Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered 48 minutes ago

PoC for CVE-2023-1545

NilsteampassnetNilsteampassnet/teampass🟣 EPSS 11%7.5HIGH
SQL Injection in nilsteampassnet/teampass

An SQL Injection vulnerability exists in Teampass prior to version 3.0.0.23, which allows attackers to manipulate SQL queries by injecting malicious code. This can lead to unauthorized access and exposure of sensitive data stored within the application. It is crucial for users of Teampass to upgr...

Discovered 1 hour ago

PoC for CVE-2019-5420

RailsHttps://github.com/rai...🟣 EPSS 94%9.8CRITICAL
Remote Code Execution Vulnerability in Rails by Ruby on Rails

A vulnerability exists in Ruby on Rails that allows an attacker to exploit the development mode environment. Specifically, if the application runs on versions below 5.2.2.1 or 6.0.0.beta3, the system's automatically generated development mode secret token can be guessed. This token, when combined...

Discovered 3 hours ago

PoC for CVE-2024-32830

WordPressBuddyforms8.6HIGH
Path Traversal Vulnerability Affects BuddyForms from n/a to 2.8.8

The ThemeKraft BuddyForms plugin contains a vulnerability characterized by improper limitations of a pathname, which can lead to server-side request forgery (SSRF) and relative path traversal. This issue exposes systems running BuddyForms, from implementations pre-dating version 2.8.8, to potenti...

PoC for CVE-2023-41425

WondercmsWondercms🟣 EPSS 64%6.1MEDIUM
Cross Site Scripting Vulnerability in Wonder CMS by Wonder

A Cross Site Scripting vulnerability exists in Wonder CMS versions 3.2.0 through 3.4.2. This vulnerability allows remote attackers to inject arbitrary scripts into the installModule component. Such an attack could lead to unauthorized script execution, placing user data and the integrity of the w...

PoC for CVE-2016-2098

DebianDebian Linux🟣 EPSS 86%7.3HIGH
Remote Code Execution Vulnerability in Ruby on Rails Action Pack

A vulnerability in Action Pack of Ruby on Rails allows remote attackers to execute arbitrary Ruby code due to unrestricted use of the render method. This can happen when the application fails to properly sanitize user input before rendering, enabling attackers to manipulate the application’s runt...

Discovered 4 hours ago

PoC for CVE-2016-10033

PHPmailer ProjectPHPmailer🟣 EPSS 94%9.8CRITICAL
Mail command execution vulnerability in PHPMailer by the vendor

A vulnerability exists in the mailSend function of the isMail transport in PHPMailer prior to version 5.2.18. This flaw enables remote attackers to inject additional parameters into the mail command, thus potentially executing arbitrary code. The exploitation occurs through a crafted Sender prope...

PoC for CVE-2018-0114

CiscoNode-jose Library🟣 EPSS 68%7.5HIGH
Vulnerability in Cisco Node-Jose Library Allows Token Resigning

The Cisco node-jose library prior to version 0.11.0 contains a vulnerability that allows an unauthenticated remote attacker to re-sign JSON Web Signature (JWS) tokens. This stems from the library's compliance with the JSON Web Signature standards, which allows a JSON Web Key (JWK) embedding withi...

Discovered 13 hours ago

PoC for CVE-2023-30861

PalletsFlask7.5HIGH
Flask vulnerable to possible disclosure of permanent session cookie...

A vulnerability in the Flask framework allows for session data to be improperly cached by proxies, potentially exposing sensitive session cookies to unintended clients. This occurs when certain conditions are met: the application must be behind a caching proxy that fails to strip cookies, use per...

Discovered 22 hours ago

PoC for CVE-2021-43857

GerapyGerapy🟣 EPSS 42%9.8CRITICAL
Gerapy may contain remote code execution vulnerability

Gerapy is a distributed crawler management framework. Gerapy prior to version 0.9.8 is vulnerable to remote code execution, and this issue is patched in version 0.9.8.

Discovered 23 hours ago

PoC for CVE-2025-0671

WordPressIcegram Express
Stored Cross-Site Scripting Vulnerability in Icegram Express Plugin...

