Publicly Disclosed
PoC Exploits

A vulnerability exists in Oracle VM VirtualBox that allows an unauthenticated attacker with access to the infrastructure where the software is deployed to exploit the system. This can lead to unauthorized control over Oracle VM VirtualBox, resulting in potential service disruptions such as freque...

A vulnerability exists within Apache Camel's camel-coap component that allows an unauthenticated attacker to exploit message header injection. By sending a single CoAP UDP packet to a Camel route that accepts coap:// input, attackers can inject arbitrary Camel internal headers into the Exchange. ...

OpenIdentityPlatform's OpenAM, an access management solution, is susceptible to a pre-authentication Remote Code Execution vulnerability due to unsafe Java deserialization. This issue arises from the handling of the jato.clientSession HTTP parameter, allowing unauthenticated attackers to execute ...

A flaw has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0, specifically affecting an unknown functionality of the file /index.php?page=types. By manipulating the argument ID, an attacker could potentially execute cross-site scripting (XSS) attacks, which can be performe...

A SQL injection vulnerability exists in SourceCodester Pharmacy Sales and Inventory System 1.0, specifically within the AJAX functionality at /ajax.php?action=delete_product. Maliciously crafted requests targeting the argument ID can lead to unauthorized access and potential manipulation of the d...

A security vulnerability has been identified in CodeAstro Online Classroom version 1.0, specifically within the /guestdetails file. The vulnerability arises from improper handling of an argument, 'deleteid', which allows remote attackers to execute SQL injection attacks. This manipulation can lea...

A security weakness has been discovered in the SourceCodester Pharmacy Sales and Inventory System 1.0, specifically within the file /ajax.php when processing the action save_product. This vulnerability allows attackers to manipulate the argument ID, leading to SQL injection. The flaw can be explo...

A security vulnerability has been identified in the OSPG binwalk tool, specifically in versions up to 2.4.3, affecting the read_null_terminated_string function within the WinCE Extraction Plugin. This flaw allows local attackers to manipulate the function's arguments and potentially exploit path ...

A security flaw exists in the ChatGPTNextWeb NextChat application up to version 2.16.1, primarily affecting the 'storeUrl' function within the 'app/api/artifacts/route.ts' file. This vulnerability allows for server-side request forgery (SSRF) through manipulation of the argument ID, enabling remo...

A security flaw in NextChat versions up to 2.16.1 allows attackers to exploit the proxyHandler function within app/api/[provider]/[...path]/route.ts, posing a server-side request forgery vulnerability. This issue can be exploited remotely, potentially allowing unauthorized access to internal reso...

A vulnerability has been identified in the Tenda HG3 router involving command injection through the formTracert function located in the /boaform/formTracert file. This flaw allows an attacker to manipulate the datasize argument, potentially enabling remote code execution. Given the public disclos...

A path traversal vulnerability has been identified in the douinc mkdocs-mcp-plugin version 0.4.1. This issue allows attackers to manipulate inputs intended for the read_document and list_documents functions within the server.py file. An attacker could potentially trick the affected function into ...

A vulnerability exists in the dmitryglhf MCP-URL-Downloader that allows for server-side request forgery due to improper validation of URLs in the _validate_url_safe function. This issue can be exploited remotely, allowing attackers to manipulate the URL argument and potentially access sensitive d...

A command injection vulnerability exists in the disler aider-mcp-server, specifically within the functionality of src/aider_mcp_server/server.py. This flaw allows attackers to manipulate the argument 'relative_editable_files', making remote exploitation possible. The vulnerability is present in v...

A vulnerability has been identified in the Totolink A8000RU, specifically in the CGI Handler component's CsteSystem function. This flaw allows for manipulation of the HTTP argument, leading to potential OS command injection. Attackers can exploit this vulnerability remotely, posing a significant ...

A vulnerability has been found in the Totolink A8000RU version 7.1cu.643_b20200521, specifically within the CGI component. This flaw resides in the setLoginPasswordCfg function within the cgi-bin/cstecgi.cgi file. By manipulating the admpass argument, an attacker can execute arbitrary OS commands...

A security vulnerability has been identified in the Totolink A8000RU version 7.1cu.643_b20200521, particularly in the functionality of the CGI Handler. This weakness arises from the setAdvancedInfoShow method, where an improperly handled input parameter, tty_server, allows an attacker to conduct ...

