Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered 3 hours ago

PoC for CVE-2024-9465

Palo Alto NetworksExpedition🟣 EPSS 95%9.1CRITICAL
UnAuthenticated SQL Injection Vulnerability in Palo Alto Networks E...

The articles discuss critical security vulnerabilities in various products from different vendors. The vulnerability in Palo Alto Networks Expedition allows unauthenticated attackers to reveal database contents, create and read arbitrary files, and execute arbitrary OS commands, potentially leadi...

Discovered 10 hours ago

PoC for CVE-2022-26318

WatchguardFireware🟣 EPSS 83%9.8CRITICAL
Watchguard - Fireware

On WatchGuard Firebox and XTM appliances, an unauthenticated user can execute arbitrary code, aka FBX-22786. This vulnerability impacts Fireware OS before 12.7.2_U2, 12.x before 12.1.3_U8, and 12.2.x through 12.5.x before 12.5.9_U2.

Discovered 18 hours ago

PoC for CVE-2024-31317

GoogleAndroid
Unpatched Deserialization Vulnerability in ZygoteProcess.java Could...

In multiple functions of ZygoteProcess.java, there is a possible way to achieve code execution as any app via WRITE_SECURE_SETTINGS due to unsafe deserialization. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Discovered 22 hours ago

PoC for CVE-2023-4220

ChamiloChamilo🟣 EPSS 95%6.1MEDIUM
Chamilo LMS vulnerability exposed to stored cross-site scripting an...

Unrestricted file upload in big file upload functionality in `/main/inc/lib/javascript/bigupload/inc/bigUpload.php` in Chamilo LMS <= v1.11.24 allows unauthenticated attackers to perform stored cross-site scripting attacks and obtain remote code execution via uploading of web shell.

Discovered 1 day ago

PoC for CVE-2024-11680

ProjectsendProjectsend9.8CRITICAL
Improper Authentication Vulnerability Affects ProjectSend

Vulnerability: CVE-2024-11680 Software: ProjectSend Potential Impact: Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create ...

PoC for CVE-2021-3129

FacadeIgnition🟣 EPSS 97%9.8CRITICAL
Facade - Ignition

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and file_put_contents(). This is exploitable on sites using debug mode with Laravel before 8.4.2.

PoC for CVE-2024-46538

pfsensePfsense4.8MEDIUM
Cross-site Scripting (XSS) Vulnerability in pfsense v2.5.2

The vulnerability CVE-2024-46538 is a critical security flaw in pfSense version 2.5.2 that allows attackers to execute arbitrary code on affected systems. It is a stored cross-site scripting (XSS) vulnerability that can be exploited to achieve remote code execution (RCE). The flaw is due to insuf...

PoC for CVE-2024-34102

AdobeAdobe Commerce🟣 EPSS 97%9.8CRITICAL
Adobe Commerce Vulnerable to Arbitrary Code Execution via XML Exter...

The vulnerability identified as CVE-2024-34102 affects Adobe Commerce and Magento Open Source, posing a serious security threat. The vulnerability allows attackers to read sensitive files containing passwords and execute remote code, potentially gaining full control over the affected e-commerce p...

PoC for CVE-2022-1386

Theme-fusionFusion Builder🟣 EPSS 23%9.8CRITICAL
Fusion Builder < 3.6.2 - Unauthenticated SSRF

The Fusion Builder WordPress plugin before 3.6.2, used in the Avada theme, does not validate a parameter in its forms which could be used to initiate arbitrary HTTP requests. The data returned is then reflected back in the application's response. This could be used to interact with hosts on the s...

Discovered 2 days ago

PoC for CVE-2021-42260

Tinyxml ProjectTinyxml7.5HIGH
Tinyxml Project - Tinyxml

TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service.

PoC for CVE-2024-5910

Palo Alto NetworksExpedition🟣 EPSS 97%9.8CRITICAL
Expedition Admin Account Takeover Risk Due to Missing Authentication

CVE-2024-5910 is a critical vulnerability in the Palo Alto Networks Expedition Migration Tool, with a high CVSS score of 9.3. It allows for attackers with network access to Expedition to take over the admin account due to missing authentication for a critical function. This puts configuration sec...

