Publicly Disclosed
PoC Exploits

Acrel Electrical Prepaid Cloud Platform version 1.0 contains a vulnerability in the Backup File Handler component, specifically affecting the processing of a backup file located at /bin.rar. This vulnerability could allow unauthorized access to sensitive information, which can be exploited remote...

A vulnerability has been identified in Griptape version 0.19.4, found in the ComputerTool component of the affected tool.py file. This flaw allows a remote attacker to manipulate the filename argument, potentially leading to unauthorized access to directory traversal. The exploit has been made pu...

eDirectory has several SQL injection vulnerabilities that enable untrusted attackers to bypass administrator authentication and gain access to sensitive files. By exploiting SQL code injection through the key parameter in the login endpoint, attackers can authenticate as an administrator. Followi...

Kados R10 GreenBee is susceptible to an SQL injection vulnerability, allowing attackers to exploit the 'filter_user_mail' parameter. By crafting specially formulated requests imbued with malicious SQL code, an attacker could potentially retrieve sensitive information from the database or alter ex...

Pegasus CMS 1.0 is susceptible to a remote code execution vulnerability via the extra_fields.php plugin. This flaw allows unauthenticated attackers to exploit unsafe eval functionality, enabling them to execute arbitrary commands on the server. By sending crafted POST requests to the submit.php e...

Core FTP 2.0 build 653 is susceptible to a denial of service vulnerability that arises from the PBSZ command. An unauthenticated attacker can exploit this flaw by sending a specially crafted PBSZ command with a buffer size exceeding 211 bytes. This results in an access violation, effectively cras...

The phpBB software is susceptible to an arbitrary file upload vulnerability due to the exploitation of the plupload functionality and phar:// stream wrapper. Authenticated attackers can leverage this vulnerability by uploading maliciously crafted zip files that contain serialized PHP objects. The...

OpenDocMan 1.3.4 is susceptible to an SQL injection vulnerability that can be exploited by unauthenticated attackers. This security flaw allows attackers to craft malicious GET requests to the 'search.php' script, injecting harmful SQL code through the 'where' parameter. By manipulating this para...

FileZilla 3.40.0 is vulnerable to a denial of service issue stemming from its local search functionality. A local attacker can exploit this vulnerability by inputting a specially crafted path string, specifically one that consists of 384 'A' characters followed by sequences 'BBBB' and 'CCCC'. Thi...

Xlight FTP Server version 3.9.1 is susceptible to an SEH overwrite vulnerability that can be exploited by local attackers. By crafting a malicious buffer string, attackers can overwrite SEH pointers, which may lead to application crashes and the possibility of executing arbitrary code. This vulne...

CMSsite 1.0 is susceptible to a cross-site request forgery vulnerability, enabling attackers to perform unauthorized administrative actions. By crafting deceptive HTML forms, attackers can mislead authenticated administrators into unknowingly visiting malicious pages. When these pages are accesse...

The Advance Gift Shop Pro Script version 2.0.3 is susceptible to an SQL injection vulnerability, enabling unauthenticated attackers to inject harmful SQL queries via the search parameter. By crafting specific SQL payloads, attackers can gain unauthorized access to sensitive data stored in the dat...

The C4G Basic Laboratory Information System 3.4 is susceptible to multiple SQL injection vulnerabilities. These vulnerabilities can be exploited by unauthenticated attackers who send crafted GET requests to the users_select.php endpoint. By injecting malicious SQL code, attackers can execute arbi...

RealTerm Serial Terminal version 2.0.0.70 is susceptible to a structured exception handling (SEH) buffer overflow vulnerability located in the Echo Port tab. This flaw allows local attackers to exploit the system by supplying specially crafted inputs that can trigger the execution of arbitrary co...

WinRAR 5.61 is susceptible to a denial of service vulnerability that can be exploited by local attackers. By inserting a malformed 'winrar.lng' language file into the application’s installation directory, an attacker can induce a crash. The vulnerability manifests when the application attempts to...

The Ask Expert Script version 3.0.5 is vulnerable to cross-site scripting and SQL injection, allowing attackers to exploit these weaknesses by manipulating URL parameters. An unauthenticated attacker can inject malicious script tags via the 'cateid' parameter in the 'categorysearch.php' file, pot...

