> For the complete documentation index, see [llms.txt](https://beafn28.gitbook.io/beafn28/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://beafn28.gitbook.io/beafn28/cve-and-poc.md).

# CVE & PoC

- [Brute Force Login Vulnerability in Soosyze CMS 2.0 (CVE-2025-52392)](https://beafn28.gitbook.io/beafn28/cve-and-poc/brute-force-login-vulnerability-in-soosyze-cms-2.0-cve-2025-52392.md)
- [PoC - CVE-2025-9140 (Lingdang CRM 8.6.4.7)- SQL Injection](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-9140-lingdang-crm-8.6.4.7-sql-injection.md)
- [Broken Access Control in LibreTime analytics endpoints (CVE-2025-60427)](https://beafn28.gitbook.io/beafn28/cve-and-poc/broken-access-control-in-libretime-analytics-endpoints-cve-2025-60427.md)
- [WordPress Upload.am – Contributor+ Arbitrary Option Disclosure (CVE-2025-12630)](https://beafn28.gitbook.io/beafn28/cve-and-poc/wordpress-upload.am-contributor+-arbitrary-option-disclosure-cve-2025-12630.md)
- [Directus < 11.13.0 – Improper Permission Handling on Deleted Fields (CVE-2025-64746)](https://beafn28.gitbook.io/beafn28/cve-and-poc/directus-less-than-11.13.0-improper-permission-handling-on-deleted-fields-cve-2025-64746.md)
- [nopCommerce <= 4.70 and 4.80.3 – Insufficient Session Cookie Invalidation (CVE-2025-11699)](https://beafn28.gitbook.io/beafn28/cve-and-poc/nopcommerce-less-than-4.70-and-4.80.3-insufficient-session-cookie-invalidation-cve-2025-11699.md)
- [Typesetter CMS Reflected XSS via Editing Component (CVE-2025-71164)](https://beafn28.gitbook.io/beafn28/cve-and-poc/typesetter-cms-reflected-xss-via-editing-component-cve-2025-71164.md)
- [Typesetter CMS Reflected XSS via Status.php (CVE-2025-71165)](https://beafn28.gitbook.io/beafn28/cve-and-poc/typesetter-cms-reflected-xss-via-status.php-cve-2025-71165.md)
- [Typesetter CMS Reflected XSS via Move Message Handling (CVE-2025-71166)](https://beafn28.gitbook.io/beafn28/cve-and-poc/typesetter-cms-reflected-xss-via-move-message-handling-cve-2025-71166.md)
- [HP ZBook Firefly 14 inch G11 - UEFI Protection Bypass via Windows Recovery Environment (WinRE)](https://beafn28.gitbook.io/beafn28/cve-and-poc/hp-zbook-firefly-14-inch-g11-uefi-protection-bypass-via-windows-recovery-environment-winre.md)
- [PoC - CVE-2025-10327 (RPi-Jukebox-RFID 2.8.0) – Remote Command Execution](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-10327-rpi-jukebox-rfid-2.8.0-remote-command-execution.md)
- [birkir prime GraphQL GET-Based CSRF (CVE-2025-15550)](https://beafn28.gitbook.io/beafn28/cve-and-poc/birkir-prime-graphql-get-based-csrf-cve-2025-15550.md)
- [FluentCMS Stored XSS via SVG Upload in File Management  (CVE-2025-15549)](https://beafn28.gitbook.io/beafn28/cve-and-poc/fluentcms-stored-xss-via-svg-upload-in-file-management-cve-2025-15549.md)
- [PoC - CVE-2025-10666 (D-Link DIR-825 Rev.B ≤ 2.10) - Stack Buffer Overflow (DoS)](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-10666-d-link-dir-825-rev.b-2.10-stack-buffer-overflow-dos.md)
- [PoC - CVE-2025-10370 (RPi-Jukebox-RFID 2.8.0) - Stored Cross-Site Scripting (XSS)](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-10370-rpi-jukebox-rfid-2.8.0-stored-cross-site-scripting-xss.md)
- [LavaLite CMS Stored XSS via Package Creation and Search (CVE-2025-71177)](https://beafn28.gitbook.io/beafn28/cve-and-poc/lavalite-cms-stored-xss-via-package-creation-and-search-cve-2025-71177.md)
- [PoC - CVE-2024-23334  (aiohttp ≤ 3.9.1) - Directory Traversal via follow\_symlinks](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2024-23334-aiohttp-3.9.1-directory-traversal-via-follow_symlinks.md)
- [PoC - Ingress-NGINX Admission Controller File Descriptor Injection to RCE (Varios CVE asociados)](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-ingress-nginx-admission-controller-file-descriptor-injection-to-rce-varios-cve-asociados.md)
- [PoC - CVE-2025-32023 (Redis) - Remote Code Execution (RCE)](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-32023-redis-remote-code-execution-rce.md)
- [PoC - CVE-2025-24054 - Windows NTLM Hash Disclosure via .library-ms Spoofing](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-24054-windows-ntlm-hash-disclosure-via-.library-ms-spoofing.md)
- [PoC - CVE-2023-4911 - glibc “Looney Tunables” Local Privilege Escalations](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2023-4911-glibc-looney-tunables-local-privilege-escalations.md)
- [PoC - CVE-2025-24054 - Windows NTLM Hash Disclosure / Spoofing](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-24054-windows-ntlm-hash-disclosure-spoofing.md)
- [Bludit CMS CSRF in Plugin and Theme Management Endpoints (CVE-2026-27741)](https://beafn28.gitbook.io/beafn28/cve-and-poc/bludit-cms-csrf-in-plugin-and-theme-management-endpoints-cve-2026-27741.md)
- [Bludit CMS Stored XSS in Post Content (CVE-2026-27742)](https://beafn28.gitbook.io/beafn28/cve-and-poc/bludit-cms-stored-xss-in-post-content-cve-2026-27742.md)
- [GetSimpleCMS-CE Stored XSS via components.php (CVE-2026-26351)](https://beafn28.gitbook.io/beafn28/cve-and-poc/getsimplecms-ce-stored-xss-via-components.php-cve-2026-26351.md)
- [Bio-Formats XXE in Leica Metadata Parser (CVE-2026-22186)](https://beafn28.gitbook.io/beafn28/cve-and-poc/bio-formats-xxe-in-leica-metadata-parser-cve-2026-22186.md)
- [PoC- CVE-2025-4524 - Local File Inclusion (WordPress Madara)](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-4524-local-file-inclusion-wordpress-madara.md)
- [PoC - CVE-2025-34040 - Arbitrary File Upload to RCE (Zhiyuan OA)](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-34040-arbitrary-file-upload-to-rce-zhiyuan-oa.md)
- [PoC- CVE-2025-4123 - SSRF / XSS via Open Redirect (Grafana)](https://beafn28.gitbook.io/beafn28/cve-and-poc/poc-cve-2025-4123-ssrf-xss-via-open-redirect-grafana.md)
- [SSCMS SQL Injection via stl:sqlContent queryString (CVE-2026-7435)](https://beafn28.gitbook.io/beafn28/cve-and-poc/sscms-sql-injection-via-stl-sqlcontent-querystring-cve-2026-7435.md)
- [SSCMS Reflected Cross-Site Scripting via STL Processing (CVE-2026-7429)](https://beafn28.gitbook.io/beafn28/cve-and-poc/sscms-reflected-cross-site-scripting-via-stl-processing-cve-2026-7429.md)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://beafn28.gitbook.io/beafn28/cve-and-poc.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.