PoC for CVE-2024-10914

D-LinkDns-320 Firmware🟣 EPSS 17%9.8CRITICAL
D-Link Routers Vulnerable to OS Command Injection Attacks

A critical vulnerability, CVE-2024-10914, has been found in D-Link network-attached storage devices that have reached end-of-life. This vulnerability allows attackers to execute arbitrary shell commands remotely using crafted HTTP GET requests. The flaw affects multiple models of D-Link NAS devic...

PoC for CVE-2024-42327

ZabbixZabbix9.9CRITICAL
Non-admin user account vulnerability in Zabbix frontend

The CVE-2024-42327 vulnerability in the Zabbix frontend allows non-admin user accounts with API access to perform SQL injection, potentially leading to full system compromise. Zabbix released patches for affected versions and urges customers to upgrade to protect against privilege escalation atta...

PoC for CVE-2024-9465

Palo Alto NetworksExpedition🟣 EPSS 95%9.1CRITICAL
UnAuthenticated SQL Injection Vulnerability in Palo Alto Networks E...

The articles discuss critical security vulnerabilities in various products from different vendors. The vulnerability in Palo Alto Networks Expedition allows unauthenticated attackers to reveal database contents, create and read arbitrary files, and execute arbitrary OS commands, potentially leadi...

Discovered 3 days ago

PoC for CVE-2024-5124

GaizhenbiaoGaizhenbiao/chuanhucha...7.5HIGH
Timing Attack Vulnerability in Password Comparison Logic Exposes Se...

A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. The vulnerability is present in version 20240310 of the software, where passwords are compared using the '=' operator in Python. This method of comparison allows a...

PoC for CVE-2024-8672

MarketingfireWidget Options – The #...9.9CRITICAL
Plugin Vulnerable to Remote Code Execution

The Widget Options – The #1 WordPress Widget & Block Control Plugin plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.0.7 via the display logic functionality that extends several page builders. This is due to the plugin allowing users to supply in...

Discovered 4 days ago

PoC for CVE-2024-52940

AnyDesk
Inadvertent Exposure of Public IP Address

AnyDesk through 8.1.0 on Windows, when Allow Direct Connections is enabled, inadvertently exposes a public IP address within network traffic. The attacker must know the victim's AnyDesk ID.

PoC for CVE-2024-38816

SpringSpring7.5HIGH
Spring WebApplications Vulnerable to Path Traversal Attacks

The vulnerability with the ID CVE-2024-38816 affects Spring WebApplications that serve static resources through WebMvc.fn or WebFlux.fn. This vulnerability allows attackers to perform path traversal attacks, resulting in the unauthorized access of files on the server. It has a potential impact on...

PoC for CVE-2024-22734

AMCS Group
Local Attackers Can Obtain Sensitive Information via Hard-Coded AES...

An issue was discovered in AMCS Group Trux Waste Management Software before version 7.19.0018.26912, allows local attackers to obtain sensitive information via a static, hard-coded AES Key-IV pair in the TxUtilities.dll and TruxUser.cfg components.

PoC for CVE-2024-48990

NeedrestartNeedrestart7.8HIGH
Qualys: Needrestart Zero-Day Vulnerability Allows Root Access with ...

Qualys discovered that needrestart, before version 3.8, allows local attackers to execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable.

PoC for CVE-2024-11320

Pandora FmsPandora Fms9.8CRITICAL
Arbitrary Commands Execution Vulnerability in Pandora FMS due to LD...

Arbitrary commands execution on the server by exploiting a command injection vulnerability in the LDAP authentication mechanism. This issue affects Pandora FMS: from 700 through <=777.4

Discovered 5 days ago

PoC for CVE-2019-1010174

CimgThe Cimg Library9.8CRITICAL
Cimg - The Cimg Library

CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE. The component is: load_network() function. The attack vector is: Loading an image from a user-controllable url can lead to command injection, because no string sanitization is done on the url. The fix...

PoC for CVE-2024-10220

KubernetesKubelet8.1HIGH
Kubernetes kubelet vulnerability allows arbitrary command execution...

A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of container boundaries.The vulnerability tracked as CVE-2024-10220 with a CVSS score of 8.1, affects Kubernetes clusters running specific versions of kubelet. The...

