Publicly Disclosed
PoC Exploits

A vulnerability exists in the HBAI-Ltd Toonflow-app affecting the z.url functionality in the downloadApp endpoint, which can be exploited to achieve path traversal. This flaw allows an attacker to potentially manipulate the URL parameter exploited remotely. The complexity of this attack is high d...

A vulnerability was identified in HBAI-Ltd's Toonflow app, specifically in version 1.1.1. The issue resides in the getCodeByLink endpoint, where improper handling of input parameters allows an attacker to perform server-side request forgery (SSRF). This exploit can be executed remotely, posing si...

A SQL injection vulnerability exists in the Likeadmin-Likeshop platform, specifically within the queryResult function of the DataTableLists.php file. This flaw allows remote attackers to manipulate SQL queries, potentially compromising the database and access sensitive data. Despite being reporte...

A buffer overflow vulnerability exists in the Tenda F456 router, specifically within the 'formWrlExtraSet' function of the httpd component. By manipulating the argument 'Go', an attacker can exploit this flaw to execute arbitrary code remotely, potentially compromising the device's security. The ...

ZoneMinder, a popular open-source closed-circuit television software, has a vulnerability that exposes versions v1.37.* up to and including v1.37.64 to a boolean-based SQL injection attack through the web/ajax/event.php endpoint. This flaw can allow an attacker to manipulate SQL queries, potentia...

A buffer overflow vulnerability exists within the Tenda F456 router, specifically in the function fromGstDhcpSetSer of the httpd component. An attacker can exploit this weakness by manipulating the dips argument, allowing the execution of arbitrary code remotely. Given that the exploit details ar...

A security vulnerability has been identified in Tenda F456 version 1.0.0.5, specifically in the PPTPUserSetting function within the httpd component. An argument manipulation in the delno parameter can lead to a buffer overflow, which exposes the system to potential remote exploitation. This vulne...

A buffer overflow vulnerability has been discovered in the Tenda F456 router, specifically within the fromAdvSetWan function of the httpd component. This vulnerability arises from improper handling of the wanmode argument, allowing an attacker to manipulate the input and potentially execute arbit...

A security flaw has been identified in the Tenda F456 router, specifically in the function fromSetIpBind located in the /goform/SetIpBind component of the httpd service. This vulnerability stems from improper handling of the argument page, leading to a buffer overflow condition. Attackers can exp...

A vulnerability in the itsourcecode Courier Management System 1.0 has been discovered, specifically within an unidentified function in the edit_parcel.php file. This weakness allows for SQL injection through the manipulation of the 'ID' argument. The SQL injection can be executed remotely, thereb...

Protobuf.js, a library that compiles protocol buffer definitions into JavaScript functions, is susceptible to a vulnerability that enables attackers to inject arbitrary code via the 'type' fields in protobuf definitions. This injected code can be executed during the decoding of the corresponding ...

A vulnerability exists in the itsourcecode Courier Management System version 1.0, specifically within the /edit_branch.php file. This flaw enables attackers to execute SQL injection attacks by manipulating the ID argument. The potential for remote exploitation of this vulnerability raises serious...

A vulnerability exists in the itsourcecode Construction Management System version 1.0, specifically in the processing of the /locations.php file. This flaw allows an attacker to manipulate the 'address' argument, the response of which can result in SQL injection. The issue can be exploited remote...

A vulnerability exists in itsourcecode Construction Management System version 1.0, specifically in the /execute1.php file. This flaw allows remote attackers to manipulate the argument `code`, leading to SQL injection attacks. Malicious exploitation of this vulnerability could allow unauthorized a...

A security vulnerability has been identified in the itsourcecode Construction Management System version 1.0, which can be exploited to execute SQL injection attacks. This flaw resides in the execute.php file, where improper handling of an argument allows remote attackers to manipulate SQL queries...

A significant SQL injection vulnerability exists in the CodePanda Source Canteen Management System version 1.0. This flaw resides in the /api/login.php file, where improper handling of the 'Username' parameter allows attackers to manipulate SQL queries. This exploitation can be executed remotely,...

A vulnerability has been identified in the CodeAstro Online Job Portal 1.0 that allows unauthorized access to sensitive file and directory information through the manipulation of the /users/user-cvs/ functionality. This issue can be exploited remotely, potentially leading to significant privacy b...

