Publicly Disclosed
PoC Exploits

🔴 Alway take caution when working with PoC Exploits 🔴

Discovered 56 minutes ago

PoC for CVE-2024-12905

7.5HIGH
Improper Link Resolution and Path Traversal in tar-fs by Mafintosh

The tar-fs package contains vulnerabilities that allow for improper link resolution before file access and improper limitations on pathnames during file extraction. By exploiting these flaws, an attacker can craft a malicious tar file, leading to unauthorized file writes or overwrites outside the...

Discovered 1 hour ago

PoC for CVE-2024-42471

ActionsToolkit7.5HIGH
Arbitrary File Write Vulnerability in GitHub Actions

The GitHub ToolKit for developing GitHub Actions contains a vulnerability that allows arbitrary file writes when using methods like `downloadArtifactInternal`, `downloadArtifactPublic`, or `streamExtractExternal`. Specifically, this vulnerability arises when processing specially crafted artifacts...

Discovered 7 hours ago

PoC for CVE-2023-25157

GeoserverGeoserver🟣 EPSS 94%9.8CRITICAL
Unfiltered SQL Injection Vulnerabilities in Geoserver

GeoServer, an open-source server for sharing and editing geospatial data, is susceptible to misuse in its PostGIS Datastore functions. This vulnerability arises from improper handling of certain function calls within the OGC Filter expression language and Common Query Language (CQL). Users are en...

Discovered 18 hours ago

PoC for CVE-2024-12244

GitlabGitlab4.3MEDIUM
Access Control Flaw in GitLab EE Affects Multiple Versions

An access control flaw has been identified in GitLab EE that permits users to access sensitive project information, even when specific features are disabled. This issue impacts all versions of GitLab EE from 17.7 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17.11.1. The vulnerability rel...

PoC for CVE-2025-0639

GitlabGitlab6.5MEDIUM
Service Availability Vulnerability in GitLab Community and Enterpri...

An issue has been identified in GitLab Community and Enterprise Editions that compromises service availability due to a problem with issue previews. This vulnerability impacts all versions of GitLab CE/EE from 16.7 prior to 17.9.7, 17.10 prior to 17.10.5, and 17.11 prior to 17.11.1. Users should ...

PoC for CVE-2025-1908

GitlabGitlab7.7HIGH
User Activity Tracking Vulnerability in GitLab Products by GitLab

A security issue has been identified in GitLab EE/CE that allows unauthorized tracking of user browsing activities. This tracking can lead to a complete account take-over by malicious actors. The vulnerability affects all versions from 16.6 before 17.9.7, 17.10 before 17.10.5, and 17.11 before 17...

Discovered 19 hours ago

PoC for CVE-2024-27876

AppleMac OS5.5MEDIUM
Apple Patches Race Condition Flaws in macOS, iOS, iPadOS, and Other...

A race condition vulnerability has been identified in Apple's operating systems that can be exploited via maliciously crafted archives. When unpacking such archives, the flaw permits attackers to write arbitrary files on the system, potentially compromising the integrity and confidentiality of se...

Discovered 20 hours ago

PoC for CVE-2025-2558

WordPressThe-wound8.6HIGH
Local File Inclusion Vulnerability in The-wound WordPress Theme by ...

The-wound WordPress theme prior to version 0.0.1 has a Local File Inclusion vulnerability that arises from improper validation of input parameters. This flaw allows unauthenticated users to exploit the theme, leading to potential unauthorized access to sensitive files on the server. By crafting s...

PoC for CVE-2025-1453

WordPressCategory Posts Widget4.8MEDIUM
Stored Cross-Site Scripting Vulnerability in Category Posts Widget ...

The Category Posts Widget plugin for WordPress prior to version 4.9.20 is susceptible to stored Cross-Site Scripting due to improper sanitization and escaping of certain settings. This flaw allows high privilege users, such as administrators, to potentially execute malicious scripts, even in envi...

Discovered 2 days ago

PoC for CVE-2025-24054

MicrosoftWindows 10 Version 1809🟣 EPSS 20%5.4MEDIUM
Spoofing Vulnerability in Windows NTLM by Microsoft

An external control of file name or path in Windows NTLM enables unauthorized attackers to exploit a vulnerability, leading to potential spoofing attacks over a network. This situation poses a significant threat as attackers may gain access to sensitive information or systems.

