{"vulnerability": "cve-2023-41425", "sightings": [{"uuid": "f6fa2960-787e-42af-807f-b07e44ccf7d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2988", "content": "https://github.com/charlesgargasson/CVE-2023-41425\n\nhttps://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413\n\nCVE-2023-41425\n#github #poc", "creation_timestamp": "2024-08-12T13:00:54.000000Z"}, {"uuid": "66f6c7c2-5fa6-457d-a0b5-26d59fa20172", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1452", "content": "https://github.com/prodigiousMind/CVE-2023-41425\ncve-2023-41425\n\n#github #poc", "creation_timestamp": "2023-11-07T14:44:54.000000Z"}, {"uuid": "6a5a8f5c-7c3b-429c-83f8-02e0e7415358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9345", "content": "#exploit\n1. Exploiting AMD Zenbleed (CVE-2023-20593) from Chrome\nhttps://vu.ls/blog/exploiting-zenbleed-from-chrome\n]-> https://github.com/vu-ls/Zenbleed-Chrome-PoC\n\n2. CVE-2023-41425:\nXSS in Wonder CMS 3.2.0 - 3.4.2\nhttps://github.com/prodigiousMind/CVE-2023-41425\n\n3. Tool to create zip/tar/cpio archives to exploit common archive library issues and developer mistakes\nhttps://github.com/pentagridsec/archive_pwn", "creation_timestamp": "2023-11-07T11:01:00.000000Z"}, {"uuid": "b8cdba05-4de7-4fac-90a8-86a64368c266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13321", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-41425\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.\n\ud83d\udccf Published: 2023-11-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T18:30:56.274Z\n\ud83d\udd17 References:\n1. http://wondercms.com\n2. https://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413", "creation_timestamp": "2025-04-24T19:06:51.000000Z"}, {"uuid": "c9f8d86a-831b-49e2-94d3-d9ff5c20096b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8658", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-41425 (Wonder CMS XSS to RCE) exploit which serves required scripts locally. Good if you're lost at sea and have found a problem with your bike.\nURL\uff1ahttps://github.com/duck-sec/CVE-2023-41425\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-02T14:18:57.000000Z"}, {"uuid": "f8751d31-c4e3-40a6-8188-450b5d289066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8668", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aRCE and XSS exploits testing\nURL\uff1ahttps://github.com/thefizzyfish/CVE-2023-41425-wonderCMS_RCE\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-03T19:12:48.000000Z"}, {"uuid": "f775672d-4b6b-4531-b267-5c89e892d4ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "Telegram/awP8ckqKE2y34rcs6tjbDwmMzhasOsPjDttVM48TWCdkbcc", "content": "", "creation_timestamp": "2025-07-01T21:00:16.000000Z"}, {"uuid": "11ccccca-680b-4a40-aea9-b94eebc7bca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9573", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWonderCMS v3.2.0 - v3.4.2 XSS to RCE exploit\nURL\uff1ahttps://github.com/xpltive/CVE-2023-41425\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-12-23T14:27:03.000000Z"}, {"uuid": "e1573e2b-4c1f-4ad7-b187-69bea8306a20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/186", "content": "https://github.com/xpltive/CVE-2023-41425\n\nWonderCMS v3.2.0 - v3.4.2 XSS to RCE exploit\n#github #exploit #xss", "creation_timestamp": "2024-12-23T18:35:11.000000Z"}, {"uuid": "25041f83-e06f-422a-a972-8118a2b9b274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1656", "content": "#exploit\n1. Exploiting AMD Zenbleed (CVE-2023-20593) from Chrome\nhttps://vu.ls/blog/exploiting-zenbleed-from-chrome\n]-> https://github.com/vu-ls/Zenbleed-Chrome-PoC\n\n2. CVE-2023-41425:\nXSS in Wonder CMS 3.2.0 - 3.4.2\nhttps://github.com/prodigiousMind/CVE-2023-41425\n\n3. Tool to create zip/tar/cpio archives to exploit common archive library issues and developer mistakes\nhttps://github.com/pentagridsec/archive_pwn", "creation_timestamp": "2024-08-16T08:43:35.000000Z"}, {"uuid": "c38e83c7-982d-4ca9-86cc-73b422e2de0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnj3pgwf472y", "content": "", "creation_timestamp": "2025-04-23T21:02:23.607514Z"}, {"uuid": "17768051-ea04-4cbb-9c58-68957d73d891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wondercms_rce.rb", "content": "", "creation_timestamp": "2025-05-01T11:52:11.000000Z"}, {"uuid": "5dd8e390-10d8-4227-8424-46e733203dcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8240", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWonderCMS RCE