A vulnerability has been discovered in the Login component of the Code-Projects Inventory Management System 1.0, where manipulation of the Username argument can enable an SQL injection attack. This flaw can be exploited remotely, allowing attackers to gain unauthorized access to the database. Giv...

A buffer overflow vulnerability exists in the D-Link DIR-825 router's NMBD_process function within the nmbd component of the sserver.c file. This issue can be exploited by attackers within the same local network. As the relevant exploit code is publicly available, the risk is heightened for produ...

A command injection vulnerability exists in the D-Link DIR-822 router, specifically within the udhcpd DHCP service's handling of the Hostname argument in the dhcpd.c file. An attacker could exploit this vulnerability remotely, allowing execution of arbitrary commands on the affected device. This ...

A security vulnerability has been identified in Simple OpenStack MCP, specifically within the exec_openstack function in server.py. This flaw allows for remote OS command injection, enabling malicious actors to execute arbitrary commands on the server. Despite being reported to the maintainers, t...

The BidingCC BuildingAI application up to version 26.0.1 contains a security flaw in the Remote Upload API, specifically within the uploadRemoteFile function. A manipulation of the URL argument can lead to server-side request forgery, enabling attackers to remotely initiate malicious requests. Th...

A security flaw has been identified in the AgentDeskAI browser-tools-mcp, specifically within the file browser-tools-server/browser-connector.ts. This vulnerability allows for remote attackers to perform OS command injections through crafted manipulations. As the exploit has already been publishe...

A SQL injection vulnerability exists in the Employee Management System 1.0 by Code-Projects, specifically in the 'eprocess.php' file located in the /370project/process/ directory. By manipulating the 'pwd' argument, attackers can execute remote SQL injection attacks, allowing unauthorized access ...

A security vulnerability exists in the Intina47 context-sync product, specifically within the Git Integration component. This vulnerability is located in the src/git-integration.ts file and allows for os command injection, which can be remotely executed by an attacker. Such manipulation could pot...

A significant vulnerability has been detected in the Toowiredd chatgpt-mcp-server, specifically within the MCP/HTTP component and its docker.service.ts file. This issue permits an OS command injection, allowing attackers to execute arbitrary commands on the server. The exploit is publicly accessi...

A vulnerability exists in the liyupi yu-picture application that allows for SQL injection attacks via the PageRequest function within the PictureServiceImpl.java file. This issue arises from improper handling of the sortField argument, permitting attackers to manipulate SQL queries remotely. The ...

A path traversal vulnerability exists in 666ghj MiroFish versions up to 0.1.2, specifically in the get_simulation_posts function located in backend/app/api/simulation.py. This flaw allows an attacker to manipulate the Platform argument, leading to unauthorized access to restricted directories and...

A security vulnerability has been identified in the command handling function of 666ghj MiroFish's Inter-Process Communication module. The flaw resides in the SimulationIPCClient.send_command method within the simulation_ipc.py file. This vulnerability allows attackers to execute arbitrary comman...

A vulnerability has been identified in the Tenda F456 router firmware version 1.0.0.5, which resides within a specific function of the httpd component. By manipulating the parameters 'funcname' and 'funcpara1', an attacker can trigger a buffer overflow remotely. This vulnerability poses a signifi...

A vulnerable function, fromSafeUrlFilter, within the Tenda F456's httpd component exposes the product to buffer overflow attacks. By manipulating the 'page' argument of the /goform/SafeUrlFilter endpoint, attackers can exploit this vulnerability remotely, leading to potential unauthorized access ...

A security vulnerability has been identified in the Tenda F456 router, specifically in the handling of the 'fromVirtualSer' function within the httpd service. This vulnerability arises due to improper manipulation of the 'menufacturer/Go' argument, which can lead to a buffer overflow condition. E...

A vulnerability has been discovered in the Tenda F456 1.0.0.5 model, specifically in the PPTPDClient component's fromPptpUserAdd function, located in the /goform/PPTPDClient file. This weakness allows for a buffer overflow due to improper handling of the opttype and username arguments. An attacke...

