Publicly Disclosed
PoC Exploits
🔴 Alway take caution when working with PoC Exploits 🔴
Discovered 56 minutes ago
PoC for CVE-2024-12905
The tar-fs package contains vulnerabilities that allow for improper link resolution before file access and improper limitations on pathnames during file extraction. By exploiting these flaws, an attacker can craft a malicious tar file, leading to unauthorized file writes or overwrites outside the...
Discovered 1 hour ago
PoC for CVE-2024-42471
The GitHub ToolKit for developing GitHub Actions contains a vulnerability that allows arbitrary file writes when using methods like `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal`. Specifically, this vulnerability arises when processing specially crafted artifacts...
Discovered 7 hours ago
PoC for CVE-2023-25157
GeoServer, an open-source server for sharing and editing geospatial data, is susceptible to misuse in its PostGIS Datastore functions. This vulnerability arises from improper handling of certain function calls within the OGC Filter expression language and Common Query Language (CQL). Users are en...
Discovered 18 hours ago
PoC for CVE-2024-12244
An access control flaw has been identified in GitLab EE that permits users to access sensitive project information, even when specific features are disabled. This issue impacts all versions of GitLab EE from 17.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. The vulnerability rel...
PoC for CVE-2025-0639
An issue has been identified in GitLab Community and Enterprise Editions that compromises service availability due to a problem with issue previews. This vulnerability impacts all versions of GitLab CE/EE from 16.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1. Users should ...
PoC for CVE-2025-1908
A security issue has been identified in GitLab EE/CE that allows unauthorized tracking of user browsing activities. This tracking can lead to a complete account take-over by malicious actors. The vulnerability affects all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17...
Discovered 19 hours ago
PoC for CVE-2024-27876
A race condition vulnerability has been identified in Apple's operating systems that can be exploited via maliciously crafted archives. When unpacking such archives, the flaw permits attackers to write arbitrary files on the system, potentially compromising the integrity and confidentiality of se...
Discovered 20 hours ago
PoC for CVE-2025-2558
The-wound WordPress theme prior to version 0.0.1 has a Local File Inclusion vulnerability that arises from improper validation of input parameters. This flaw allows unauthenticated users to exploit the theme, leading to potential unauthorized access to sensitive files on the server. By crafting s...
PoC for CVE-2025-1453
The Category Posts Widget plugin for WordPress prior to version 4.9.20 is susceptible to stored Cross-Site Scripting due to improper sanitization and escaping of certain settings. This flaw allows high privilege users, such as administrators, to potentially execute malicious scripts, even in envi...
Discovered 2 days ago
PoC for CVE-2025-24054
An external control of file name or path in Windows NTLM enables unauthorized attackers to exploit a vulnerability, leading to potential spoofing attacks over a network. This situation poses a significant threat as attackers may gain access to sensitive information or systems.
Discovered 3 days ago
PoC for CVE-2025-2594
The User Registration & Membership Plugin for WordPress, prior to version 4.1.3, suffers from a data validation flaw in an AJAX action, particularly when the Membership Addon is enabled. This vulnerability allows an attacker to authenticate as any user—including administrators—by exploiting the t...
PoC for CVE-2024-13569
The Front End Users plugin for WordPress, up to version 3.2.32, contains a vulnerability where a parameter is not properly sanitized and escaped before being displayed on the page. This oversight can be exploited to execute arbitrary JavaScript in the context of high privilege users, including ad...
PoC for CVE-2021-34371
Neo4j versions prior to 3.4.18, when the shell server is enabled, expose a Remote Method Invocation (RMI) service that is vulnerable to arbitrary deserialization of Java objects. This flaw allows attackers to exploit dependencies linked to insecure gadget chains, leading to potential remote code ...
PoC for CVE-2024-28987
The SolarWinds Web Help Desk software is susceptible to a hardcoded credential vulnerability that enables remote unauthenticated users to gain unauthorized access to the system's internal functionalities. This security flaw allows attackers to manipulate and modify critical data, potentially lead...
PoC for CVE-2025-3856
A vulnerability has been identified in xxyopen's Novel-Plus version 5.1.0 that affects the 'searchByPage' function in the file '/book/searchByPage'. An attacker can manipulate the 'sort' argument, enabling SQL injection that can be exploited remotely. Despite the early notification to the vendor ...
PoC for CVE-2025-3855
A significant vulnerability exists in the CodeCanyon RISE Ultimate Project Manager version 3.8.2, affecting the functionality of the Profile Picture Handler component. Specifically, the issue involves inadequate control over resource identifiers, particularly in the argument profile_image_file wi...
PoC for CVE-2025-3854
A buffer overflow vulnerability has been identified in the H3C GR-3000AX router, specifically within the HTTP POST Request Handler's functions such as EnableIpv6, UpdateWanModeMulti, UpdateIpv6Params, EditWlanMacList, and Edit_List_SSID. The vulnerability arises from improper handling of argument...
