A Collection of Security Vulnerability Reports Discovered and Disclosed by ZAST.AI
This repository contains detailed analysis reports of security vulnerabilities discovered by the ZAST.AI. We are committed to responsible disclosure of these vulnerabilities and collaboration with the open-source community to enhance software security.
- Transparent sharing of discovered security vulnerabilities
- Helping developers understand and fix common security issues
- Promoting security awareness in the open-source community
- Establishing best practices for responsible vulnerability disclosure
| Project | Vulnerability Type | Report | CVE ID |
|---|---|---|---|
| node-formidable <=3.5.2 | Insecure File Upload & Filename Prediction | Report | CVE-2025-46653 |
| CodiMD low version | Insecure File Upload & CSP bypass | Report | CVE-2025-46654 |
| CodiMD high version | Insecure File Upload & CSP bypass | Report | CVE-2025-46655 |
| Apache Commons Configuration <=1.10.x | Remote Code Execution | Report | Submission Merged |
| Apache Commons Configuration2 <=2.12.x | Remote Code Execution | Report | Submission Merged |
| mall <=1.0.3 7a1ca5d | DOM XSS | Report | CVE-2025-8191 |
| mall <=1.0.3 7a1ca5d | JWT secret hardcoded | Report | duplicate |
| JeeSite <=5.12.0 b522b3f | SSRF | Report | CVE-2025-7759 |
| JeeSite <=5.12.0 b522b3f | Open Redirection | Report | CVE-2025-7763 |
| JeeSite <=5.12.0 b522b3f | Open Redirection | Report | CVE-2025-7785 |
| JeeSite <=5.12.0 b522b3f | Open Redirection | Report | CVE-2025-7863 |
| JeeSite <=5.12.0 b522b3f | Insecure File Upload | Report | CVE-2025-7864 |
| JeeSite <=5.12.0 b522b3f | XSS filter bypass | Report | CVE-2025-7865 |
| GnuBoard v6 | Stored XSS | Report | CVE-2025-7786 |
| GnuBoard v6 | Open Redirect | Report | duplicate |
| xxl-job <=3.1.1 | SSRF | Report | CVE-2025-7787 |
| xxl-job <=3.1.1 | OS command injection | Report | CVE-2025-7788 |
| xxl-job <=3.1.1 | Insecure Cryptographic Algorithm | Report | CVE-2025-7789 |
| stirling-pdf <=1.0.2 | SSRF | Report | reported on GH |
| stirling-pdf <=1.0.2 | SSRF | Report | reported on GH |
| stirling-pdf <=1.0.2 | SSRF | Report | reported on GH |
| Koa <=3.0.0 cb22d8d | Open Redirect | Report | CVE-2025-8129 |
| ruoyi v4.8.1 70194ae | DOM XSS | Report | CVE-2025-7901 |
| ruoyi v4.8.1 70194ae | Stored XSS | Report | CVE-2025-7902 |
| ruoyi v4.8.1 70194ae | Frame Injection | Report | CVE-2025-7903 |
| ruoyi v4.8.1 70194ae | Insecure File Upload | Report | CVE-2025-7906 |
| ruoyi v4.8.1 70194ae | Druid Credential Hardcoded | Report | CVE-2025-7907 |
| platform 1.0.0 ca9acef | SQL injection | Report | CVE-2025-7936 |
| platform 1.0.0 ca9acef | SQL injection | Report | CVE-2025-7935 |
| platform 1.0.0 ca9acef | SQL injection | Report | CVE-2025-7934 |
| jshERP <=3.5 | IDOR change password | Report | CVE-2025-7948 |
| jshERP <=3.5 | IDOR delete account | Report | CVE-2025-7947 |
| PublicCMS V5.202506.a | Open Redirect | Report | CVE-2025-7949 |
| PublicCMS V5.202506.a | Open Redirect | Report | CVE-2025-7953 |
| PublicCMS V5.202506.a | SSRF | Report | duplicate |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| PublicCMS V5.202506.a | Insecure File Upload | Report | rejected |
| deer-wms-2 525b6cf | Insecure Deserialization | Report | rejected |
| deer-wms-2 525b6cf | Insecure Deserialization | Report | rejected |
| deer-wms-2 525b6cf | Shiro-550 | Report | rejected |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8123 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8124 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8125 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8126 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8127 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8161 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8162 |
| deer-wms-2 525b6cf | SQL injection | Report | CVE-2025-8163 |
| letao 7d8df03 | Arbitrarily File Upload | Report | CVE-2025-8128 |
| ChanCMS <3.1.3 | Arbitrary File Deletion | Report | CVE-2025-8132 |
| ChanCMS <3.1.3 | SSRF | Report | CVE-2025-8133 |
| ChanCMS <3.1.3 | SSRF | Report | CVE-2025-8228 |
| ChanCMS <3.1.3 | RCE | Report | CVE-2025-8266 |
| ChanCMS <3.1.3 | RCE | Report | CVE-2025-8227 |
| ChanCMS <3.1.3 | Information Disclosure | Report | CVE-2025-8226 |
| eladmin <=2.7 | Druid Credential Hardcoded | Report | CVE-2025-8530 |
