A Collection of Security Vulnerability Reports Discovered and Disclosed by ZAST.AI
This repository contains detailed analysis reports of security vulnerabilities discovered by the ZAST.AI. We are committed to responsible disclosure of these vulnerabilities and collaboration with the open-source community to enhance software security.
- Transparent sharing of discovered security vulnerabilities
- Helping developers understand and fix common security issues
- Promoting security awareness in the open-source community
- Establishing best practices for responsible vulnerability disclosure
| Project | Vulnerability Type | Report | CVE ID |
|---|---|---|---|
| node-formidable <=3.5.2 | Insecure File Upload & Filename Prediction | Report | CVE-2025-46653 |
| CodiMD low version | Insecure File Upload & CSP bypass | Report | CVE-2025-46654 |
| CodiMD high version | Insecure File Upload & CSP bypass | Report | CVE-2025-46655 |
| Apache Commons Configuration <=1.10.x | Remote Code Execution | Report | Reported |
| Apache Commons Configuration2 <=2.12.x | Remote Code Execution | Report | Reported |
| mall <=1.0.3 7a1ca5d | DOM XSS | Report | CVE-2025-8191 |
| mall <=1.0.3 7a1ca5d | JWT secret hardcoded | Report | duplicate |
| JeeSite <=5.12.0 b522b3f | SSRF | Report | CVE-2025-7759 |
| JeeSite <=5.12.0 b522b3f | Open Redirection | Report | CVE-2025-7763 |
| JeeSite <=5.12.0 b522b3f | Open Redirection | Report | CVE-2025-7785 |
| JeeSite <=5.12.0 b522b3f | Open Redirection | Report | CVE-2025-7863 |
| JeeSite <=5.12.0 b522b3f | Insecure File Upload | Report | CVE-2025-7864 |
| JeeSite <=5.12.0 b522b3f | XSS filter bypass | Report | CVE-2025-7865 |
| JeeSite <=5.12.1 release | XSS filter bypass | Report | CVE-2025-9796 |
| GnuBoard v6 | Stored XSS | Report | CVE-2025-7786 |
| GnuBoard v6 | Open Redirect | Report | duplicate |
| xxl-job <=3.1.1 | SSRF | Report | CVE-2025-7787 |
| xxl-job <=3.1.1 | OS command injection | Report | CVE-2025-7788 |
| xxl-job <=3.1.1 | Insecure Cryptographic Algorithm | Report | CVE-2025-7789 |
| stirling-pdf <=1.0.2 | SSRF | Report | CVE-2025-55150 |
| stirling-pdf <=1.0.2 | SSRF | Report | CVE-2025-55151 |
| stirling-pdf <=1.0.2 | SSRF | Report | CVE-2025-55161 |
| Koa <=3.0.0 cb22d8d | Open Redirect | Report | CVE-2025-8129 |
| ruoyi v4.8.1 70194ae | DOM XSS | Report | CVE-2025-7901 |
| ruoyi v4.8.1 70194ae | Stored XSS | Report | CVE-2025-7902 |
| ruoyi v4.8.1 70194ae | Frame Injection | Report | CVE-2025-7903 |
| ruoyi v4.8.1 70194ae | Insecure File Upload | Report | CVE-2025-7906 |
| ruoyi v4.8.1 70194ae | Druid Credential Hardcoded | Report | CVE-2025-7907 |
| platform 1.0.0 ca9acef | SQL injection | Report | CVE-2025-7936 |
| platform 1.0.0 ca9acef | SQL injection | Report | CVE-2025-7935 |
| platform 1.0.0 ca9acef | SQL injection | Report | CVE-2025-7934 |
| jshERP <=3.5 | IDOR change password | Report | CVE-2025-7948 |
| jshERP <=3.5 | IDOR delete account | Report | CVE-2025-7947 |
| PublicCMS V5.202506.a | Open Redirect | Report | CVE-2025-7949 |
| PublicCMS V5.202506.a | Open Redirect | Report | CVE-2025-7953 |
| PublicCMS V5.202506.a | SSRF | Report | duplicate |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| deer-wms-2 525b6cf | Insecure Deserialization | Report | rejected |
| deer-wms-2 525b6cf | Insecure Deserialization | Report | rejected |
| deer-wms-2 525b6cf | Shiro-550 | Report | rejected |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8123 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8124 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8125 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8126 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8127 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8161 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8162 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8163 |
| letao 7d8df03 | Arbitrarily File Upload | Report | CVE-2025-8128 |
| ChanCMS <3.1.3 | Arbitrary File Deletion | Report | CVE-2025-8132 |
| ChanCMS <3.1.3 | SSRF | Report | CVE-2025-8133 |
| ChanCMS <3.1.3 | SSRF | Report | CVE-2025-8228 |
| ChanCMS <3.1.3 | RCE | Report | CVE-2025-8266 |
| ChanCMS <3.1.3 | RCE | Report | CVE-2025-8227 |
| ChanCMS <3.1.3 | Information Disclosure | Report | CVE-2025-8226 |
| eladmin <=2.7 | Druid Credential Hardcoded | Report | CVE-2025-8530 |
| favorites-web <=1.3.0 | SSRF | Report | CVE-2025-8529 |
| xboot <=3.3.4 | Sensitive Info is included in Cookies | Report | CVE-2025-8528 |
| xboot <=3.3.4 | SSRF | Report | CVE-2025-8527 |
| xboot <=3.3.4 | Arbitrarily File Upload | Report | CVE-2025-8526 |
| xboot <=3.3.4 | Info Disclosure | Report | CVE-2025-8525 |
| PyBBS <=6.0.0 | CAPTCHA reuse Vulnerability | Report | CVE-2025-8546 |
