Publicly Disclosed
PoC Exploits

The Formidable Form Builder plugin for WordPress contains a vulnerability that permits Stored Cross-Site Scripting (XSS) attacks via multiple parameters during form submissions, including 'after_html'. This flaw arises due to inadequate input sanitization and output escaping practices in versions...

The vulnerability in the PutContents API of Gogs arises from improper handling of symbolic links, potentially allowing local execution of arbitrary code. This misconfiguration may expose sensitive data and facilitate unauthorized access to critical systems. Users and administrators are urged to u...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

A race condition vulnerability has been identified in the Armoury Crate application provided by ASUS. This flaw arises from a Time-of-check Time-of-use issue, which can enable unauthorized access through an authentication bypass. Users of Armoury Crate should be aware of the potential risks assoc...

A critical file upload vulnerability exists in the Gravity Forms plugin for WordPress, specifically affecting versions prior to 2.9.23.1. This flaw allows unauthorized users to upload potentially dangerous PHP files through the plugin's chunked upload functionality. If attackers manage to identif...

The vulnerability in the org.apache.commons.io.input.XmlStreamReader class can lead to excessive CPU resource consumption due to the processing of specially crafted input. This behavior may create significant performance issues, particularly when handling untrusted XML data. To mitigate this risk...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A critical vulnerability has been identified in the code-projects Student Information System version 1.0, which exposes the application to SQL injection attacks. The flaw lies within the processing of the 'searchbox' parameter in the /searchresults.php file. An attacker can manipulate this input ...

A vulnerability in the code-projects Student Information System version 1.0 has been identified, affecting the /profile.php file. The vulnerability allows an attacker to manipulate the firstname and lastname parameters, leading to cross-site scripting (XSS) attacks. This exploit can be executed r...

A security vulnerability exists in the Code-Projects Student File Management System version 1.0, specifically in the /save_file.php script. This flaw enables attackers to manipulate upload arguments, leading to unrestricted file uploads. Consequently, this vulnerability can be exploited remotely,...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A command injection vulnerability exists in the Tenda WH450 router, specifically within the HTTP Request Handler component. The flaw lies in the /goform/CheckTools file, where improper handling of the 'ipaddress' argument can allow an attacker to execute arbitrary commands. This vulnerability can...

A command injection vulnerability exists in the Tenda WH450 router, specifically within the HTTP Request Handler component. The flaw lies in the /goform/CheckTools file, where improper handling of the 'ipaddress' argument can allow an attacker to execute arbitrary commands. This vulnerability can...

The OverlayFS implementation in the Linux kernel failed to adequately validate user namespaces when setting file capabilities on underlying file systems. This weakness, combined with specific patches in the Ubuntu kernel that permit unprivileged overlay mounts, enables attackers to exploit the si...

A vulnerability in the Tenda WH450 device allows attackers to exploit a stack-based buffer overflow through the remote manipulation of the 'Username' argument in the /goform/PPTPDClient component. This flaw in the HTTP Request Handler can potentially permit unauthorized access and manipulation of...

A vulnerability in the Tenda WH450 device allows attackers to exploit a stack-based buffer overflow through the remote manipulation of the 'Username' argument in the /goform/PPTPDClient component. This flaw in the HTTP Request Handler can potentially permit unauthorized access and manipulation of...

A stack-based buffer overflow vulnerability has been identified in the Tenda WH450, specifically within the HTTP Request Handler component. This issue arises from improper handling of the 'netmsk' argument in the /goform/PPTPClient file, allowing for potential remote exploitation. Attackers may u...

A stack-based buffer overflow vulnerability has been identified in the Tenda WH450, specifically within the HTTP Request Handler component. This issue arises from improper handling of the 'netmsk' argument in the /goform/PPTPClient file, allowing for potential remote exploitation. Attackers may u...

A vulnerability has been identified in the Tenda WH450 version 1.0.0.18, impacting the HTTP Request Handler component. This security flaw arises from the manipulation of the 'page' argument within the /goform/Natlimit file, which can lead to a stack-based buffer overflow. The issue allows an atta...

A vulnerability has been identified in the Tenda WH450 version 1.0.0.18, impacting the HTTP Request Handler component. This security flaw arises from the manipulation of the 'page' argument within the /goform/Natlimit file, which can lead to a stack-based buffer overflow. The issue allows an atta...

A stack-based buffer overflow vulnerability has been identified in the Tenda WH450 router (version 1.0.0.18). This vulnerability resides within an unknown function in the file /goform/NatStaticSetting. An attacker can exploit this vulnerability remotely by manipulating the 'page' argument, potent...

A stack-based buffer overflow vulnerability has been identified in the Tenda WH450 router (version 1.0.0.18). This vulnerability resides within an unknown function in the file /goform/NatStaticSetting. An attacker can exploit this vulnerability remotely by manipulating the 'page' argument, potent...

CSZ CMS version 1.2.7 is vulnerable to an HTML injection flaw, enabling authenticated users to inject malicious hyperlinks into message titles. This vulnerability can be exploited by attackers through crafted POST requests to the member messaging system, potentially facilitating phishing or socia...

CMSimple version 5.4 is susceptible to a cross-site scripting vulnerability that enables attackers to bypass input filtering mechanisms. By using HTML to Unicode encoding, malicious actors can inject harmful scripts, allowing them to execute arbitrary JavaScript when users interact with specific ...