A critical security flaw exists in the Tenda F456 router, specifically in the function frmL7ProtForm of the httpd component located at /goform/L7Prot. This vulnerability allows remote attackers to exploit a buffer overflow by manipulating the 'page' argument. Such exploitation can lead to unautho...

A vulnerability exists in versions of GreenCMS up to 2.3 that allows attackers to exploit the 'themeadd' function via the /index.php?m=admin&c=custom&a=themeadd endpoint. This flaw permits unrestricted file uploads, enabling remote attackers to upload malicious files without proper authorization....

Wansview Camera Software version 1.0.2 contains a buffer overflow flaw that could be exploited by local attackers. By providing excessively large input strings, such as 2000-byte payloads in the Camera name and DID number fields during the camera setup process, an attacker can trigger application...

The P10 Central Management Software version 1.4.13 is vulnerable to a buffer overflow in the login password field. This flaw allows local attackers to execute a Denial of Service (DoS) attack by submitting an excessively large input string, specifically a 2000-byte payload. When the payload is in...

The ObserverIP Scan Tool version 1.4.0.1 is prone to a denial of service vulnerability that allows local attackers to crash the application. By inputting an excessively long string into the IP input field—specifically a 2000-byte buffer of repeated characters—attackers can trigger a search operat...

A buffer overflow vulnerability exists in CEWE Photoshow version 6.3.4, specifically within the login dialog. This flaw allows an attacker to submit oversized input by injecting 4000 bytes of data into the email address and password fields. The result is a denial of service condition, potentially...

Prime95 version 29.4b7 has a critical buffer overflow vulnerability in the PrimeNet connection dialog. This flaw allows local attackers to crash the application by supplying an excessively long string (up to 6000 bytes) in the optional proxy password field. Upon entering such a payload, the appli...

Bome Restorator 1793 contains a buffer overflow vulnerability that allows local attackers to crash the application by inputting an excessively long string into the Name field. By supplying a crafted payload exceeding 4000 bytes, an attacker can trigger an application crash, leading to a denial of...

Project64 version 2.3.2 is susceptible to a buffer overflow vulnerability located in the Plugin Directory settings field. Local attackers can exploit this weakness by entering a string as long as 6000 bytes into the Plugin Directory field via the Options > Settings > Directories interface. This c...

Easyboot 6.6.0 is susceptible to a buffer overflow vulnerability within its Replace Text function. This issue enables local attackers to induce a denial-of-service condition by submitting an oversized string, specifically a 7000-byte payload, into the text fields after navigating to File > Tools ...

Softdisk 3.0.3 has a vulnerability in the registration code dialog that allows local attackers to exploit a buffer overflow by entering an oversized string. By inputting a 6000-byte payload in the Registration Name field via the Help menu's Enter Registration Code dialog, attackers can trigger a ...

StyleWriter 1.0 has a vulnerability that allows local attackers to exploit a buffer overflow by supplying an excessively long string. This vulnerability can trigger a denial of service condition, causing the application to crash. Attackers can achieve this by inserting a payload of up to 6000 byt...

Drive Power Manager 1.10 has a vulnerability in its handling of input which can be exploited via a buffer overflow. Attackers can input an excessively long string into the Name field—up to 6000 bytes—which could lead to a denial of service by crashing the application when the Register action is t...

The Easy PhotoResQ version 1.0 is vulnerable to a buffer overflow that can be exploited by local attackers. By entering a significantly long string—specifically a 6000-byte payload—in the Folder/filename field through the File Options dialog, attackers can trigger a denial of service condition, c...

Fathom 2.4 is susceptible to a buffer overflow vulnerability in the Authorization Code field, which can be exploited by local attackers. By submitting an oversized input string of up to 6000 bytes, attackers can initiate a denial of service condition that crashes the application. This vulnerabili...

HD Tune Pro 5.70 has a buffer overflow vulnerability that can be exploited by local attackers. By entering an excessively long string (up to 6000 bytes) in the folder/file name input field within the File > Options > Save dialog, an attacker can cause the application to crash, resulting in a deni...

Nmap 7.70 presents a vulnerability that enables local attackers to exploit the application by processing crafted XML files. This involves the use of nested entity definitions that, when opened through ZenMap's scan import feature, lead to excessive resource consumption and ultimately crash the pr...