Discovered 3 days ago

PoC for CVE-2025-2594

WordPressUser Registration & Me...8.1HIGH
User Authentication Flaw in User Registration & Membership Plugin b...

The User Registration & Membership Plugin for WordPress, prior to version 4.1.3, suffers from a data validation flaw in an AJAX action, particularly when the Membership Addon is enabled. This vulnerability allows an attacker to authenticate as any user—including administrators—by exploiting the t...

PoC for CVE-2024-13569

WordPressFront End Users7.1HIGH
Reflected Cross-Site Scripting Vulnerability in Front End Users Wor...

The Front End Users plugin for WordPress, up to version 3.2.32, contains a vulnerability where a parameter is not properly sanitized and escaped before being displayed on the page. This oversight can be exploited to execute arbitrary JavaScript in the context of high privilege users, including ad...

PoC for CVE-2021-34371

Neo4jNeo4j🟣 EPSS 64%9.8CRITICAL
Remote Code Execution Vulnerability in Neo4j Database Server

Neo4j versions prior to 3.4.18, when the shell server is enabled, expose a Remote Method Invocation (RMI) service that is vulnerable to arbitrary deserialization of Java objects. This flaw allows attackers to exploit dependencies linked to insecure gadget chains, leading to potential remote code ...

PoC for CVE-2024-28987

SolarwindsWeb Help Desk🟣 EPSS 94%9.1CRITICAL
Unauthenticated Access to Internal Functionality and Data via Hardc...

The SolarWinds Web Help Desk software is susceptible to a hardcoded credential vulnerability that enables remote unauthenticated users to gain unauthorized access to the system's internal functionalities. This security flaw allows attackers to manipulate and modify critical data, potentially lead...

PoC for CVE-2025-3856

XxyopenNovel-plus5.3MEDIUM
SQL Injection Vulnerability in xxyopen Novel-Plus 5.1.0

A vulnerability has been identified in xxyopen's Novel-Plus version 5.1.0 that affects the 'searchByPage' function in the file '/book/searchByPage'. An attacker can manipulate the 'sort' argument, enabling SQL injection that can be exploited remotely. Despite the early notification to the vendor ...

PoC for CVE-2025-3855

CodecanyonRise Ultimate Project ...5.3MEDIUM
Improper Access Control in CodeCanyon RISE Ultimate Project Manager...

A significant vulnerability exists in the CodeCanyon RISE Ultimate Project Manager version 3.8.2, affecting the functionality of the Profile Picture Handler component. Specifically, the issue involves inadequate control over resource identifiers, particularly in the argument profile_image_file wi...

PoC for CVE-2025-3854

H3cGr-3000ax8.6HIGH
Buffer Overflow Vulnerability in H3C GR-3000AX Router

A buffer overflow vulnerability has been identified in the H3C GR-3000AX router, specifically within the HTTP POST Request Handler's functions such as EnableIpv6, UpdateWanModeMulti, UpdateIpv6Params, EditWlanMacList, and Edit_List_SSID. The vulnerability arises from improper handling of argument...

PoC for CVE-2025-3849

Yxj2018Springboot-vue-onlineexam5.3MEDIUM
Unverified Password Change Vulnerability in YXJ2018 SpringBoot-Vue-...

A vulnerability within YXJ2018 SpringBoot-Vue-OnlineExam allows attackers to change user passwords without verification by manipulating the studentId parameter through the /api/studentPWD endpoint. This flaw can be exploited remotely, raising serious security concerns as it jeopardizes user accou...

PoC for CVE-2024-40445

ForkoshMime Tex7.3HIGH
Directory Traversal Vulnerability in Forkosh Mime Tex Software by F...

The Forkosh Mime Tex software, prior to version 1.77, is susceptible to a directory traversal vulnerability. This flaw enables an attacker to manipulate file paths and potentially upload malicious files, culminating in arbitrary code execution on the server. Proper input validation measures shoul...

PoC for CVE-2025-3850

Yxj2018Springboot-vue-onlineexam6.3MEDIUM
Improper Authentication in YXJ2018 SpringBoot-Vue-OnlineExam by YXJ...