The Icegram Express WordPress plugin prior to version 5.7.50 is susceptible to a stored Cross-Site Scripting vulnerability due to inadequate sanitization and escaping of certain Template settings. This flaw could enable users with high privileges, such as admins, to execute malicious scripts on a...

Discovered 1 day ago

PoC for CVE-2024-12905

7.5HIGH
Improper Link Resolution and Path Traversal in tar-fs by Mafintosh

The tar-fs package contains vulnerabilities that allow for improper link resolution before file access and improper limitations on pathnames during file extraction. By exploiting these flaws, an attacker can craft a malicious tar file, leading to unauthorized file writes or overwrites outside the...

PoC for CVE-2024-42471

ActionsToolkit7.5HIGH
Arbitrary File Write Vulnerability in GitHub Actions

The GitHub ToolKit for developing GitHub Actions contains a vulnerability that allows arbitrary file writes when using methods like `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal`. Specifically, this vulnerability arises when processing specially crafted artifacts...

PoC for CVE-2023-25157

GeoserverGeoserver🟣 EPSS 94%9.8CRITICAL
Unfiltered SQL Injection Vulnerabilities in Geoserver

GeoServer, an open-source server for sharing and editing geospatial data, is susceptible to misuse in its PostGIS Datastore functions. This vulnerability arises from improper handling of certain function calls within the OGC Filter expression language and Common Query Language (CQL). Users are en...

Discovered 2 days ago

PoC for CVE-2024-12244

GitlabGitlab4.3MEDIUM
Access Control Flaw in GitLab EE Affects Multiple Versions

An access control flaw has been identified in GitLab EE that permits users to access sensitive project information, even when specific features are disabled. This issue impacts all versions of GitLab EE from 17.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. The vulnerability rel...

PoC for CVE-2025-0639

GitlabGitlab6.5MEDIUM
Service Availability Vulnerability in GitLab Community and Enterpri...

An issue has been identified in GitLab Community and Enterprise Editions that compromises service availability due to a problem with issue previews. This vulnerability impacts all versions of GitLab CE/EE from 16.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1. Users should ...

PoC for CVE-2025-1908

GitlabGitlab7.7HIGH
User Activity Tracking Vulnerability in GitLab Products by GitLab

A security issue has been identified in GitLab EE/CE that allows unauthorized tracking of user browsing activities. This tracking can lead to a complete account take-over by malicious actors. The vulnerability affects all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17...

PoC for CVE-2024-27876

AppleMac OS5.5MEDIUM
Apple Patches Race Condition Flaws in macOS, iOS, iPadOS, and Other...

A race condition vulnerability has been identified in Apple's operating systems that can be exploited via maliciously crafted archives. When unpacking such archives, the flaw permits attackers to write arbitrary files on the system, potentially compromising the integrity and confidentiality of se...

PoC for CVE-2025-2558

WordPressThe-wound8.6HIGH
Local File Inclusion Vulnerability in The-wound WordPress Theme by ...

The-wound WordPress theme prior to version 0.0.1 has a Local File Inclusion vulnerability that arises from improper validation of input parameters. This flaw allows unauthenticated users to exploit the theme, leading to potential unauthorized access to sensitive files on the server. By crafting s...

PoC for CVE-2025-1453

WordPressCategory Posts Widget4.8MEDIUM
Stored Cross-Site Scripting Vulnerability in Category Posts Widget ...

The Category Posts Widget plugin for WordPress prior to version 4.9.20 is susceptible to stored Cross-Site Scripting due to improper sanitization and escaping of certain settings. This flaw allows high privilege users, such as administrators, to potentially execute malicious scripts, even in envi...

Discovered 3 days ago

PoC for CVE-2025-24054

MicrosoftWindows 10 Version 1809🟣 EPSS 18%5.4MEDIUM
Spoofing Vulnerability in Windows NTLM by Microsoft

An external control of file name or path in Windows NTLM enables unauthorized attackers to exploit a vulnerability, leading to potential spoofing attacks over a network. This situation poses a significant threat as attackers may gain access to sensitive information or systems.

Discovered 4 days ago

PoC for CVE-2025-2594

WordPressUser Registration & Me...8.1HIGH
User Authentication Flaw in User Registration & Membership Plugin b...

