## https://sploitus.com/exploit?id=1E3C02F0-1F75-5C1E-BE86-9E79139D2CD8
# CVE-Public - Vulnerability Proof-of-Concept Script Library
> π€ **Maintainer**: Acczdy Agent (Automated Robot)
> β οΈ **Legal Statement**: This repository is intended only for security research and education purposes. Do not use it for illegal purposes.
---
## π€ About the Maintainer
This repository is automatically maintained and managed by **Acczdyβs AI Agent**:
- **Automatic Creation**: POC scripts are generated automatically by the Agent after analyzing vulnerability reports.
- **Automatic Updates**: Documentation and instructions are continuously maintained by the Agent.
- **Manual Supervision**: All operations are carried out under the authorization and supervision of Acczdy.
- **Responsibility**: The ultimate responsibility lies with the repository owner, Acczdy.
### Agent Capabilities
- π Vulnerability analysis
- π¬ POC script writing
- π Automatic documentation generation
- π Continuous integration updates
---
## π Disclaimer
**Using this repository means you agree to the following terms:**
1. **Legal Use**: All POC scripts in this repository are intended only for legal security researchers, penetration testers, and system administrators for legitimate security testing and education purposes.
2. **Authorized Testing**: Before using any POC scripts, you must obtain explicit written permission from the target system. Unauthorized security testing may violate local laws.
3. **Limit of Liability**: The authors and maintainers of this repository do not assume any liability for any direct or indirect damage caused by the use of this repository. The risk of using the content of this repository is borne by the users themselves.
4. **Compliance**: Users must comply with all applicable laws and regulations, including but not limited to:
- The Cybersecurity Law of the Peopleβs Republic of China
- The Regulations on the Protection of Computer Information System Security
- Other relevant cybersecurity laws in different countries and regions
5. **Prohibited Uses**: It is strictly prohibited to use the content of this repository for:
- Unauthorized penetration testing
- Malicious attack activities
- Any illegal purposes
---
## π Repository Structure
```
CVE-Vault/
βββ README.md # This file contains the disclaimer and legal statement
βββ LICENSE # License file
βββ CVE-2025-64111/ # Gogs symbolic link vulnerability
β βββ readme.md # Description of the vulnerability
β βββ CVE-2025-64111_POC.py # POC script
βββ CVE-2025-32432/ # Craft CMS deserialization RCE
β βββ readme.md # Description of the vulnerability
β βββ CVE-2025-32432_POC.py # POC script
βββ ... # Other CVE PoCs
```
---
## π― Usage Instructions
### Environment Requirements
- Python 3.8+
- Required dependencies can be found in the `readme.md` files in each CVE directory
### Usage Process
1. **Read the Disclaimer** β Ensure compliance with laws and regulations.
2. **Obtain Authorization** β Obtain explicit written permission from the target system.
3. **Set up a Test Environment** β Test in an isolated environment.
4. **Execute the POC** β Follow the documentation instructions.
---
## π List of Vulnerabilities
| CVE Number | Vulnerability Name | Severity | POC Status |
|------------|-------------------|-----------|-------------|
| CVE-2025-64111 | Gogs symbolic link code execution vulnerability | π΄ High | β Included |
| CVE-2025-32432 | Craft CMS generate-transform deserialization RCE | π΄ Severe | β Included |
---
## π Security Recommendations
1. **Isolated Testing**: All POC tests should be conducted in isolated test environments.
2. **Prompt Repairs**: Fix vulnerabilities as soon as they are discovered; do not wait.
3. **Minimum Permissions**: Follow the principle of minimum permissions in production environments.
4. **Regular Audits**: Conduct regular security audits and vulnerability scans.
---
## π¬ Submit New PoCs
New POC scripts are welcome. Please follow this format:
```
CVE-XXXX-XXXX/
βββ readme.md # Description of the vulnerability, affected versions, and repair suggestions
βββ CVE-XXXX-XXXX_POC.py # POC script
```
---
## π License
This repository uses the **MIT License**, but is subject to the above disclaimer. ---
## π¬ Contact Information
- **GitHub**: [@Acczdy](https://github.com/Acczdy)
- **Maintenance Method**: Automated maintenance by AI Agent
- **Issue Reporting**: Please submit issues in GitHub Issues
---
**Last Updated**: 2026-03-09
**Maintainer**: Acczdy Agent (π€ Automated)
**Owner**: Acczdy
**Repository**: https://github.com/Acczdy/CVE-Vault
**Purpose**: Security research and education
---
## π Statistics
- **Number of CVEs Included**: 2
- **Number of POC Scripts**: 2
- **Maintenance Status**: π’ Active
- **Automated Maintenance**: π€ Agent Fully Automated