CMSsite 1.0 is susceptible to an SQL injection vulnerability that enables unauthenticated attackers to alter database queries through the 'post' parameter. By crafting malicious GET requests to post.php with compromised 'post' values, attackers can potentially extract sensitive database informati...

PilusCart 1.4.1 is susceptible to a SQL injection vulnerability that enables unauthenticated users to interfere with database queries. By injecting malicious SQL code through the 'send' parameter in POST requests to the comment submission endpoint, attackers can exploit RLIKE-based boolean SQL in...

The UniSharp Laravel File Manager versions v2.0.0-alpha7 and v2.0 are susceptible to an arbitrary file upload vulnerability. This flaw enables authenticated attackers to exploit the upload endpoint by sending multipart form data that can include malicious files. By setting the type parameter to '...

The VA MAX 8.3.4 software contains a vulnerability that allows authenticated attackers to execute arbitrary commands on the server. This is achieved by injecting shell metacharacters into the mtu_eth0 parameter, which is processed by the changeip.php endpoint. By sending specially crafted POST re...

The vulnerability in River Past Video Cleaner 7.6.3 stems from a structured exception handler buffer overflow issue that could be exploited by local attackers. By sending a specially crafted string to the Lame_enc.dll field, attackers can manipulate the application's handling of errors to run arb...

qdPM version 9.1 is susceptible to an SQL injection vulnerability that enables attackers to interfere with database queries via the search_by_extrafields[] parameter. By crafting well-designed POST requests containing malicious input, an attacker can trigger SQL syntax errors, thereby gaining una...

The News Website Script version 2.0.5 is susceptible to an SQL injection vulnerability that allows unauthorized attackers to execute malicious SQL queries through the news ID parameter. By sending specially crafted GET requests to the endpoint index.php/show/news/, attackers can gain access to se...

TaskInfo version 8.2.0.280 is susceptible to a local buffer overflow vulnerability that can lead to a denial of service. This vulnerability occurs when an attacker inputs excessively long strings into the New User Name or New Serial Number fields located in the registration dialog of the Help men...

SpotAuditor version 3.6.7 is susceptible to a local buffer overflow vulnerability in its Base64 Password Decoder. This vulnerability allows attackers to exploit the decoder interface by supplying an oversized Base64 string, which can lead to application crashes and potential denial of service con...

River Past Ringtone Converter 2.7.6.1601 is susceptible to a local buffer overflow vulnerability. This issue arises when an attacker supplies oversized input specifically into the Email textbox and Activation code textarea fields found in the Help menu's Activate dialog. By pasting 300 bytes of m...

SuiteCRM 7.10.7 is vulnerable to a time-based SQL injection flaw found in the record parameter of the Users module DetailView action. This issue allows authenticated attackers to manipulate SQL queries by appending malicious SQL code to the record parameter within GET requests directed at the ind...

SuiteCRM 7.10.7 is susceptible to a SQL injection vulnerability that enables authenticated attackers to manipulate SQL queries. By injecting malicious code through the 'parentTab' parameter, attackers can execute unauthorized SQL commands via crafted GET requests to the email module. This could l...

Remote Process Explorer 1.0.0.16 is susceptible to a local buffer overflow vulnerability that could be exploited by attackers to induce a denial of service. By crafting a malicious payload and inserting it into the computer name textbox within the Add Computer dialog, attackers can corrupt the SE...

ResourceSpace version 8.6 is affected by an SQL injection vulnerability that permits attackers to execute arbitrary SQL queries. This is accomplished through malicious code injection via the 'ref' parameter. Unauthenticated attackers can exploit this weakness by sending carefully crafted GET requ...

LanHelper 1.74 is susceptible to a local buffer overflow vulnerability that can lead to application crashes. This vulnerability enables attackers to exploit the Form Send Message feature by entering excessively long input strings, specifically by pasting 6000 bytes of data into the Message text f...

ASPRunner Professional version 6.0.766 is susceptible to a local buffer overflow vulnerability that enables attackers to craft excessively long project names, exceeding 180 characters. By inputting such lengthy names during project creation, an attacker can induce an application crash, leading to...

The a-Mac Address Change 5.4 application has a local buffer overflow vulnerability that can be exploited by local attackers to induce a denial of service (DoS). By entering oversized inputs—specifically, 212 bytes—into the 'Your Name', 'Your Company', or 'Register Code' fields in the registration...