The User Registration & Membership Plugin for WordPress, prior to version 4.1.3, suffers from a data validation flaw in an AJAX action, particularly when the Membership Addon is enabled. This vulnerability allows an attacker to authenticate as any user—including administrators—by exploiting the t...

PoC for CVE-2024-13569

WordPressFront End Users7.1HIGH
Reflected Cross-Site Scripting Vulnerability in Front End Users Wor...

The Front End Users plugin for WordPress, up to version 3.2.32, contains a vulnerability where a parameter is not properly sanitized and escaped before being displayed on the page. This oversight can be exploited to execute arbitrary JavaScript in the context of high privilege users, including ad...

PoC for CVE-2021-34371

Neo4jNeo4j🟣 EPSS 64%9.8CRITICAL
Remote Code Execution Vulnerability in Neo4j Database Server

Neo4j versions prior to 3.4.18, when the shell server is enabled, expose a Remote Method Invocation (RMI) service that is vulnerable to arbitrary deserialization of Java objects. This flaw allows attackers to exploit dependencies linked to insecure gadget chains, leading to potential remote code ...

PoC for CVE-2024-28987

SolarwindsWeb Help Desk🟣 EPSS 94%9.1CRITICAL
Unauthenticated Access to Internal Functionality and Data via Hardc...

The SolarWinds Web Help Desk software is susceptible to a hardcoded credential vulnerability that enables remote unauthenticated users to gain unauthorized access to the system's internal functionalities. This security flaw allows attackers to manipulate and modify critical data, potentially lead...

PoC for CVE-2025-3856

XxyopenNovel-plus5.3MEDIUM
SQL Injection Vulnerability in xxyopen Novel-Plus 5.1.0

A vulnerability has been identified in xxyopen's Novel-Plus version 5.1.0 that affects the 'searchByPage' function in the file '/book/searchByPage'. An attacker can manipulate the 'sort' argument, enabling SQL injection that can be exploited remotely. Despite the early notification to the vendor ...

PoC for CVE-2025-3855

CodecanyonRise Ultimate Project ...5.3MEDIUM
Improper Access Control in CodeCanyon RISE Ultimate Project Manager...

A significant vulnerability exists in the CodeCanyon RISE Ultimate Project Manager version 3.8.2, affecting the functionality of the Profile Picture Handler component. Specifically, the issue involves inadequate control over resource identifiers, particularly in the argument profile_image_file wi...

PoC for CVE-2025-3854

H3cGr-3000ax8.6HIGH
Buffer Overflow Vulnerability in H3C GR-3000AX Router

A buffer overflow vulnerability has been identified in the H3C GR-3000AX router, specifically within the HTTP POST Request Handler's functions such as EnableIpv6, UpdateWanModeMulti, UpdateIpv6Params, EditWlanMacList, and Edit_List_SSID. The vulnerability arises from improper handling of argument...

PoC for CVE-2025-3849

Yxj2018Springboot-vue-onlineexam5.3MEDIUM
Unverified Password Change Vulnerability in YXJ2018 SpringBoot-Vue-...

A vulnerability within YXJ2018 SpringBoot-Vue-OnlineExam allows attackers to change user passwords without verification by manipulating the studentId parameter through the /api/studentPWD endpoint. This flaw can be exploited remotely, raising serious security concerns as it jeopardizes user accou...

PoC for CVE-2024-40445

ForkoshMime Tex7.3HIGH
Directory Traversal Vulnerability in Forkosh Mime Tex Software by F...

The Forkosh Mime Tex software, prior to version 1.77, is susceptible to a directory traversal vulnerability. This flaw enables an attacker to manipulate file paths and potentially upload malicious files, culminating in arbitrary code execution on the server. Proper input validation measures shoul...

PoC for CVE-2025-3850

Yxj2018Springboot-vue-onlineexam6.3MEDIUM
Improper Authentication in YXJ2018 SpringBoot-Vue-OnlineExam by YXJ...

An improper authentication vulnerability has been identified in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This flaw affects the processing of the API component, allowing attackers to manipulate it for unauthorized access. Although the attack complexity is considered high and exploitation is known to...