An improper authentication vulnerability has been identified in YXJ2018 SpringBoot-Vue-OnlineExam 1.0. This flaw affects the processing of the API component, allowing attackers to manipulate it for unauthorized access. Although the attack complexity is considered high and exploitation is known to...

PoC for CVE-2025-3846

MarkparticleWebserver6.9MEDIUM
SQL Injection Vulnerability in markparticle WebServer Registration ...

A vulnerability exists in the registration functionality of the markparticle WebServer, specifically located in the file code/http/httprequest.cpp. An attacker can exploit this vulnerability by manipulating the username and password parameters, leading to potential SQL injection attacks. This iss...

PoC for CVE-2025-3845

MarkparticleWebserver6.9MEDIUM
Buffer Overflow Vulnerability in markparticle WebServer by markpart...

A vulnerability has been identified in the markparticle WebServer, specifically affecting versions up to 1.0, where the Buffer::HasWritten function in buffer.cpp can be manipulated. This vulnerability enables attackers to initiate a buffer overflow by controlling the writePos_ argument, allowing ...

PoC for CVE-2025-3843

PanhainanDs-java5.3MEDIUM
Cross-Site Request Forgery in panhainan DS-Java 1.0

A security flaw has been identified in panhainan DS-Java 1.0, where an unknown function is susceptible to cross-site request forgery (CSRF). This vulnerability enables remote attackers to manipulate requests, potentially leading to unauthorized actions on behalf of authenticated users. The exploi...

PoC for CVE-2025-3842

PanhainanDs-java5.3MEDIUM
Code Injection Vulnerability in Panhainan DS-Java 1.0

A vulnerability exists in Panhainan's DS-Java 1.0, specifically within the function `uploadUserPic.action` located in the file `src/com/phn/action/FileUpload.java`. This flaw allows attackers to manipulate the `fileUpload` argument, potentially leading to code injection attacks. The vulnerability...

PoC for CVE-2025-3841

Wix-incubatorJam4.8MEDIUM
Improper Neutralization in Jinja2 Template Handler of Wix-Incubator...

A vulnerability exists in the Wix-Incubator Jam that impacts the Jinja2 Template Handler, specifically in the jam.py file. This issue arises from improper neutralization of the config['template'] argument, allowing special elements utilized in the template engine to be exploited. Attackers can po...

PoC for CVE-2025-31200

AppleVisionos7.5HIGH
Memory Corruption Vulnerability in Apple Devices

A memory corruption issue has been found in various Apple operating systems, which could be exploited through a specially crafted audio stream in a media file. This vulnerability has the potential to allow unauthorized code execution, posing significant risk to impacted devices. Apple has impleme...

Discovered 4 days ago

PoC for CVE-2025-30208

ViteVite🟣 EPSS 59%
Vite Frontend Development Tool Susceptible to File Access Vulnerabi...

A vulnerability in Vite's frontend development tooling allows attackers to bypass file access restrictions. Specifically, versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 expose the risk where app URLs can be manipulated with trailing query parameters such as '?raw?' or '?import&raw?' t...

PoC for CVE-2024-4577

PHP GroupPHP🟣 EPSS 94%9.8CRITICAL
PHP CGI Module Vulnerability Allows Malicious User to Reveal Source...

In certain versions of PHP, particularly 8.1.*, 8.2.*, and 8.3.* running on Windows with Apache and PHP-CGI, a vulnerability arises when specific code pages are configured. This results in Windows utilizing 'Best-Fit' behavior to handle character replacements for command-line inputs aimed at Win3...

PoC for CVE-2019-7238

SonatypeNexus🟣 EPSS 94%9.8CRITICAL
Access Control Flaw in Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager prior to version 3.15.0 contains an access control vulnerability that may allow unauthorized users to access restricted resources and perform unintended actions. This could lead to potential data leakage and compromise of sensitive information. It is crucial for ...

PoC for CVE-2023-50257

EprosimaFast-dds9.7CRITICAL
Discovery of a Vulnerability in Fast DDS Allowing Forced Disconnect...

In eProsima Fast DDS, a vulnerability arises due to a failure to encrypt the data (`p[UD]`) and `guid` values used for disconnecting between nodes. This allows an attacker to forcibly disconnect Subscribers from the system, preventing them from receiving any data. When an attacker continuously se...

