CVE-2025-13780

This PoC demonstrates a command execution vulnerability in pgAdmin4 < 9.11 due to a bypass in the meta-command filter when a SQL file begins with a UTF-8 BOM. The filter fails to detect meta-commands, allowing arbitrary command execution during a restore operation.

The repository contains detailed technical writeups for multiple CVEs, including CVE-2025-13780, with root cause analysis, exploit details, and mitigation recommendations. No functional exploit code is present, but the analysis demonstrates a deep understanding of the vulnerabilities.

This repository contains a scanner for CVE-2025-13780, a Remote Code Execution (RCE) vulnerability in pgAdmin 4 versions ≤ 8.14. The scanner checks for the presence of the vulnerability by testing regex bypass methods (UTF-8 BOM and CRLF injection) in the Restore feature.

This repository contains a functional exploit for CVE-2025-13780, a UTF-8 BOM meta-command filter bypass vulnerability in PgAdmin4. The exploit includes both scanning and exploitation capabilities, leveraging a UTF-8 BOM prefix to bypass pgAdmin's meta-command detection and execute arbitrary shell commands.

This repository provides a detailed technical analysis of CVE-2025-13780, a critical RCE vulnerability in pgAdmin 4 due to insufficient regex validation in the restore functionality. It includes bypass methods (UTF-8 BOM and CRLF injection) and a scanner for detection.

This PoC automates the exploitation of CVE-2025-13780 in pgAdmin by authenticating, connecting to a server, and triggering a vulnerable restore job. It checks for an indicator file to confirm successful exploitation.