CVE-2023-41425\nURL\uff1ahttps://github.com/insomnia-jacob/CVE-2023-41425\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-08-12T06:21:30.000000Z"}, {"uuid": "55d7ee9f-5dbb-400d-b75d-ce3228812e01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8235", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWonder CMS RCE\nURL\uff1ahttps://github.com/charlesgargasson/CVE-2023-41425\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-08-11T16:46:20.000000Z"}, {"uuid": "fe8c219a-67b4-4583-b71a-645c8603ef7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1788", "content": "https://github.com/charlesgargasson/CVE-2023-41425\n\nhttps://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413\n\nCVE-2023-41425\n#github #poc", "creation_timestamp": "2024-08-15T16:14:16.000000Z"}, {"uuid": "b243845b-354f-44c3-9cc8-da085a8a18b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/softrinx/159497", "content": "https://github.com/0x0d3ad/CVE-2023-41425", "creation_timestamp": "2024-12-01T11:49:56.000000Z"}, {"uuid": "48ae547c-fd9e-486f-9527-d41065af51b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "Telegram/xKQG92GAEvbSnroBQjDjZcbZhZYqgv_RfZJJxSMddxWbWNo", "content": "", "creation_timestamp": "2025-04-25T23:00:05.000000Z"}, {"uuid": "c24031b9-a356-4483-9491-5530d1c4da97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3529", "content": "https://github.com/prodigiousMind/CVE-2023-41425\n\ncve-2023-41425", "creation_timestamp": "2023-11-07T10:29:18.000000Z"}, {"uuid": "38692400-61d8-45e5-afcd-07c04b6b2c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/242", "content": "https://github.com/xpltive/CVE-2023-41425\n\nWonderCMS v3.2.0 - v3.4.2 XSS to RCE exploit\n#github #exploit #xss", "creation_timestamp": "2024-12-23T18:28:15.000000Z"}, {"uuid": "bed48345-c25d-4d13-9f32-f22a05fe0fa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/131", "content": "https://github.com/0x0d3ad/CVE-2023-41425\n\nCVE-2023-41425 (XSS to RCE, Wonder CMS 3.2.0 <= 3.4.2)\n#github #exploit #xss", "creation_timestamp": "2024-12-21T15:55:06.000000Z"}, {"uuid": "908f71b3-ee26-475f-bf6e-bfd03c13dc10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lo7pvr6cbk2a", "content": "", "creation_timestamp": "2025-05-02T21:02:24.370474Z"}, {"uuid": "916326b3-4d53-43c9-b49d-3711fe99b1e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "seen", "source": "https://bsky.app/profile/rajsamani.bsky.social/post/3loibii5pvc2n", "content": "", "creation_timestamp": "2025-05-06T06:38:23.903526Z"}, {"uuid": "93bd5640-b12f-41ad-9c62-1fbb4269534f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "5a2bb6c4-214b-49bb-b9d7-aeb1d811f2dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "seen", "source": "https://bsky.app/profile/ex3ptional.bsky.social/post/3mciejlujae2q", "content": "", "creation_timestamp": "2026-01-15T19:56:41.120317Z"}, {"uuid": "06e6dd54-4bf0-4401-b88d-9405d5d67111", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9265", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-41425 (XSS to RCE, Wonder CMS 3.2.0 <= 3.4.2)\nURL\uff1ahttps://github.com/0x0d3ad/CVE-2023-41425\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-11-30T18:36:43.000000Z"}, {"uuid": "5f508875-3738-486c-9439-fce248858103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9648", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aWonderCMS Authenticated RCE - CVE-2023-41425\nURL\uff1ahttps://github.com/prodigiousMind/CVE-2023-41425\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-12-30T09:31:09.000000Z"}, {"uuid": "5c10b67e-c90b-4fc5-a61b-4b834fc35ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/42819", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aThis is a simple and benign Go script that red teamers can drop and attempt execution to test RCE on Windows machine\nURL\uff1ahttps://github.com/Tea-On/CVE-2023-41425-RCE-WonderCMS-4.3.2\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-07-03T00:46:56.000000Z"}, {"uuid": "edf3b7cc-2a99-4b26-8c62-11a93436c38b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/16742", "content": "https://github.com/charlesgargasson/CVE-2023-41425\n\nhttps://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413\n\nCVE-2023-41425\n#github #poc", "creation_timestamp": "2024-08-15T16:14:16.000000Z"}, {"uuid": "b3d1c408-442d-4616-9a0a-2f760417dd65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41425", "type": "published-proof-of-concept", "source": "https://t.me/softrinx/695", "content": "https://github.com/0x0d3ad/CVE-2023-41425", "creation_timestamp": "2024-12-01T11:49:56.000000Z"}]}