Publicly Disclosed
PoC Exploits

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A security vulnerability has been detected in the Youlai-tech Youlai-Mall's Order Payment Handler, specifically within the method orderService.payOrder. This weakness allows for improper access controls, potentially enabling unauthorized users to manipulate payment processes. The vulnerability re...

A vulnerability exists in the TOZED ZLT M30s devices, specifically in the UART interface's on-chip debug and test functionalities. This flaw allows for unauthorized access, potentially exposing critical device operations to malicious actors. The complexity of such attacks implies that while they ...

A vulnerability in OpenAI's Codex CLI allows unauthorized arbitrary file write and command execution due to improper sandbox configuration between versions 0.2.0 and 0.38.0. The issue arises from the program misinterpreting the current working directory supplied by the model. This oversight can r...

A vulnerability in the TOZED ZLT M30s Web Management Interface allows an attacker to manipulate the 'goformId' parameter, leading to the potential disclosure of sensitive information. This exploit can be executed remotely, posing significant risks to users. Despite early notifications, the vendor...

The MainWP Dashboard plugin for WordPress is affected by a Stored Cross-Site Scripting vulnerability that emerges from inadequate input sanitization and output escaping. This flaw involves the 'mwp_setup_purchase_username' parameter, allowing unauthenticated users to inject malicious web scripts....

A command injection vulnerability has been identified in JD Cloud BE6500 version 4.4.1.r4308. This flaw is located in the function sub_4780 of the jdcapi file, where improper handling of the 'ddns_name' argument allows an attacker to execute arbitrary commands. The exploit can be triggered remote...

A vulnerability in Ollama version 0.6.7 allows remote attackers to exploit the server.auth.getAuthorizationToken mechanism, enabling them to steal sensitive authentication tokens. This can occur through a crafted malicious realm value in the WWW-Authenticate header returned by the /api/pull endpo...

A SQL injection vulnerability has been identified in the itsourcecode Student Management System 1.0, specifically within an unknown function in the /list_report.php file. Malicious actors can manipulate the 'sy' argument to execute unauthorized SQL commands, potentially compromising the database....

A security vulnerability has been identified in the itsourcecode Student Management System 1.0, specifically within an unknown function of the file /form137.php. This vulnerability allows for SQL injection through manipulation of the argument ID, enabling attackers to execute unauthorized SQL que...

A path traversal issue has been found in the Tenda CH22 router firmware version 1.0.0.1. An unidentified function within the /public/ directory can be exploited to gain unauthorized access to files on the server. This vulnerability allows remote attackers to manipulate input data, potentially lea...

A significant security flaw has been identified in the itsourcecode Student Management System version 1.0, specifically in the file /student_p.php. This vulnerability arises from improper handling of the argument ID, which can lead to SQL injection attacks. Attackers can exploit this flaw remotel...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A SQL injection vulnerability has been found in the itsourcecode Online Frozen Foods Ordering System version 1.0. The issue arises from improper handling of user input in the /customer_details.php file, which allows an attacker to manipulate SQL queries. This vulnerability can be exploited remote...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

LogicalDOC Enterprise version 7.7.4 is vulnerable to multiple authenticated OS command execution flaws, which can be exploited by malicious actors to modify system configurations. By altering settings for binary paths, such as antivirus commands and OCR engine paths, attackers can execute arbitra...

LogicalDOC Enterprise 7.7.4 is susceptible to multiple post-authentication file disclosure vulnerabilities that enable attackers to read arbitrary files. By exploiting unverified 'suffix' and 'fileVersion' parameters through directory traversal techniques in the /thumbnail and /convertpdf endpoin...

The VideoFlow Digital Video Protection version 2.10 is affected by an authenticated remote code execution vulnerability. This security flaw allows attackers to execute system commands with root privileges by exploiting a cross-site request forgery (CSRF) mechanism. Unauthorized users can leverage...

VideoFlow Digital Video Protection DVP 2.10 is prone to an authenticated directory traversal vulnerability. Attackers can exploit this weakness through unvalidated 'ID' parameters to gain unauthorized access to sensitive system files. By manipulating directory path traversal through multiple Perl...

KYOCERA Net Admin version 3.4.0906 is susceptible to a Cross-Site Request Forgery vulnerability that permits attackers to create unauthorized administrative users. By leveraging this exploit, attackers can design malicious web pages that, when visited by an authenticated user, automatically gener...

KYOCERA Net Admin version 3.4.0906 has identified a vulnerability that enables unauthenticated attackers to execute an XML External Entity (XXE) injection. This occurs in the Multi-Set Template Editor component, where a maliciously crafted XML file containing external entity references could be u...

The Teradek VidiU Pro version 3.0.3 is susceptible to a cross-site request forgery (CSRF) vulnerability, which poses a significant security risk. This flaw enables attackers to manipulate administrative functions by sending crafted requests to the device. When an administrator inadvertently visit...

The Devolo dLAN 500 AV Wireless+ version 3.1.0-1 is susceptible to a cross-site request forgery vulnerability. This flaw permits attackers to execute unauthorized administrative actions by leveraging predictable URL structures. If a logged-in user inadvertently visits a specially crafted maliciou...

The Teradek VidiU Pro version 3.0.3 is vulnerable to a server-side request forgery (SSRF) due to flaws in its management interface. This vulnerability allows attackers to manipulate the GET parameters 'url' and 'xml_url', enabling them to bypass firewall protections, conduct network enumeration, ...

The devolo dLAN 500 AV Wireless+ version 3.1.0-1 has a significant authentication bypass flaw that could allow attackers to manipulate system settings via the htmlmgr CGI script. This vulnerability permits unauthorized users to enable hidden services, including telnet and remote shell access, the...