A security flaw has been identified in the Totolink A8000RU router, specifically within the CGI Handler component. The vulnerability arises from improper handling of the 'sys_info' argument in the 'setMiniuiHomeInfoShow' function of the /cgi-bin/cstecgi.cgi file. This oversight allows an attacker...

An OS command injection vulnerability exists in the Totolink A8000RU router firmware version 7.1cu.643_b20200521. Specifically, the flaw lies in the 'setTelnetCfg' function within the '/cgi-bin/cstecgi.cgi' CGI Handler component. This vulnerability enables remote attackers to exploit the telnet_e...

The Anthropic Claude Code CLI and Claude Agent SDK are susceptible to an OS command injection vulnerability in the authentication helper execution. This flaw arises from the lack of input validation in the execution of helper configuration values, allowing an attacker with the ability to manipula...

A stack-based buffer overflow exists in the Tenda HG3 model 2.0 due to insufficient validation in the formUploadConfig function located in the /boaform/formIPv6Routing file. This insecurity can be exploited remotely by manipulating the destNet parameter, potentially allowing an attacker to execut...

A vulnerability exists in the dh1011 Auto-Favicon MCP Tool within the generate_favicon_from_url function. The flaw allows an attacker to manipulate the image_url argument, leading to potential server-side request forgery. This manipulation can be executed remotely, putting systems at risk of unau...

A path traversal vulnerability exists in the dexhunter kaggle-mcp project, specifically within the prepare_kaggle_dataset function located in the src/kaggle_mcp/server.py file. An attacker can exploit this vulnerability by manipulating the competition_id argument, allowing unauthorized access to ...

A security vulnerability has been identified in CodeAstro Online Classroom 1.0. The flaw exists in the /addnewfaculty file, where improper handling of the 'fname' argument allows for SQL injection. This can enable an attacker to manipulate database queries from a remote location, exposing sensiti...

A vulnerability exists in JoeCastrom's mcp-chat-studio product, specifically in the LLM Models API component. The issue stems from improper handling of the req.query.base_url argument in the file server/routes/llm.js. This flaw permits a server-side request forgery, allowing attackers to manipula...

A security vulnerability has been identified within the mcp-data-vis product by AlejandroArciniegas that exposes the system to server-side request forgery (SSRF). This flaw arises from the handling of HTTP requests in the axios function located in the src/servers/web-scraper/server.js file. Malic...

A Cross Site Request Forgery vulnerability exists in Diskover Community versions prior to 2.3.5, allowing remote attackers to exploit the public/settings_process.php endpoint. This could potentially lead to privilege escalation and unauthorized access to sensitive information, putting user data a...

A security flaw in the 1000 Projects Portfolio Management System MCA 1.0 allows attackers to bypass authorization through manipulation of the temp_user argument in the update_passwd_process.php file. This flaw can be exploited remotely, raising significant security concerns as it may lead to unau...

A vulnerability has been discovered in the 1000 Projects Portfolio Management System MCA affecting versions up to 1.0. This vulnerability resides in the /admin/block_status.php file, where improper handling of the query parameter 'q' can lead to SQL injection. Such a flaw enables remote attackers...

A vulnerability exists in Wooey's API Endpoint, particularly in the 'add_or_update_script' function found in the file 'wooey/api/scripts.py'. This issue can be exploited to perform improper authorization, allowing for remote attacks. It's crucial for users running versions up to 0.13.2 to upgrade...

A vulnerability was identified in the vllm library, affecting versions up to 0.19.0, specifically within the has_mamba_layers function of the KV Block Handler component. This issue stems from uninitialized resources, which could potentially enable remote exploitation. Although the complexity of c...

A security vulnerability exists in the Totolink A8000RU, where manipulation of the argument HTTP within the CsteSystem function of the CGI Handler can lead to OS command injection. This vulnerability allows remote attackers to execute arbitrary commands on the device, posing a significant threat ...

A significant vulnerability has been identified in the Totolink A8000RU router, specifically within the setWiFiAclRules function located in the /cgi-bin/cstecgi.cgi file of the CGI Handler component. This flaw allows remote attackers to manipulate the mode argument, potentially leading to unautho...

