Publicly Disclosed
PoC Exploits

The pac4j-jwt library's JwtAuthenticator prior to versions 4.5.9, 5.7.9, and 6.3.3 is susceptible to an authentication bypass that could allow remote adversaries to create forged authentication tokens. By leveraging the server's RSA public key, attackers are able to craft a JWE-wrapped PlainJWT w...

A vulnerability exists in Microsoft Office that allows attackers to manipulate untrusted inputs, enabling them to bypass critical security measures locally. This flaw can expose systems to unauthorized actions, compromising the integrity of sensitive data. It is crucial for users to apply the lat...

Budibase, a low code platform for creating internal tools, exhibits a significant vulnerability in its server's authorization mechanism. In versions 3.31.4 and earlier, the 'authorized()' middleware designed to protect server-side API endpoints can be bypassed entirely by appending a specific web...

Multiple versions of Drupal, including those prior to 7.58 and various 8.x releases, are susceptible to a vulnerability that permits remote attackers to execute arbitrary code. This exploit takes advantage of configuration flaws in several subsystems, particularly those using default or common mo...

A security vulnerability exists in ProjectSend affecting versions up to r1945, specifically in the Auth.php file. This flaw allows for the manipulation of the ldap_email argument, which can cause discrepancies in the application's responses. An attacker may exploit this issue remotely, although t...

The Netartmedia Real Estate Portal 5.0 has an SQL injection vulnerability that can be exploited by attackers to manipulate database queries. By sending specially crafted POST requests to index.php with malicious SQL in the page parameter, unauthorized users can bypass security measures, extract s...

Netartmedia PHP Mall 4.1 has been found to contain multiple SQL injection vulnerabilities that enable unauthenticated attackers to manipulate database queries. By exploiting unvalidated parameters, such as 'id' in index.php and 'Email' in loginaction.php, threat actors can execute time-based blin...

202CMS v10 beta is vulnerable to a blind SQL injection flaw, which allows attackers to exploit the log_user parameter. Through carefully crafted POST requests to index.php, attackers can implement time-based blind injection techniques to execute arbitrary SQL commands. This vulnerability can lead...

Netartmedia Event Portal 2.0 is vulnerable to a time-based blind SQL injection, enabling unauthenticated attackers to insert SQL commands through the Email parameter. By sending manipulated POST requests to loginaction.php, attackers can extract sensitive data from the database, posing severe ris...

The Netartmedia PHP Real Estate Agency 4.0 software contains a serious SQL injection vulnerability that allows unauthenticated attackers to craft malicious POST requests. By exploiting the features[] parameter in the index.php file, attackers can execute arbitrary SQL queries that may lead to una...

The Netartmedia PHP Dating Site is vulnerable to SQL injection attacks via the Email parameter in the loginaction.php file. This allows unauthenticated attackers to inject malicious SQL code, potentially enabling them to extract sensitive data from the database. By sending specially crafted POST ...

The Netartmedia PHP Car Dealer contains a significant SQL injection vulnerability that enables attackers, without authentication, to execute arbitrary SQL queries. This flaw is exploited through the features[] parameter in POST requests to index.php, allowing malicious users to inject SQL payload...

Netartmedia's PHP Business Directory version 4.2 is susceptible to an SQL injection flaw that can be exploited by unauthenticated users. This vulnerability allows attackers to inject malicious SQL statements through the Email parameter when sending POST requests to the loginaction.php endpoint. S...

The Netartmedia Jobs Portal 6.1 is susceptible to an SQL injection vulnerability, which enables unauthenticated attackers to manipulate database queries. By sending carefully crafted POST requests to the loginaction.php file with malicious SQL code injected through the Email parameter, attackers ...

The Netartmedia Deals Portal is susceptible to an SQL injection vulnerability through the Email parameter in loginaction.php. This flaw enables unauthenticated attackers to execute crafted SQL queries via POST requests, providing them the capability to manipulate database operations. As a result,...

The uHotelBooking System is susceptible to an SQL injection vulnerability, which enables unauthenticated attackers to manipulate database queries. By exploiting the 'system_page' GET parameter, malicious users can inject SQL commands via crafted requests to index.php. This misuse can lead to the ...

Placeto CMS Alpha version 4 contains a vulnerability that enables authenticated attackers to exploit SQL injection through the 'page' parameter. By manipulating the parameter, attackers can craft GET requests to the admin/edit.php endpoint, leveraging techniques such as boolean-based blind, time-...

