input is not sufficiently sanitized or restricted, allowing an attacker to define external entities within the XML request. This issue has been patched in GeoServer 2.25.6, GeoServer 2.26.3, and GeoServer 2.27.0.
CVSS 8.2
CVE-2025-30406 METASPLOIT CRITICAL ruby WORKING POC
Gladinet CentreStack < 16.4.10315.56368 Use of Hard-coded Key Leads to Unauthenticated RCE
Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.56368) has a deserialization vulnerability due to the CentreStack portal's hardcoded machineKey use, as exploited in the wild in March 2025. This enables threat actors (who know the machineKey) to serialize a payload for server-side deserialization to achieve remote code execution. NOTE: a CentreStack admin can manually delete the machineKey defined in portal\web.config.
CVSS 9.0
CVE-2024-8517 METASPLOIT CRITICAL ruby WORKING POC
SPIP <4.3.2-4.1.18 - Command Injection
SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request.
CVSS 9.8
CVE-2024-7954 METASPLOIT CRITICAL ruby WORKING POC
SPIP porte_plume - Unauthenticated PHP Code Execution
The porte_plume plugin used by SPIP before 4.30-alpha2, 4.2.13, and 4.1.16 is vulnerable to an arbitrary code execution vulnerability. A remote and unauthenticated attacker can execute arbitrary PHP as the SPIP user by sending a crafted HTTP request.
CVSS 9.8
CVE-2023-27372 METASPLOIT CRITICAL ruby WORKING POC
SPIP < 4.2.1 - Remote Code Execution via Form Value Deserialization
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
CVSS 9.8