PoC for CVE-2025-3846

MarkparticleWebserver6.9MEDIUM
SQL Injection Vulnerability in markparticle WebServer Registration ...

A vulnerability exists in the registration functionality of the markparticle WebServer, specifically located in the file code/http/httprequest.cpp. An attacker can exploit this vulnerability by manipulating the username and password parameters, leading to potential SQL injection attacks. This iss...

PoC for CVE-2025-3845

MarkparticleWebserver6.9MEDIUM
Buffer Overflow Vulnerability in markparticle WebServer by markpart...

A vulnerability has been identified in the markparticle WebServer, specifically affecting versions up to 1.0, where the Buffer::HasWritten function in buffer.cpp can be manipulated. This vulnerability enables attackers to initiate a buffer overflow by controlling the writePos_ argument, allowing ...

PoC for CVE-2025-3843

PanhainanDs-java5.3MEDIUM
Cross-Site Request Forgery in panhainan DS-Java 1.0

A security flaw has been identified in panhainan DS-Java 1.0, where an unknown function is susceptible to cross-site request forgery (CSRF). This vulnerability enables remote attackers to manipulate requests, potentially leading to unauthorized actions on behalf of authenticated users. The exploi...

PoC for CVE-2025-3842

PanhainanDs-java5.3MEDIUM
Code Injection Vulnerability in Panhainan DS-Java 1.0

A vulnerability exists in Panhainan's DS-Java 1.0, specifically within the function `uploadUserPic.action` located in the file `src/com/phn/action/FileUpload.java`. This flaw allows attackers to manipulate the `fileUpload` argument, potentially leading to code injection attacks. The vulnerability...

PoC for CVE-2025-3841

Wix-incubatorJam4.8MEDIUM
Improper Neutralization in Jinja2 Template Handler of Wix-Incubator...

A vulnerability exists in the Wix-Incubator Jam that impacts the Jinja2 Template Handler, specifically in the jam.py file. This issue arises from improper neutralization of the config['template'] argument, allowing special elements utilized in the template engine to be exploited. Attackers can po...

Discovered 5 days ago

PoC for CVE-2025-31200

AppleVisionos7.5HIGH
Memory Corruption Vulnerability in Apple Devices

A memory corruption issue has been found in various Apple operating systems, which could be exploited through a specially crafted audio stream in a media file. This vulnerability has the potential to allow unauthorized code execution, posing significant risk to impacted devices. Apple has impleme...

PoC for CVE-2025-30208

ViteVite🟣 EPSS 63%
Vite Frontend Development Tool Susceptible to File Access Vulnerabi...

A vulnerability in Vite's frontend development tooling allows attackers to bypass file access restrictions. Specifically, versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 expose the risk where app URLs can be manipulated with trailing query parameters such as '?raw?' or '?import&raw?' t...

PoC for CVE-2024-4577

PHP GroupPHP🟣 EPSS 94%9.8CRITICAL
PHP CGI Module Vulnerability Allows Malicious User to Reveal Source...

In certain versions of PHP, particularly 8.1.*, 8.2.*, and 8.3.* running on Windows with Apache and PHP-CGI, a vulnerability arises when specific code pages are configured. This results in Windows utilizing 'Best-Fit' behavior to handle character replacements for command-line inputs aimed at Win3...

PoC for CVE-2019-7238

SonatypeNexus🟣 EPSS 94%9.8CRITICAL
Access Control Flaw in Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager prior to version 3.15.0 contains an access control vulnerability that may allow unauthorized users to access restricted resources and perform unintended actions. This could lead to potential data leakage and compromise of sensitive information. It is crucial for ...

PoC for CVE-2023-50257

EprosimaFast-dds9.7CRITICAL
Discovery of a Vulnerability in Fast DDS Allowing Forced Disconnect...

In eProsima Fast DDS, a vulnerability arises due to a failure to encrypt the data (`p[UD]`) and `guid` values used for disconnecting between nodes. This allows an attacker to forcibly disconnect Subscribers from the system, preventing them from receiving any data. When an attacker continuously se...