Inout EasyRooms Ultimate Edition v1.0 contains a security flaw that allows unauthorized users to execute SQL commands through the property1 parameter. By crafting specific POST requests to the search/searchdetailed endpoint, attackers can inject harmful SQL queries, potentially exposing sensitive...

XooGallery, a product by XooTheme, has a vulnerability that enables unauthorized individuals to execute SQL injection attacks through the 'p' parameter in a GET request to results.php. This means that attackers can pass crafted SQL code, compromising the integrity of the database. Such exploits c...

The Jettweb PHP Hazir Haber Sitesi Scripti V1 is susceptible to an authentication bypass vulnerability that allows attackers to circumvent authentication protections in the administration panel. Through improper SQL query validation, malicious users can inject SQL payloads into the username and p...

The Jettweb PHP Hazir Haber Sitesi Scripti V3 contains a significant security flaw that enables unauthenticated users to gain administrative access to the system. By exploiting the vulnerability present in the login.php administration panel, attackers can craft specific SQL syntax and manipulate ...

The Jettweb PHP Hazir Haber Sitesi Scripti V2 is susceptible to an authentication bypass vulnerability due to improper validation of SQL queries in the administration panel. This flaw allows unauthenticated attackers to exploit SQL injection payloads using the login form at admingiris.php, potent...

The XooDigital Latest product is susceptible to an SQL injection vulnerability via the 'p' parameter in the results.php file. This flaw enables unauthenticated attackers to craft GET requests with malicious 'p' values, allowing them to manipulate database queries and potentially extract sensitive...

The Jettweb PHP Hazir Ilan Sitesi Script V2 contains a significant SQL injection vulnerability that permits unauthenticated attackers to manipulate database queries through the 'kat' parameter. By sending specially crafted GET requests to the katgetir.php endpoint with malicious 'kat' values, att...

The Jettweb Hazir Rent A Car Script V4 is plagued by multiple SQL injection vulnerabilities within its admin panel. These flaws allow unauthenticated attackers to execute arbitrary SQL commands by manipulating GET parameters such as 'tur', 'id', and 'ozellikdil' in the admin/index.php endpoint. S...

The Jettweb PHP Hazir Rent A Car Sitesi Scripti V2 is susceptible to an SQL injection flaw that allows attackers to exploit the 'arac_kategori_id' parameter. By crafting POST requests with malicious SQL code, unauthenticated users can manipulate database queries, potentially exposing sensitive in...

Inout RealEstate is susceptible to SQL injection, primarily affecting the agents/agentlistdetails endpoint. This vulnerability allows unauthenticated attackers to manipulate database queries by injecting malicious SQL code through the city parameter. By sending crafted POST requests, attackers ca...

iScripts ReserveLogic is affected by an SQL injection vulnerability that enables unauthenticated attackers to exploit the jqSearchDestination parameter. By sending specially crafted POST requests to the search endpoint, attackers can inject malicious SQL code, allowing them to manipulate database...

Clinic Pro is exposed to a SQL injection vulnerability due to improper handling of user-supplied input through the month parameter. This flaw allows authenticated attackers to craft malicious POST requests targeting the monthly_expense_overview endpoint. By utilizing techniques such as boolean-ba...

A vulnerability in ProjectSend, specifically within the Delete Handler component's realpath function in the import-orphans.php file, allows for a path traversal exploit. By manipulating the argument files[], an attacker may gain unauthorized access to files on the server. This issue became public...

A security vulnerability has been identified in Tenda i12 firmware version 1.0.0.6(2204). This vulnerability arises from improper handling of the index parameter in the 'formwrlSSIDget' function within the '/goform/wifiSSIDget' file. An attacker can exploit this weakness to achieve a stack-based ...

A vulnerability in the Tenda i12 wireless router allows for a stack-based buffer overflow through the formWifiMacFilterGet function located in the /goform/WifiMacFilterGet file. This weakness could be exploited remotely, enabling potential attackers to manipulate index arguments. The exploit has ...

A security vulnerability has been identified in the Tenda i12 router, specifically within the vos_strcpy function located in the /goform/exeCommand file. This flaw allows an attacker to manipulate the cmdinput argument, leading to a stack-based buffer overflow. The vulnerability can be exploited ...