PoC for CVE-2025-3849
A vulnerability within YXJ2018 SpringBoot-Vue-OnlineExam allows attackers to change user passwords without verification by manipulating the studentId parameter through the /api/studentPWD endpoint. This flaw can be exploited remotely, raising serious security concerns as it jeopardizes user accou...
PoC for CVE-2024-40445
The Forkosh Mime Tex software, prior to version 1.77, is susceptible to a directory traversal vulnerability. This flaw enables an attacker to manipulate file paths and potentially upload malicious files, culminating in arbitrary code execution on the server. Proper input validation measures shoul...
PoC for CVE-2025-3850
An improper authentication vulnerability has been identified in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This flaw affects the processing of the API component, allowing attackers to manipulate it for unauthorized access. Although the attack complexity is considered high and exploitation is known to...
PoC for CVE-2025-3846
A vulnerability exists in the registration functionality of the markparticle WebServer, specifically located in the file code/http/httprequest.cpp. An attacker can exploit this vulnerability by manipulating the username and password parameters, leading to potential SQL injection attacks. This iss...
PoC for CVE-2025-3845
A vulnerability has been identified in the markparticle WebServer, specifically affecting versions up to 1.0, where the Buffer::HasWritten function in buffer.cpp can be manipulated. This vulnerability enables attackers to initiate a buffer overflow by controlling the writePos_ argument, allowing ...
PoC for CVE-2025-3843
A security flaw has been identified in panhainan DS-Java 1.0, where an unknown function is susceptible to cross-site request forgery (CSRF). This vulnerability enables remote attackers to manipulate requests, potentially leading to unauthorized actions on behalf of authenticated users. The exploi...
PoC for CVE-2025-3842
A vulnerability exists in Panhainan's DS-Java 1.0, specifically within the function `uploadUserPic.action` located in the file `src/com/phn/action/FileUpload.java`. This flaw allows attackers to manipulate the `fileUpload` argument, potentially leading to code injection attacks. The vulnerability...
PoC for CVE-2025-3841
A vulnerability exists in the Wix-Incubator Jam that impacts the Jinja2 Template Handler, specifically in the jam.py file. This issue arises from improper neutralization of the config['template'] argument, allowing special elements utilized in the template engine to be exploited. Attackers can po...
PoC for CVE-2025-31200
A memory corruption issue has been found in various Apple operating systems, which could be exploited through a specially crafted audio stream in a media file. This vulnerability has the potential to allow unauthorized code execution, posing significant risk to impacted devices. Apple has impleme...
Discovered 4 days ago
PoC for CVE-2025-30208
A vulnerability in Vite's frontend development tooling allows attackers to bypass file access restrictions. Specifically, versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 expose the risk where app URLs can be manipulated with trailing query parameters such as '?raw?' or '?import&raw?' t...
PoC for CVE-2024-4577
In certain versions of PHP, particularly 8.1.*, 8.2.*, and 8.3.* running on Windows with Apache and PHP-CGI, a vulnerability arises when specific code pages are configured. This results in Windows utilizing 'Best-Fit' behavior to handle character replacements for command-line inputs aimed at Win3...
PoC for CVE-2019-7238
Sonatype Nexus Repository Manager prior to version 3.15.0 contains an access control vulnerability that may allow unauthorized users to access restricted resources and perform unintended actions. This could lead to potential data leakage and compromise of sensitive information. It is crucial for ...
PoC for CVE-2023-50257
In eProsima Fast DDS, a vulnerability arises due to a failure to encrypt the data (`p[UD]`) and `guid` values used for disconnecting between nodes. This allows an attacker to forcibly disconnect Subscribers from the system, preventing them from receiving any data. When an attacker continuously se...
PoC for CVE-2025-3830
An unrestricted file upload vulnerability exists in the Kuangstudy KuangSimpleBBS 1.0 software, specifically in the fileUpload function of the QuestionController.java file. This flaw allows attackers to upload potentially malicious files by manipulating the editormd-image-file argument. Such an e...
PoC for CVE-2020-35730
A Cross-Site Scripting (XSS) vulnerability exists in Roundcube Webmail prior to version 1.2.13, 1.3.16, and 1.4.10. This flaw allows attackers to exploit the application by sending a specially crafted plain text email containing JavaScript code. The vulnerability arises from improper handling of ...
PoC for CVE-2025-3829
A SQL injection vulnerability has been identified in the PHPGurukul Men Salon Management System version 1.0. This flaw exists in the /admin/sales-reports-detail.php file, where improper validation of the 'fromdate' and 'todate' parameters allows attackers to manipulate SQL queries. The vulnerabil...