PoC for CVE-2025-3830

KuangstudyKuangsimplebbs5.3MEDIUM
Unrestricted File Upload Vulnerability in Kuangstudy KuangSimpleBBS

An unrestricted file upload vulnerability exists in the Kuangstudy KuangSimpleBBS 1.0 software, specifically in the fileUpload function of the QuestionController.java file. This flaw allows attackers to upload potentially malicious files by manipulating the editormd-image-file argument. Such an e...

PoC for CVE-2020-35730

RoundcubeWebmail🟣 EPSS 58%6.1MEDIUM
Cross-Site Scripting Vulnerability in Roundcube Webmail

A Cross-Site Scripting (XSS) vulnerability exists in Roundcube Webmail prior to version 1.2.13, 1.3.16, and 1.4.10. This flaw allows attackers to exploit the application by sending a specially crafted plain text email containing JavaScript code. The vulnerability arises from improper handling of ...

PoC for CVE-2025-3829

PHPgurukulMen Salon Management S...6.9MEDIUM
SQL Injection in PHPGurukul Men Salon Management System by PHPGurukul

A SQL injection vulnerability has been identified in the PHPGurukul Men Salon Management System version 1.0. This flaw exists in the /admin/sales-reports-detail.php file, where improper validation of the 'fromdate' and 'todate' parameters allows attackers to manipulate SQL queries. The vulnerabil...

PoC for CVE-2025-3828

PHPgurukulMen Salon Management S...6.9MEDIUM
SQL Injection Vulnerability in PHPGurukul Men Salon Management System

A SQL injection vulnerability exists within the PHPGurukul Men Salon Management System, specifically affecting the processing of the 'remark' parameter in the /admin/view-appointment.php script. This issue allows an attacker to craft a malicious request, potentially leading to unauthorized databa...

PoC for CVE-2025-3827

PHPgurukulMen Salon Management S...6.9MEDIUM
SQL Injection Vulnerability in PHPGurukul Men Salon Management System

A security flaw has been detected in the PHPGurukul Men Salon Management System version 1.0, specifically within the /admin/forgot-password.php file. This vulnerability allows attackers to manipulate email argument input, leading to SQL injection issues that can be exploited remotely. As the deta...

Discovered 5 days ago

PoC for CVE-2025-43929

Kitty ProjectKitty4.1MEDIUM
Local Executable Execution Vulnerability in Kitty by Kovid Goyal

The vulnerability in Kitty before version 0.41.0 originates from the open_actions.py script, which fails to prompt users for confirmation before executing local files that may be linked within documents from untrusted sources, such as those opened in KDE Ghostwriter. This design flaw can allow ma...

PoC for CVE-2025-43921

GnuMailman5.3MEDIUM
GNU Mailman Vulnerability in cPanel Allows List Creation by Unauthe...

The vulnerability in GNU Mailman version 2.1.39, as packaged with cPanel, exposes an endpoint that allows unauthenticated attackers to create email distribution lists. This poses significant security risks, as it could be exploited to spread spam or malicious content, affecting the integrity and ...

PoC for CVE-2025-43920

GnuMailman5.4MEDIUM
Arbitrary Command Execution Vulnerability in GNU Mailman by cPanel

An arbitrary command execution vulnerability exists in GNU Mailman 2.1.39, bundled with cPanel and WHM, that permits unauthenticated attackers to execute arbitrary operating system commands. This occurs due to improper handling of shell metacharacters within the email Subject lines, potentially l...

PoC for CVE-2025-43919

GnuMailman5.8MEDIUM
Directory Traversal Vulnerability in GNU Mailman Bundled with cPanel

The vulnerability within GNU Mailman 2.1.39, as deployed in cPanel, permits unauthorized users to exploit a directory traversal flaw. By manipulating the username parameter at the private archive endpoint, attackers may access arbitrary files on the server, leading to potential exposure of sensit...

PoC for CVE-2025-3821

SourcecodesterWeb-based Pharmacy Pro...4.8MEDIUM
Cross Site Scripting Vulnerability in SourceCodester Web-based Phar...

A cross site scripting vulnerability exists in the add-admin.php file of the SourceCodester Web-based Pharmacy Product Management System 1.0. This flaw allows unauthorized remote attackers to manipulate input fields such as txtpassword, txtfullname, and txtemail, leading to potential malicious sc...