Orangescrum version 1.8.0 is susceptible to multiple cross-site scripting (XSS) vulnerabilities that could be exploited by authenticated attackers. These vulnerabilities allow for the injection of malicious scripts through various input parameters, including 'projid', 'CS_message', and 'name'. By...

The PMB version 7.4.6 is vulnerable to a SQL injection due to an unsanitized 'id' parameter in the ajax.php endpoint. This vulnerability allows remote attackers to manipulate database queries by injecting conditional sleep statements. Such exploitation can lead to unauthorized information extract...

CSZ CMS version 1.2.7 is affected by a persistent cross-site scripting vulnerability that allows attackers to inject malicious JavaScript into private messages. This security flaw can be exploited when an admin views the messages in the backend, leading to the execution of the injected scripts. T...

Epic Games Easy Anti-Cheat version 4.0 has a vulnerability that allows a local non-privileged user to execute arbitrary code with elevated system privileges. This arises from an unquoted service path, which can be exploited by malicious actors. By manipulating the service configuration, attackers...

CMSimple_XH version 1.7.4 is vulnerable to an authenticated remote code execution flaw that arises within its content editing feature. This vulnerability can be exploited by attackers possessing valid administrative credentials, allowing them to bypass security mechanisms, including CSRF token va...

CMSimple 5.4 is susceptible to an authenticated remote code execution vulnerability that enables authenticated attackers to inject malicious PHP code via the template editing feature. By exploiting this vulnerability, attackers can create and execute reverse shell payloads by manipulating the tem...

CMSimple version 5.4 is affected by an authenticated local file inclusion vulnerability that enables remote attackers to manipulate PHP session files. By altering the file path used by functions, attackers can upload malicious PHP code through session file upload mechanisms, potentially executing...

The Zucchetti Axess CLOKI Access Control version 1.64 is susceptible to a cross-site request forgery (CSRF) vulnerability, which permits unauthorized manipulation of access control settings without the need for user interaction. Attackers can exploit this vulnerability by creating malicious web p...

CMSimple 5.2 exhibits a stored cross-site scripting vulnerability specifically in the Filebrowser's external input field. This flaw permits malicious actors to inject unfiltered JavaScript code. When users navigate to the Page or Files tabs, the harmful script is executed, resulting in persistent...

Orangescrum version 1.8.0 contains a vulnerability that permits authenticated users to perform SQL injection attacks by exploiting multiple parameters such as old_project_id, project_id, uuid, and uniqid. This flaw allows attackers to craft malicious SQL queries that can lead to unauthorized data...

Orangescrum 1.8.0 is susceptible to a privilege escalation flaw that enables authenticated users to usurp control of project-assigned accounts. This vulnerability occurs when an attacker can manipulate session cookies to gain unauthorized access by extracting a victim's unique user ID from the so...

An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request.

In Livewire up to and including version 3.6.3, a vulnerability exists that allows unauthenticated attackers to execute commands remotely in certain configurations. This issue is caused by specific component property updates that are not adequately secured. Importantly, exploitation of this vulner...

A race condition exists in the Windows Kernel, which can be exploited by authorized users to elevate privileges locally. This vulnerability arises from improper synchronization when multiple threads access shared resources concurrently. An attacker who successfully exploits this vulnerability may...

The n8n workflow automation platform, versions 0.123.1 through 1.119.1, contains a vulnerability that allows an attacker to execute arbitrary code on the host system by exploiting inadequate protections in the pre-commit hooks. When using the 'Add Config' operation, workflows can set malicious Gi...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

Coolify, an open-source tool for server management, is impacted by a command injection vulnerability in its Database Backup feature. Before version 4.0.0-beta.451, authenticated users with appropriate permissions could exploit this flaw to run arbitrary commands on the server. The vulnerability a...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A vulnerability has been identified in Needrestart, the tool developed by Qualys, which prior to version 3.8, can be exploited by local attackers. This flaw allows attackers to execute arbitrary code with root privileges by manipulating the PYTHONPATH environment variable when Needrestart runs th...

A security flaw exists in the itsourcecode Student Management System, specifically in the /record.php file. This vulnerability allows for SQL injection due to improper handling of the input argument ID. Attackers can execute this exploit remotely, potentially compromising the integrity of the dat...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x is impacted by a vulnerability that permits remote attackers to execute a factory reset without authentication. Through a crafted POST request directed at the /usr/cgi-bin/restorefactory.cgi endpoint, attackers can manipulate device settings and potentially gain...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x is susceptible to an unauthenticated OS command injection vulnerability. By exploiting this flaw, remote attackers can execute arbitrary shell commands through the 'password' parameter in the login.php and index.php scripts. This security issue allows attackers ...

The SOUND4 IMPACT, FIRST, PULSE, and Eco products versions 2.x exhibit a vulnerability that allows remote attackers to exploit unauthenticated directory traversal. By manipulating the 'upgfile' parameter within the upload.cgi file, such attacks can enable file writing to unintended directories on...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x is susceptible to a cross-site request forgery vulnerability that enables attackers to execute administrative commands without the user's consent. This security flaw permits the creation of malicious web pages that, upon a logged-in user's visit, can send unauth...