Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-49113 PoC — Roundcube Webmail 安全漏洞

Source
https://github.com/SyFi/CVE-2025-49113
Associated Vulnerability
Title:Roundcube Webmail 安全漏洞 (CVE-2025-49113)
Description:Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.
Description
CVE-2025-49113 exploit
Readme
**CVE-2025-49113
RCE exploit**

the method for username/password authentication in this Exploit comes in 4 steps 
the code is a bit messy

[![IMAGE ALT TEXT HERE](https://img.youtube.com/vi/UwBuL_PMqPw/0.jpg)](https://www.youtube.com/watch?v=UwBuL_PMqPw)
File Snapshot

 [4.0K]  /data/pocs/49e8ad8fb8ee492289f8965416bd121c3e5e66ef
├── [ 21K]  rc-exploit.php
└── [ 255]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →