𝐸𝓍𝟥𝓅𝓉𝒾𝑜𝓃𝒶𝐿
@ex3ptional.bsky.social
Independent cybersecurity researcher with Contributor to public security ecosystems including Rapid7 Metasploit, CVE records, and VulnCheck advisories.
@rapid7.com
@rapid7.com
Pinned
Rapid7
Rapid7's VulnDB is curated repository of vetted computer software exploits and exploitable vulnerabilities.
www.rapid7.com
WonderCMS Remote Code Execution
-------------------
Description
This module exploits CVE-2023-41425, an authenticated file upload vulnerability affecting WonderCMS between 3.2.0 and 3.4.2.
--------------------
msutovsky-r7
Ex3ptionaL
www.rapid7.com/db/modules/e...
-------------------
Description
This module exploits CVE-2023-41425, an authenticated file upload vulnerability affecting WonderCMS between 3.2.0 and 3.4.2.
--------------------
msutovsky-r7
Ex3ptionaL
www.rapid7.com/db/modules/e...
EUVD-2025-202935
---
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges.
---
euvd.enisa.europa.eu/enisa/EUVD-2...
---
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges.
---
euvd.enisa.europa.eu/enisa/EUVD-2...
EUVD
European Vulnerability Database
euvd.enisa.europa.eu
January 15, 2026 at 9:02 PM
EUVD-2025-202935
---
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges.
---
euvd.enisa.europa.eu/enisa/EUVD-2...
---
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges.
---
euvd.enisa.europa.eu/enisa/EUVD-2...
WonderCMS Remote Code Execution
-------------------
Description
This module exploits CVE-2023-41425, an authenticated file upload vulnerability affecting WonderCMS between 3.2.0 and 3.4.2.
--------------------
msutovsky-r7
Ex3ptionaL
www.rapid7.com/db/modules/e...
-------------------
Description
This module exploits CVE-2023-41425, an authenticated file upload vulnerability affecting WonderCMS between 3.2.0 and 3.4.2.
--------------------
msutovsky-r7
Ex3ptionaL
www.rapid7.com/db/modules/e...
Rapid7
Rapid7's VulnDB is curated repository of vetted computer software exploits and exploitable vulnerabilities.
www.rapid7.com
January 15, 2026 at 7:56 PM
WonderCMS Remote Code Execution
-------------------
Description
This module exploits CVE-2023-41425, an authenticated file upload vulnerability affecting WonderCMS between 3.2.0 and 3.4.2.
--------------------
msutovsky-r7
Ex3ptionaL
www.rapid7.com/db/modules/e...
-------------------
Description
This module exploits CVE-2023-41425, an authenticated file upload vulnerability affecting WonderCMS between 3.2.0 and 3.4.2.
--------------------
msutovsky-r7
Ex3ptionaL
www.rapid7.com/db/modules/e...
Title
WPForms 1.7.8 - Cross-Site Scripting (XSS)
Summary
WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter.
vulnerability.circl.lu/vuln/cve-202...
WPForms 1.7.8 - Cross-Site Scripting (XSS)
Summary
WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter.
vulnerability.circl.lu/vuln/cve-202...
Vulnerability-Lookup
Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.
vulnerability.circl.lu
January 15, 2026 at 7:53 PM
Title
WPForms 1.7.8 - Cross-Site Scripting (XSS)
Summary
WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter.
vulnerability.circl.lu/vuln/cve-202...
WPForms 1.7.8 - Cross-Site Scripting (XSS)
Summary
WPForms 1.7.8 contains a cross-site scripting vulnerability in the slider import search feature and tab parameter.
vulnerability.circl.lu/vuln/cve-202...
My new CVE AnyDesk
CVE-2025-34499 - AnyDesk 9.0.1 Unquoted Service Path Privilege Escalation Vulnerability
CVE ID : CVE-2025-34499
Published : Dec. 11, 2025, 10:15 p.m. | 52 minutes ago
Description : AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local...
CVE ID : CVE-2025-34499
Published : Dec. 11, 2025, 10:15 p.m. | 52 minutes ago
Description : AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local...
CVE-2025-34499 - AnyDesk 9.0.1 Unquoted Service Path Privilege Escalation Vulnerability
AnyDesk 7.0.15 and 9.0.1 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated SYSTEM privileges. Attackers can exploit the unquoted service path configuration to inject malicious executables that will be run with high-level system permissions.
cvefeed.io
January 15, 2026 at 7:52 PM
My new CVE AnyDesk
Thanks for share my CVE 🙏
CVE-2023-54331 - Outline 1.6.0 - Unquoted Service Path
CVE ID : CVE-2023-54331
Published : Jan. 13, 2026, 11:16 p.m. | 2 hours, 14 minutes ago
Description : Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute a...
CVE ID : CVE-2023-54331
Published : Jan. 13, 2026, 11:16 p.m. | 2 hours, 14 minutes ago
Description : Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute a...
CVE-2023-54331 - Outline 1.6.0 - Unquoted Service Path
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalSystem permissions.
cvefeed.io
January 15, 2026 at 7:34 PM
Thanks for share my CVE 🙏