AnyBurn 4.3 x86 is susceptible to a denial of service vulnerability that can be exploited by local attackers. By inputting an excessively long string into the image conversion function, attackers can crash the application, causing it to become unresponsive. This vulnerability arises when large bu...

R i386 version 3.5.0 features a security vulnerability that allows local attackers to exploit a buffer overflow in the GUI Preferences dialog. By inputting crafted strings in the 'Language for menus and messages' field, attackers can manipulate the structured exception handler (SEH) to overwrite ...

A SQL injection vulnerability has been identified in Griptape-AI's Griptape version 0.19.4, specifically affecting the SqlTool component located in the file griptape/tools/sql/tool.py. This vulnerability allows remote attackers to exploit the system by manipulating SQL queries, potentially compro...

IP TOOLS version 2.50 is susceptible to a local buffer overflow vulnerability within the SNMP Scanner component. This flaw allows local attackers to exploit oversized input fields ('From Addr' and 'To Addr') to trigger application crashes. When such data is supplied and the Start button is clicke...

Wazuh, a widely-used open-source platform for threat detection and response, exhibits a vulnerability that allows for Remote Code Execution due to faulty deserialization of untrusted data. This issue affects deployments utilizing cluster mode wherein an attacker can gain full control of the maste...

A security vulnerability has been discovered in the griptape-ai griptape version 0.19.4, specifically affecting the FileManagerTool component. Exploiting this issue allows attackers to manipulate file paths, performing unauthorized actions from remote locations. The flaw arises in the methods han...

A vulnerability has been discovered in the premAI-io premsql application, specifically in the eval function located within premsql/agents/baseline/workers/followup.py. This issue allows an attacker to manipulate input arguments, leading to potential code injection. The exploit is remotely executa...

An SQL injection vulnerability has been discovered in the wbbeyourself MAC-SQL product, specifically within the _execute_sql function located in core/agents.py of the Refiner Agent component. This vulnerability allows for remote exploitation, with various public exploits already available, potent...

A vulnerability exists in Zhongyu09 Openchatbi versions up to 0.2.1 that affects its Multi-stage Text2SQL Workflow component. An attacker can exploit this vulnerability by manipulating the argument keywords, leading to SQL injection. This attack can be executed remotely, heightening its risk fact...

A vulnerability exists in Tencent AI-Infra-Guard 4.0, specifically in the Task Detail Endpoint's task_manager.go file, where a manipulation can lead to unauthorized information disclosure. This flaw allows attackers to initiate exploits remotely and access sensitive data. Despite early notificati...

A code injection vulnerability has been identified in Fosowl's agenticSeek version 0.1.0, specifically within the PyInterpreter.execute function located in the sources/tools/PyInterpreter.py file of the query Endpoint component. This vulnerability allows attackers to execute arbitrary code remote...

A security flaw has been identified in the PHPGurukul Online Shopping Portal Project 2.1, specifically within the my-profile.php file. This vulnerability allows an attacker to manipulate the 'fullname' parameter, leading to a remote SQL injection attack. The potential for exploitation has been pu...

A vulnerability has been detected in CodeAstro Online Classroom 1.0, specifically within the addvideos.php component of the Parameter Handler. This issue allows an attacker to manipulate the 'videotitle' argument, leading to SQL injection attacks. The exploitation of this vulnerability can be tri...

A SQL injection vulnerability exists in CodeAstro Online Classroom 1.0 affecting the /OnlineClassroom/updatedetailsfromfaculty.php?myfid=108 component. By manipulating the 'fname' parameter, an attacker can execute unauthorized SQL commands. This type of vulnerability can lead to unauthorized dat...

A vulnerability exists in the CodeAstro Online Classroom version 1.0 within the Parameter Handler component, specifically in the file /OnlineClassroom/addassessment.php. This flaw allows remote attackers to manipulate the 'deleteid' argument, leading to SQL injection. Due to the nature of this vu...

A SQL injection vulnerability exists in the Song-Li Cross-Browser due to improper handling of the argument ID in the details endpoint, specifically within the flask/uniquemachine_app.py file. This flaw allows remote attackers to manipulate SQL queries, potentially leading to unauthorized data acc...

A vulnerability exists within the jkev Record Management System 1.0 that allows for unrestricted file uploads through the save_emp.php component on the Add Employee Page. This flaw may be exploited remotely, enabling attackers to upload malicious files without proper validation, leading to potent...