A security vulnerability has been identified in GPAC 26.03-DEV affecting the SVG Parsing functionality. The issue arises from an out-of-bounds write in the 'svgin_process' function within the 'src/filters/load_svg.c' file. This vulnerability could potentially allow an attacker with local access t...

A vulnerability has been identified in the GPAC software, specifically within the TeXML File Parser's function 'txtin_process_texml'. This issue may allow an attacker to exploit a stack-based buffer overflow by manipulating input data. This vulnerability can potentially be executed locally, which...

A security flaw has been identified in the Cafe Reservation System version 1.0, specifically within the signup.php file of the Registration component. This vulnerability allows an attacker to manipulate the Username parameter, leading to SQL injection. Remote exploitation of this weakness is poss...

An out-of-bounds read vulnerability exists in the rxi fe software affecting the function read_ located in the src/fe.c file. This vulnerability arises from improper input handling, allowing attackers who have local access to manipulate the input and potentially access data outside the allocated m...

A vulnerability affecting the pkByteBufferAddString function in ThakeeNathees Pocketlang allows for memory corruption due to improper handling of argument lengths. Exploitation of this flaw requires local access and can be executed with an input length of 4294967290. Although the issue was report...

A vulnerability affecting the pkByteBufferAddString function in ThakeeNathees Pocketlang allows for memory corruption due to improper handling of argument lengths. Exploitation of this flaw requires local access and can be executed with an input length of 4294967290. Although the issue was report...

A vulnerability affecting the pkByteBufferAddString function in ThakeeNathees Pocketlang allows for memory corruption due to improper handling of argument lengths. Exploitation of this flaw requires local access and can be executed with an input length of 4294967290. Although the issue was report...

A vulnerability exists in the SoLoud WAV File Parser affecting versions up to 20200207. The specific flaw is located in the function drwav_read_pcm_frames_s16__msadpcm within the audio source library, which allows for potential out-of-bounds read operations. This can lead to unauthorized access t...

A security flaw has been identified in the Tenda W3 router, specifically in the POST Parameter Handler, located at /goform/wifiSSIDset. This vulnerability allows for a stack-based buffer overflow due to improper processing of input arguments, notably index and GO. An attacker with remote access c...

A remote code execution vulnerability has been identified in the Tenda W3 router, specifically within the POST Parameter Handler in the '/goform/wifiSSIDget' file. An attacker can exploit this vulnerability by manipulating the 'index' argument, leading to a stack-based buffer overflow. Once execu...

A heap-based buffer overflow vulnerability has been identified in the Object File Handler of rui314 mold, specifically in the 'mold::ObjectFilemold::X86_64::initialize_sections' function found in 'src/input-files.cc'. This vulnerability affects versions of mold up to 2.40.4 and requires local exp...

A cross site scripting (XSS) vulnerability has been identified in the itsourcecode Payroll Management System 1.0. This vulnerability stems from improper handling of user input in the /manage_employee_deductions.php file, specifically through manipulation of the argument ID. Attackers can exploit ...

The Timetics Booking Plugin for WordPress prior to version 1.0.52 contains a vulnerability where a REST endpoint lacks necessary authorization checks. This allows unauthenticated users to manipulate the payment status and post status of bookings for the custom post type 'timetics-booking.' As a r...

The Reading Progressbar plugin for WordPress prior to version 1.3.1 is susceptible to Stored Cross-Site Scripting attacks. This vulnerability arises because the plugin fails to adequately sanitize and escape certain settings. As a result, even users with high privilege access, such as administrat...

A vulnerability has been discovered in the CodeGenieApp serverless-express up to version 4.17.1. This flaw resides in the utils/dynamodb.ts file, specifically within the Users Endpoint functionality. The vulnerability arises from improper handling of arguments, leading to a potential injection ri...

A security vulnerability has been identified in CesiumGS's CesiumJS, specifically in the demo code located in Apps/Sandcastle/standalone.html. This flaw allows for the manipulation of parameters leading to cross-site scripting (XSS) attacks, which can be executed remotely. This exploitation can p...

A cross-site scripting vulnerability has been discovered in version 2.1 of the Campcodes Division Regional Athletic Meet Game Result Matrix System. This flaw lies within the 'save_up_athlete.php' file, where improper handling of the 'a_name' argument can lead to an exploit. Attackers can remotely...