| favorites-web <=1.3.0 | SSRF | Report | CVE-2025-8529 |
| xboot <=3.3.4 | Sensitive Info is included in Cookies | Report | CVE-2025-8528 |
| xboot <=3.3.4 | SSRF | Report | CVE-2025-8527 |
| xboot <=3.3.4 | Arbitrarily File Upload | Report | CVE-2025-8526 |
| xboot <=3.3.4 | Info Disclosure | Report | CVE-2025-8525 |
| PyBBS <=6.0.0 | CAPTCHA reuse Vulnerability | Report | CVE-2025-8546 |
| PyBBS <=6.0.0 | Registration email is not verified | Report | CVE-2025-8547 |
| PyBBS <=6.0.0 | No password security policy | Report | CVE-2025-8549 |
| PyBBS <=6.0.0 | Enumerate registered emails | Report | CVE-2025-8548 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/topic/list | Report | CVE-2025-8550 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/comment/list | Report | CVE-2025-8551 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/tag/list | Report | CVE-2025-8552 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/sensitive_word/list | Report | CVE-2025-8553 |
| PyBBS <=6.0.0 | Reflected XSS - /admin/user/list | Report | CVE-2025-8554 |
| PyBBS <=6.0.0 | Reflected XSS - /search | Report | CVE-2025-8555 |
| PyBBS <=6.0.0 | Stored XSS | Report | CVE submitted |
| PyBBS <=6.0.0 | Open Redirect | Report | CVE submitted |
| PyBBS <=6.0.0 | CSRF - modify user info | Report | CVE submitted |
| PyBBS <=6.0.0 | CSRF - delete account | Report | CVE submitted |
| microservices-platform <=6.0.0 | Insecure File Upload | Report | CVE submitted |
| microservices-platform <=6.0.0 | Open Redirect | Report | CVE submitted |
| microservices-platform <=6.0.0 | Information Disclosure | Report | CVE submitted |
| My-Blog <=1.0.0 | CSRF | Report | CVE submitted |
| My-Blog <=1.0.0 | Stored XSS | Report | CVE submitted |
| My-Blog <=1.0.0 | Stored XSS | Report | CVE submitted |
| My-Blog <=1.0.0 | Stored XSS | Report | CVE submitted |
| My-Blog <=1.0.0 | CAPTCHA reuse vulerability | Report | CVE submitted |
| litemall <=1.8.0 | Insecure File Upload | Report | CVE submitted |
| litemall <=1.8.0 | Logic vulerability | Report | reported |
| mblog <=3.5.0 | No CSRF protection | Report | reported |
| mblog <=3.5.0 | Brute Force Username & Password | Report | reported |
| mblog <=3.5.0 | Brute Force Password | Report | reported |
| mblog <=3.5.0 | Brute Force Usename & Batch account registration | Report | reported |
| mblog <=3.5.0 | Brute Force Email | Report | reported |
| mblog <=3.5.0 | Stored XSS | Report | reported |
| mblog <=3.5.0 | Stored XSS | Report | reported |
| mblog <=3.5.0 | Stored XSS | Report | reported |
| mblog <=3.5.0 | Stored XSS | Report | reported |
| mblog <=3.5.0 | Reflected XSS | Report | reported |
| mblog <=3.5.0 | Reflected XSS | Report | reported |
| mblog <=3.5.0 | Reflected XSS | Report | reported |
| mblog <=3.5.0 | Reflected XSS | Report | reported |
| mblog <=3.5.0 | SSTI | Report | reported |
| tianti <=2.3.0 | Insecure File Upload (guest) | Report | reported |
| tianti <=2.3.0 | Insecure File Upload | Report | reported |
| tianti <=2.3.0 | SSRF | Report | reported |
| expressCart <=1.0.0 | Frame Injection | Report | reported |
| langfuse <=3.88.0 | SSRF | Report | reported |
| sim <=1.0.0 | Insecure File Upload | Report | reported |
| sim <=1.0.0 | Arbitrary File Deletion | Report | reported |
| sim <=1.0.0 | SSRF | Report | reported |
| sim <=1.0.0 | RCE | Report | reported |
Each vulnerability report typically includes the following sections:
- Vulnerability Overview
- Technical Details
- Impact Assessment
- Reproduction Steps
- Browse the Vulnerability Report List to find reports of interest
- Each report is located in its own directory with complete analysis documentation
- Related PoC code and remediation guidelines can be found in the report directory
We welcome community contributions:
- Report errors or provide additional information
- Improve documentation quality
- Share experiences with similar vulnerabilities
- Suggest additional mitigation measures
Please submit your contributions through Issues or Pull Requests.
- All vulnerability information is provided for educational and defensive purposes only
- Ensure you have proper authorization before using any PoC code
- We are not responsible for any damages resulting from misuse of this information
- Email: [email protected]
Maintained by ZAST.AI Team
Dedicated to Building a More Secure Open Source Ecosystem