A security flaw has been identified in the Totolink A8000RU router, specifically within the CGI Handler component's setNtpCfg function. This vulnerability allows an attacker to manipulate the 'tz' argument, facilitating an OS command injection. The attack can be executed remotely, potentially com...

A security vulnerability has been identified in Totolink A8000RU routers, specifically in the setStorageCfg function of the /cgi-bin/cstecgi.cgi component. This issue arises from improper handling of the sambaEnabled argument, which could allow an attacker to execute arbitrary OS commands remotel...

A command injection vulnerability exists in the CGI Handler of the Totolink A8000RU router, specifically within the setDmzCfg function found in /cgi-bin/cstecgi.cgi. This security flaw allows an attacker to manipulate the wanIdx argument to execute arbitrary commands on the operating system. With...

A security flaw has been identified in GPAC's MP4Box component, specifically within the elng_box_read function located in src/isomedia/box_code_base.c. This vulnerability facilitates an out-of-bounds read when the elng argument is manipulated. The exploit requires local access and has been made p...

ProjeQtor versions from 7.0 to 12.4.3 feature a stored cross-site scripting vulnerability that arises from inadequate restrictions on file uploads. Specifically, the checkValidFileName() function allows authenticated users to upload HTML files containing malicious JavaScript. As a result, users a...

ProjeQtor versions 7.0 to 12.4.3 are susceptible to a stored cross-site scripting (XSS) vulnerability due to inadequate input sanitization in the checkValidHtmlText() function within Security.php. This vulnerability allows adversaries to inject malicious scripts that can be stored and executed in...

The ProjeQtor application versions 7.0 to 12.4.3 has a vulnerability in its log file viewer located at dynamicDialog.php. This vulnerability allows authenticated attackers to exploit the logname parameter, which fails to properly validate input against directory traversal sequences. By injecting ...

ProjeQtor versions 7.0 through 12.4.3 are affected by a vulnerability that allows authenticated users with guest-level privileges to access sensitive data, including password hashes and API keys. The flaw exists in the objectDetail.php endpoint, which lacks adequate authorization checks. This per...

ProjeQtor, versions 7.0 through 12.4.3, is susceptible to a ZipSlip path traversal vulnerability. This security flaw is present in the plugin's upload functionality, allowing authenticated attackers with upload permissions to exploit unvalidated archive extraction. By using specially crafted ZIP ...

ProjeQtor versions 7.0 to 12.4.3 are susceptible to an unauthenticated SQL injection vulnerability within the login functionality. This occurs when the application dynamically constructs SQL queries without proper parameterization or sanitization of user inputs. Attackers can exploit this vulnera...

A manipulation vulnerability exists in the Online Lot Reservation System version 1.0, specifically in the /edithousepic.php file. By exploiting improper handling of the image argument, an attacker could perform an unrestricted file upload, potentially allowing the execution of unauthorized script...

The Online Lot Reservation System 1.0 from code-projects contains a vulnerability in the /activity.php file that allows remote attackers to manipulate the argument directory, leading to unrestricted file uploads. This flaw can be exploited to upload malicious files to the server, potentially comp...

A vulnerability exists in the Online Lot Reservation System up to version 1.0, specifically within the readfile function of the /download.php file. This issue allows remote attackers to manipulate the 'File' argument, leading to potential path traversal attacks. The vulnerability can expose sensi...

A SQL injection vulnerability has been identified in the code-projects Online Lot Reservation System up to version 1.0. The vulnerability resides in the '/loginuser.php' file, which enables an attacker to manipulate the email and password arguments. This manipulation could potentially allow for u...

The SourceCodester Pharmacy Sales and Inventory System 1.0 contains a vulnerability due to improper input validation in an unknown function within the /ajax.php file. An attacker can exploit this flaw by manipulating the argument ID during a remote request, potentially leading to unauthorized acc...

A vulnerability exists in the SourceCodester Pharmacy Sales and Inventory System version 1.0, specifically in the /index.php?page=categories file. An attacker can manipulate the 'ID' argument to execute cross-site scripting attacks remotely. This exploit has become public, posing significant secu...

A vulnerability has been discovered in the SourceCodester Pharmacy Sales and Inventory System version 1.0 that allows for remote SQL injection through manipulation of parameters in the file /ajax.php?action=save_type. This exploitation can lead to unauthorized access and manipulation of the datab...