PoC for CVE-2025-3828
A SQL injection vulnerability exists within the PHPGurukul Men Salon Management System, specifically affecting the processing of the 'remark' parameter in the /admin/view-appointment.php script. This issue allows an attacker to craft a malicious request, potentially leading to unauthorized databa...
PoC for CVE-2025-3827
A security flaw has been detected in the PHPGurukul Men Salon Management System version 1.0, specifically within the /admin/forgot-password.php file. This vulnerability allows attackers to manipulate email argument input, leading to SQL injection issues that can be exploited remotely. As the deta...
Discovered 5 days ago
PoC for CVE-2025-43929
The vulnerability in Kitty before version 0.41.0 originates from the open_actions.py script, which fails to prompt users for confirmation before executing local files that may be linked within documents from untrusted sources, such as those opened in KDE Ghostwriter. This design flaw can allow ma...
PoC for CVE-2025-43921
The vulnerability in GNU Mailman version 2.1.39, as packaged with cPanel, exposes an endpoint that allows unauthenticated attackers to create email distribution lists. This poses significant security risks, as it could be exploited to spread spam or malicious content, affecting the integrity and ...
PoC for CVE-2025-43920
An arbitrary command execution vulnerability exists in GNU Mailman 2.1.39, bundled with cPanel and WHM, that permits unauthenticated attackers to execute arbitrary operating system commands. This occurs due to improper handling of shell metacharacters within the email Subject lines, potentially l...
PoC for CVE-2025-43919
The vulnerability within GNU Mailman 2.1.39, as deployed in cPanel, permits unauthorized users to exploit a directory traversal flaw. By manipulating the username parameter at the private archive endpoint, attackers may access arbitrary files on the server, leading to potential exposure of sensit...
PoC for CVE-2025-3821
A cross site scripting vulnerability exists in the add-admin.php file of the SourceCodester Web-based Pharmacy Product Management System 1.0. This flaw allows unauthorized remote attackers to manipulate input fields such as txtpassword, txtfullname, and txtemail, leading to potential malicious sc...
PoC for CVE-2025-32433
The Erlang/OTP SSH server prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20 contains a critical flaw in SSH protocol message handling that allows attackers to bypass authentication and execute arbitrary commands remotely. This vulnerability can be exploited to gain unauthorized acces...
PoC for CVE-2025-3820
A critical vulnerability has been identified in Tenda W12 and i24 products, specifically in the function cgiSysUplinkCheckSet located in /bin/httpd. This vulnerability allows for a stack-based buffer overflow upon manipulation of the arguments hostIp1 and hostIp2, potentially exposing the device ...
PoC for CVE-2025-3819
A vulnerability exists in the PHPGurukul Men Salon Management System 1.0, specifically within the /admin/search-appointment.php file. This weakness allows an attacker to manipulate the 'searchdata' argument, potentially leading to SQL injection. Because this can be exploited remotely, it's crucia...
PoC for CVE-2025-3818
A vulnerability in the webpy framework's PostgresDB._process_insert_query function may allow an attacker to execute SQL injection attacks. The weakness arises from manipulation of the argument seqname, making it possible for a remote attacker to craft input that could compromise the database. As ...
PoC for CVE-2025-3817
A SQL injection vulnerability affects the SourceCodester Online Eyewear Shop 1.0, enabling unauthorized manipulation of arguments in the Master.php file via the delete_stock endpoint. Exploiting this vulnerability remotely compromises database security and may lead to unauthorized data access or ...
PoC for CVE-2025-3816
A notable OS command injection vulnerability exists in CicadasCMS 2.0, specifically affecting the Scheduled Task Handler component. This flaw enables unauthorized actors to execute arbitrary OS commands on the server, which can be exploited remotely. The affected code is found in the /system/sche...
PoC for CVE-2025-3808
A cross-site request forgery (CSRF) vulnerability has been identified in My-BBS 1.0 by zhenfeng13, allowing remote attackers to perform unauthorized actions on behalf of users. This security flaw may affect multiple endpoints, enabling the attacker to manipulate requests without the user's consen...
PoC for CVE-2025-3807
A vulnerability in My-BBS version 1.0 allows unauthorized users to upload files without proper validation, affecting the UploadController.java component. This flaw opens the door for remote attacks, potentially allowing malicious users to gain access to sensitive system components. The public dis...
PoC for CVE-2025-3806
A cross-site scripting vulnerability has been identified in dazhouda lecms versions up to 3.0.3, specifically affecting the Edit Profile Handler located at /admin. This vulnerability enables attackers to execute arbitrary JavaScript in the context of the affected user's session. The exploitation ...
PoC for CVE-2025-3805
A critical vulnerability found in Sarrionandia's Tournatrack exposes the system to potential injection attacks through the Jinja2 Template Handler's file, check_id.py. An attacker can exploit this vulnerability by manipulating the argument ID, allowing unauthorized command execution on the local ...