PoC for CVE-2024-42327

ZabbixZabbix9.9CRITICAL
Non-admin user account vulnerability in Zabbix frontend

The CVE-2024-42327 vulnerability in the Zabbix frontend allows non-admin user accounts with API access to perform SQL injection, potentially leading to full system compromise. Zabbix released patches for affected versions and urges customers to upgrade to protect against privilege escalation atta...

PoC for CVE-2022-37042

ZimbraCollaboration🟣 EPSS 98%9.8CRITICAL
Zimbra - Collaboration

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP archive and extracts files from it. By bypassing authentication (i.e., not having an authtoken), an attacker can upload arbitrary files to the system, leading to directory traversal and remote code ex...

PoC for CVE-2023-0297

pyloadpyload/pyload🟣 EPSS 58%9.8CRITICAL
Code Injection in pyload/pyload

Code Injection in GitHub repository pyload/pyload prior to 0.5.0b3.dev31.

PoC for CVE-2024-6387

Red HatRed Hat Enterprise Lin...8.1HIGH
Signal Handler Race Condition in OpenSSH's Server

The "regreSSHion" vulnerability (CVE-2024-6387) affects the OpenSSH server in Linux that relies on the GNU C library (glibc). This vulnerability allows remote arbitrary code execution with root privileges without authentication. It is a regression of a previously fixed vulnerability and affects a...

PoC for CVE-2023-41425

WondercmsWondercms6.1MEDIUM
Wondercms

Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.

PoC for CVE-2024-44285

AppleVisionos7.8HIGH
Apple Patches Use-After-Free Vulnerability in iOS, iPadOS, watchOS,...

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.1 and iPadOS 18.1, watchOS 11.1, visionOS 2.1, tvOS 18.1. An app may be able to cause unexpected system termination or corrupt kernel memory.

PoC for CVE-2023-28205

AppleiOS and iPadOS8.8HIGH
Safari Addresses Use After Free Issue, Preventing Malicious Code Ex...

The Safari web browser developed by Apple is the subject of two actively exploited zero-day vulnerabilities, known as CVE-2023-28205 and CVE-2023-28206. These vulnerabilities have been exploited in tandem to achieve full device compromise, potentially allowing the installation of spyware on affec...

Discovered 6 days ago

PoC for CVE-2024-52800

VeraPDFVeraPDF-library
Remote Code Execution Vulnerability in veraPDF via Custom Schematro...

veraPDF is an open source PDF/A validation library. Executing policy checks using custom schematron files via the CLI invokes an XSL transformation that may theoretically lead to a remote code execution (RCE) vulnerability. This doesn't affect the standard validation and policy checks functionali...

PoC for CVE-2024-3400

Palo Alto NetworksPan-os🟣 EPSS 96%10CRITICAL
Palo Alto Networks PAN-OS Command Injection Vulnerability

A critical command injection vulnerability (CVE-2024-3400) is being exploited in Palo Alto Networks' firewalls, allowing attackers to execute arbitrary code with root privileges. This affects GlobalProtect feature in PAN-OS versions 10.2, 11.0, and 11.1, but not Panorama appliances, Cloud NGFW, a...

PoC for CVE-2024-52301

Laravel
Ignoring Arguments for Environment Detection

CVE-2024-52301 is a critical vulnerability in the Laravel web application framework that allows attackers to change the environment used by the framework when handling requests. This can lead to unauthorized access, privilege escalation, data tampering, and potential further system compromise. Th...

PoC for CVE-2017-7921

HikvisionHikvision Cameras10CRITICAL
Hikvision - Hikvision Cameras

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 ...

PoC for CVE-2024-21683

AtlassianConfluence Data Center🟣 EPSS 94%8.8HIGH
High Severity RCE Vulnerability Affects Atlassian Confluence Data C...

The high severity RCE vulnerability, tracked as CVE-2024-21683, affects Atlassian Confluence Data Center and Server, with a CVSS Score of 8.3. It allows an authenticated attacker to execute arbitrary code, potentially resulting in complete system takeovers, deployment of malware, system configura...

PoC for CVE-2021-26690

ApacheApache Http Server7.5HIGH
mod_session NULL pointer dereference

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service

Discovered 1 week ago

PoC for CVE-2024-11477

7-zip7-zip7.8HIGH
7-Zip Zstandard Decompression Integer Underflow Remote Code Executi...