PoC for CVE-2025-32433

ErlangOtp10CRITICAL
Remote Code Execution Vulnerability in Erlang/OTP SSH Server

The Erlang/OTP SSH server prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20 contains a critical flaw in SSH protocol message handling that allows attackers to bypass authentication and execute arbitrary commands remotely. This vulnerability can be exploited to gain unauthorized acces...

PoC for CVE-2025-3820

TendaW128.7HIGH
Stack-Based Buffer Overflow in Tenda W12 and i24 Products

A critical vulnerability has been identified in Tenda W12 and i24 products, specifically in the function cgiSysUplinkCheckSet located in /bin/httpd. This vulnerability allows for a stack-based buffer overflow upon manipulation of the arguments hostIp1 and hostIp2, potentially exposing the device ...

PoC for CVE-2025-3819

PHPgurukulMen Salon Management S...6.9MEDIUM
SQL Injection Vulnerability in PHPGurukul Men Salon Management System

A vulnerability exists in the PHPGurukul Men Salon Management System 1.0, specifically within the /admin/search-appointment.php file. This weakness allows an attacker to manipulate the 'searchdata' argument, potentially leading to SQL injection. Because this can be exploited remotely, it's crucia...

PoC for CVE-2025-3818

WebpyWeb.py5.3MEDIUM
SQL Injection Vulnerability in webpy's PostgresDB Function

A vulnerability in the webpy framework's PostgresDB._process_insert_query function may allow an attacker to execute SQL injection attacks. The weakness arises from manipulation of the argument seqname, making it possible for a remote attacker to craft input that could compromise the database. As ...

PoC for CVE-2025-3817

SourcecodesterOnline Eyewear Shop5.3MEDIUM
SQL Injection Vulnerability in SourceCodester Online Eyewear Shop b...

A SQL injection vulnerability affects the SourceCodester Online Eyewear Shop 1.0, enabling unauthorized manipulation of arguments in the Master.php file via the delete_stock endpoint. Exploiting this vulnerability remotely compromises database security and may lead to unauthorized data access or ...

PoC for CVE-2025-3816

WestboyCicadascms5.1MEDIUM
OS Command Injection Vulnerability in CicadasCMS by Westboy

A notable OS command injection vulnerability exists in CicadasCMS 2.0, specifically affecting the Scheduled Task Handler component. This flaw enables unauthorized actors to execute arbitrary OS commands on the server, which can be exploited remotely. The affected code is found in the /system/sche...

PoC for CVE-2025-3808

Zhenfeng13My-bbs5.3MEDIUM
Cross-Site Request Forgery Vulnerability in My-BBS by zhenfeng13

A cross-site request forgery (CSRF) vulnerability has been identified in My-BBS 1.0 by zhenfeng13, allowing remote attackers to perform unauthorized actions on behalf of users. This security flaw may affect multiple endpoints, enabling the attacker to manipulate requests without the user's consen...

PoC for CVE-2025-3807

Zhenfeng13My-bbs5.3MEDIUM
Unrestricted File Upload Vulnerability in My-BBS by zhenfeng13

A vulnerability in My-BBS version 1.0 allows unauthorized users to upload files without proper validation, affecting the UploadController.java component. This flaw opens the door for remote attacks, potentially allowing malicious users to gain access to sensitive system components. The public dis...

PoC for CVE-2025-3806

DazhoudaLecms4.8MEDIUM
Cross-Site Scripting Vulnerability in dazhouda lecms Affected by Ed...

A cross-site scripting vulnerability has been identified in dazhouda lecms versions up to 3.0.3, specifically affecting the Edit Profile Handler located at /admin. This vulnerability enables attackers to execute arbitrary JavaScript in the context of the affected user's session. The exploitation ...

PoC for CVE-2025-3805

SarrionandiaTournatrack4.8MEDIUM
Jinja2 Template Injection Vulnerability in Tournatrack by Sarrionandia

A critical vulnerability found in Sarrionandia's Tournatrack exposes the system to potential injection attacks through the Jinja2 Template Handler's file, check_id.py. An attacker can exploit this vulnerability by manipulating the argument ID, allowing unauthorized command execution on the local ...