PoC for CVE-2025-3830

KuangstudyKuangsimplebbs5.3MEDIUM
Unrestricted File Upload Vulnerability in Kuangstudy KuangSimpleBBS

An unrestricted file upload vulnerability exists in the Kuangstudy KuangSimpleBBS 1.0 software, specifically in the fileUpload function of the QuestionController.java file. This flaw allows attackers to upload potentially malicious files by manipulating the editormd-image-file argument. Such an e...

Discovered 6 days ago

PoC for CVE-2020-35730

RoundcubeWebmail🟣 EPSS 58%6.1MEDIUM
Cross-Site Scripting Vulnerability in Roundcube Webmail

A Cross-Site Scripting (XSS) vulnerability exists in Roundcube Webmail prior to version 1.2.13, 1.3.16, and 1.4.10. This flaw allows attackers to exploit the application by sending a specially crafted plain text email containing JavaScript code. The vulnerability arises from improper handling of ...

PoC for CVE-2025-3829

PHPgurukulMen Salon Management S...6.9MEDIUM
SQL Injection in PHPGurukul Men Salon Management System by PHPGurukul

A SQL injection vulnerability has been identified in the PHPGurukul Men Salon Management System version 1.0. This flaw exists in the /admin/sales-reports-detail.php file, where improper validation of the 'fromdate' and 'todate' parameters allows attackers to manipulate SQL queries. The vulnerabil...

PoC for CVE-2025-3828

PHPgurukulMen Salon Management S...6.9MEDIUM
SQL Injection Vulnerability in PHPGurukul Men Salon Management System

A SQL injection vulnerability exists within the PHPGurukul Men Salon Management System, specifically affecting the processing of the 'remark' parameter in the /admin/view-appointment.php script. This issue allows an attacker to craft a malicious request, potentially leading to unauthorized databa...

PoC for CVE-2025-3827

PHPgurukulMen Salon Management S...6.9MEDIUM
SQL Injection Vulnerability in PHPGurukul Men Salon Management System

A security flaw has been detected in the PHPGurukul Men Salon Management System version 1.0, specifically within the /admin/forgot-password.php file. This vulnerability allows attackers to manipulate email argument input, leading to SQL injection issues that can be exploited remotely. As the deta...

PoC for CVE-2025-43929

Kitty ProjectKitty7.8HIGH
Local Executable Execution Vulnerability in Kitty by Kovid Goyal

The vulnerability in Kitty before version 0.41.0 originates from the open_actions.py script, which fails to prompt users for confirmation before executing local files that may be linked within documents from untrusted sources, such as those opened in KDE Ghostwriter. This design flaw can allow ma...

PoC for CVE-2025-43921

GnuMailman5.3MEDIUM
GNU Mailman Vulnerability in cPanel Allows List Creation by Unauthe...

The vulnerability in GNU Mailman version 2.1.39, as packaged with cPanel, exposes an endpoint that allows unauthenticated attackers to create email distribution lists. This poses significant security risks, as it could be exploited to spread spam or malicious content, affecting the integrity and ...

PoC for CVE-2025-43920

GnuMailman8.1HIGH
Arbitrary Command Execution Vulnerability in GNU Mailman by cPanel

An arbitrary command execution vulnerability exists in GNU Mailman 2.1.39, bundled with cPanel and WHM, that permits unauthenticated attackers to execute arbitrary operating system commands. This occurs due to improper handling of shell metacharacters within the email Subject lines, potentially l...

PoC for CVE-2025-43919

GnuMailman7.5HIGH
Directory Traversal Vulnerability in GNU Mailman Bundled with cPanel

The vulnerability within GNU Mailman 2.1.39, as deployed in cPanel, permits unauthorized users to exploit a directory traversal flaw. By manipulating the username parameter at the private archive endpoint, attackers may access arbitrary files on the server, leading to potential exposure of sensit...

PoC for CVE-2025-3821

SourcecodesterWeb-based Pharmacy Pro...4.8MEDIUM
Cross Site Scripting Vulnerability in SourceCodester Web-based Phar...

A cross site scripting vulnerability exists in the add-admin.php file of the SourceCodester Web-based Pharmacy Product Management System 1.0. This flaw allows unauthorized remote attackers to manipulate input fields such as txtpassword, txtfullname, and txtemail, leading to potential malicious sc...