The vulnerability identified as CVE-2024-11477 is a critical security flaw in the popular file archiving tool 7-Zip, which allows attackers to execute arbitrary code remotely. It originates from an integer underflow in the Zstandard decompression implementation and can result in memory corruption...

PoC for CVE-2018-0886

MicrosoftWindows🟣 EPSS 68%7HIGH
Microsoft - Windows

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code exe...

PoC for CVE-2022-41678

ApacheApache ActiveMQ8.8HIGH
Apache ActiveMQ: Insufficient API restrictions on Jolokia allow aut...

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution.  In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandler#handlePostRequest is able to create JmxReques...

PoC for CVE-2024-21534

Json Path PlusJsonpath-plus9.8CRITICAL
Remote Code Execution Vulnerability in jsonpath-plus Prior to 10.0.0

All versions of the package jsonpath-plus are vulnerable to Remote Code Execution (RCE) due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. **Note:** There were several attempts to fix it in versions [10...

PoC for CVE-2018-13379

FortinetFortinet FortiOS, Fort...🟣 EPSS 97%9.8CRITICAL
Fortinet - Fortinet FortiOS, Fortiproxy

An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download sys...

PoC for CVE-2024-23113

FortinetFortiswitchmanager9.8CRITICAL
Fortinet FortiOS Vulnerability Allows Unauthorized Code Execution

The CVE-2024-23113 vulnerability in Fortinet's FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager products is being actively exploited in the wild, with information from the CISA and Wiz researchers confirming this. The vulnerability allows unauthorized code execution via specially crafted pac...

PoC for CVE-2024-11003

NeedrestartNeedrestart7.8HIGH
Unsanitized Data Passing in Needrestart Could Allow Local Attack

Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library (Modules::ScanDeps) which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps.

PoC for CVE-2019-5736

DockerDocker8.6HIGH
Docker

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an atta...

PoC for CVE-2024-10914

D-LinkDns-320 Firmware🟣 EPSS 17%9.8CRITICAL
D-Link Routers Vulnerable to OS Command Injection Attacks

A critical vulnerability, CVE-2024-10914, has been found in D-Link network-attached storage devices that have reached end-of-life. This vulnerability allows attackers to execute arbitrary shell commands remotely using crafted HTTP GET requests. The flaw affects multiple models of D-Link NAS devic...

PoC for CVE-2024-36401

GeoserverGeoserver🟣 EPSS 96%9.8CRITICAL
Remote Code Execution Vulnerability in GeoServer Prior to Versions ...

A remote code execution vulnerability (CVE-2024-36401) in GeoServer versions 2.23.6, 2.24.4, and 2.25.2 allows unauthenticated users to execute arbitrary code through specially crafted input against a default GeoServer installation due to unsafely evaluating property names as XPath expressions. T...

PoC for CVE-2024-39090

PHPGurukul
Attackers Can Execute Arbitrary JavaScript Code via CSRF and XSS in...

The PHPGurukul Online Shopping Portal Project version 2.0 contains a vulnerability that allows Cross-Site Request Forgery (CSRF) to lead to Stored Cross-Site Scripting (XSS). An attacker can exploit this vulnerability to execute arbitrary JavaScript code in the context of a user's session, potent...

PoC for CVE-2024-9326

PHPgurukulOnline Shopping Portal9.8CRITICAL
Critical SQL Injection Vulnerability in PHPGurukul Online Shopping ...

A vulnerability classified as critical was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /shopping/admin/index.php of the component Admin Panel. The manipulation of the argument username leads to sql injection. The attack can be initiated remo...

PoC for CVE-2024-10920

Mariazevedo88Travels-java-api3.7LOW
Mariazevedo88 - Travels-java-api

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as problematic. Affected by this issue is the function doFilterInternal of the file travels-java-api-master\src\main\java\io\github\mariazevedo88\travelsjavaapi\filters\JwtAuthenticationTokenFilter.java of the ...

PoC for CVE-2024-10542

CleantalkSpam Protection, Anti-...9.8CRITICAL
arbitrary plugin installation vulnerability in CleanTalk plugin

The Spam protection, Anti-Spam, FireWall by CleanTalk plugin for WordPress is vulnerable to unauthorized Arbitrary Plugin Installation due to an authorization bypass via reverse DNS spoofing on the checkWithoutToken function in all versions up to, and including, 6.43.2. This makes it possible for...