| PyBBS <=6.0.0 | Registration email is not verified | Report | CVE-2025-8547 |
| PyBBS <=6.0.0 | No password security policy | Report | CVE-2025-8549 |
| PyBBS <=6.0.0 | Enumerate registered emails | Report | CVE-2025-8548 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/topic/list | Report | CVE-2025-8550 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/comment/list | Report | CVE-2025-8551 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/tag/list | Report | CVE-2025-8552 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/sensitive_word/list | Report | CVE-2025-8553 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/user/list | Report | CVE-2025-8554 |
| PyBBS <=6.0.0 | Reflected XSS - /search | Report | CVE-2025-8555 |
| PyBBS <=6.0.0 | Stored XSS | Report | CVE-2025-8812 |
| PyBBS <=6.0.0 | Open Redirect | Report | CVE-2025-8813 |
| PyBBS <=6.0.0 | CSRF - modify user info | Report | CVE-2025-8814 |
| PyBBS <=6.0.0 | CSRF - delete account | Report | Submission Merged |
| microservices-platform <=6.0.0 | Insecure File Upload | Report | CVE-2025-8841 |
| microservices-platform <=6.0.0 | Open Redirect | Report | CVE-2025-8737 |
| microservices-platform <=6.0.0 | Information Disclosure | Report | CVE-2025-8738 |
| My-Blog <=1.0.0 | CSRF | Report | CVE-2025-8739 |
| My-Blog <=1.0.0 | Stored XSS | Report | CVE-2025-8740 |
| My-Blog <=1.0.0 | Stored XSS | Report | CVE-2025-9101 |
| My-Blog <=1.0.0 | Stored XSS | Report | duplicate |
| My-Blog <=1.0.0 | CAPTCHA reuse vulerability | Report | CVE-2025-9100 |
| litemall <=1.8.0 | Insecure File Upload | Report | CVE-2025-8965 |
| litemall <=1.8.0 | Logic vulerability | Report | CVE-2025-8991 |
| mblog <=3.5.0 | No CSRF protection | Report | CVE-2025-8992 |
| mblog <=3.5.0 | Username & Password Enum | Report | duplicate |
| mblog <=3.5.0 | Password Enum | Report | CVE-2025-9004 |
| mblog <=3.5.0 | Usename Enum & Batch registration | Report | CVE-2025-9005 |
| mblog <=3.5.0 | Email Enumeration | Report | CVE-2025-8927 |
| mblog <=3.5.0 | Stored XSS | Report | CVE-2025-9407 |
| mblog <=3.5.0 | Stored XSS | Report | CVE-2025-9429 |
| mblog <=3.5.0 | Stored XSS | Report | Submission Merged |
| mblog <=3.5.0 | Stored XSS | Report | CVE-2025-9430 |
| mblog <=3.5.0 | Reflected XSS | Report | CVE-2025-9431 |
| mblog <=3.5.0 | Reflected XSS | Report | CVE-2025-9432 |
| mblog <=3.5.0 | Reflected XSS | Report | CVE-2025-9433 |
| mblog <=3.5.0 | Reflected XSS | Report | CVE-2025-9647 |
| mblog <=3.5.0 | SSTI | Report | duplicate |
| tianti <=2.3.0 | Insecure File Upload (guest) | Report | rejected |
| tianti <=2.3.0 | Insecure File Upload | Report | CVE-2025-9795 |
| tianti <=2.3.0 | SSRF | Report | rejected |
| expressCart <=1.0.0 | Frame Injection | Report | CVE-2025-9797 |
| langfuse <=3.88.0 | SSRF | Report | CVE-2025-9799 |
| sim <=1.0.0 | Insecure File Upload | Report | CVE-2025-9800 |
| sim <=1.0.0 | Arbitrary File Deletion | Report | CVE-2025-9801 |
| sim <=1.0.0 | SSRF | Report | CVE-2025-10096 |
| sim <=1.0.0 | RCE | Report | CVE-2025-10097 |
| WP Plugin Double the Donation <=2.0.0 | Stored XSS | Report | CVE-2025-12020 |
| WP Plugin YouTube Subscribe <=3.0.0 | Stored XSS | Report | CVE-2025-12025 |
| WP Plugin Featured Image <=2.1 | Stored XSS | Report | CVE-2025-12019 |
| WP Plugin MembershipWorks <=6.14 | Stored XSS | Report | CVE-2025-12018 |
| WP Plugin Custom Html Bodyhead <=0.51 | Stored XSS | Report | duplicate |
| WP Plugin Terms of Service & Privacy Policy Generator <=1.0 | Stored XSS | Report | duplicate |
| WP Plugin Sirvoy Booking Engine <= 5.0 | Stored XSS | Report | rejected |
| WordPress Core <= 6.8.2 | Stored XSS | Report | rejected |
| PowerJob <=5.1.2 | SSRF | Report | CVE-XXX |
Each vulnerability report typically includes the following sections:
- Vulnerability Overview
- Technical Details
- Impact Assessment
- Reproduction Steps
- Browse the Vulnerability Report List to find reports of interest
- Each report is located in its own directory with complete analysis documentation
- Related PoC code and remediation guidelines can be found in the report directory
We welcome community contributions:
- Report errors or provide additional information
- Improve documentation quality
- Share experiences with similar vulnerabilities
- Suggest additional mitigation measures
Please submit your contributions through Issues or Pull Requests.
- All vulnerability information is provided for educational and defensive purposes only
- Ensure you have proper authorization before using any PoC code
- We are not responsible for any damages resulting from misuse of this information
- Email: [email protected]
Maintained by ZAST.AI Team
Dedicated to Building a More Secure Open Source Ecosystem.