The Beward N100 camera model M2.1.6.04C014 is susceptible to a significant vulnerability that permits remote attackers to access live video streams without any form of authentication. This flaw arises from the absence of necessary security measures within the video access mechanism, enabling mali...

The Beward N100 H.264 VGA IP Camera M2.1.6 is susceptible to a cross-site request forgery vulnerability, enabling attackers to execute unauthorized administrative tasks. By creating a deceptive web page containing a malicious form, an attacker can trick a logged-in user into unwittingly submittin...

The Beward N100 H.264 VGA IP Camera version M2.1.6 is affected by a vulnerability that allows authenticated attackers to exploit the 'READ.filePath' parameter, potentially exposing sensitive system files. By manipulating the file path, attackers can access critical files such as /etc/passwd and /...

The DashBoard software version 8.5.1 from Ross Video has a security flaw that allows authenticated users to gain elevated privileges through improper permission settings. By exploiting certain permission flags designated for the 'Authenticated Users' group, a malicious actor can replace the legit...

Legrand's BTicino Driver Manager F454 version 1.0.51 is exposed to several web vulnerabilities that enable attackers to perform unauthorized administrative actions due to inadequate request validation. These vulnerabilities include risks of cross-site request forgery, which can permit attackers t...

The FaceSentry Access Control System version 6.4.8 is prone to a cross-site request forgery vulnerability, enabling attackers to potentially execute administrative actions without the necessary user consent. This vulnerability allows the crafting of malicious web pages that, when visited by authe...

The FaceSentry Access Control System version 6.4.8 contains an authentication vulnerability due to hard-coded SSH credentials assigned to the wwwuser account. This misconfiguration allows attackers to exploit the insecure sudoers file, enabling them to execute sudo commands without additional aut...

FaceSentry 6.4.8 has a vulnerability located in the pingTest.php and tcpPortTest.php scripts, which allows attackers to perform remote command injection. By exploiting the 'strInIP' and 'strInPort' input parameters without proper sanitization, unauthorized users can inject and execute arbitrary s...

The V-SOL GPON/EPON OLT Platform version 2.03 is susceptible to an unauthenticated information disclosure vulnerability. This flaw permits attackers to exploit direct object reference to download sensitive configuration files via HTTP GET requests, specifically targeting the usrcfg.conf endpoint....

The Rifatron 5brid DVR is vulnerable due to an unauthenticated access flaw in the animate.cgi script. This vulnerability allows attackers to gain unauthorized access to live video streams by exploiting the Mobile Web Viewer module. By specifying channel numbers, attackers can retrieve sequential ...

The V-SOL GPON/EPON OLT Platform version 2.03 is affected by a privilege escalation vulnerability that allows regular users to gain administrative access. This is achieved through manipulation of the 'user_role_mod' parameter in HTTP POST requests sent to the user management endpoint, which can r...

The V-SOL GPON/EPON OLT Platform version 2.03 is susceptible to a cross-site request forgery vulnerability. This allows attackers to perform administrative tasks without authenticating as a legitimate user. By creating a malicious web page, attackers can trick authenticated administrators into un...

SmartHouse Webapp version 6.5.33 is susceptible to multiple vulnerabilities, including cross-site request forgery and cross-site scripting. These weaknesses may enable attackers to execute unauthorized actions by tricking authenticated users into clicking on malicious links or by injecting harmfu...

The iSeeQ Hybrid DVR WH-H4 version 1.03R is vulnerable to an issue within the get_jpeg script, which permits unauthorized users to access live video feeds. By making requests to the /cgi-bin/get_jpeg endpoint, attackers can obtain video snapshots from designated camera channels without needing au...

Smartwares HOME version 1.0.9 is susceptible to an authentication bypass vulnerability. This flaw enables unauthenticated attackers to disable JavaScript, granting them access to administrative web pages. By circumventing client-side validation, attackers can navigate through various administrati...

Teradek Cube version 7.3.6 is vulnerable to a cross-site request forgery (CSRF) attack, enabling unauthorized individuals to change administrative passwords without the necessary validation of requests. This vulnerability arises when attackers create a malicious web page containing hidden forms t...

The AVE DOMINAplus version 1.10.x is susceptible to cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities. These security flaws can enable attackers to manipulate administrative settings without the consent or knowledge of users. By crafting malicious web pages that tar...

GNU Barcode version 0.99 is susceptible to a memory leak vulnerability within its command line processing function. This flaw arises when attackers supply specially crafted input, resulting in unfreed memory allocations that could lead to denial of service conditions. Ensuring the application is ...

The Teradek Slice version 7.3.15 is vulnerable to a Cross-Site Request Forgery (CSRF) flaw that allows an attacker to modify administrative passwords without appropriate request validation. This vulnerability can be exploited by hosting a malicious web page that automatically submits password cha...

GNU Barcode version 0.99 is affected by a buffer overflow vulnerability in the code 93 encoding process. This flaw allows attackers to exploit boundary errors during input file processing, potentially leading to memory corruption and enabling the execution of arbitrary code on the affected system...

Ecessa WANWorx WVR-30 versions prior to 10.7.4 are susceptible to a cross-site request forgery vulnerability that enables attackers to execute unauthorized administrative actions. By crafting a deceptive webpage containing a hidden form, adversaries can manipulate authenticated administrators int...

The Ecessa Edge EV150 version 10.7.4 suffers from a cross-site request forgery vulnerability. This flaw enables attackers to generate unauthorized administrative user accounts without proper authentication. By designing a malicious webpage, an attacker can submit crafted requests to the vulnerabl...

Microhard Systems IPn4G version 1.1.0 is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability, enabling attackers to execute unauthorized administrative actions. By tricking users into visiting a maliciously crafted web page, an attacker can manipulate user sessions to change admin pa...