Publicly Disclosed
PoC Exploits

A security vulnerability has been detected in Shandong Hoteam InforCenter PLM up to version 8.3.8, specifically in the function 'uploadFileToIIS' of the file '/Base/BaseHandler.ashx'. This flaw allows attackers to manipulate the 'File' argument, leading to unrestricted file uploads. Consequently,...

In AutohomeCorp’s frostmourne version 1.0, a vulnerability in the Alarm Preview component allows for server-side request forgery (SSRF) through an undisclosed function in the AlarmController.java file. This flaw enables remote attackers to exploit the system by manipulating requests sent from the...

A path traversal vulnerability exists in Sanster IOPaint version 1.5.3, specifically within the _get_file function in the file_manager.py component. By manipulating the filename argument, attackers can perform unauthorized file access remotely. This exploit has been publicly disclosed, and the ve...

A security flaw exists in Code-Projects' Simple Laundry System version 1.0, specifically within the '/delstaffinfo.php' file of the Parameter Handler component. An unauthorized user can manipulate the 'userid' argument, leading to SQL injection vulnerabilities that could allow for remote exploita...

A SQL injection vulnerability exists in the Simple Laundry System version 1.0, specifically within the Parameter Handler component's modify.php file. This flaw allows an attacker to manipulate the 'firstName' argument, potentially leading to unauthorized database access and data manipulation. Giv...

The Export All URLs plugin for WordPress, prior to version 5.1, has a critical flaw that allows unauthenticated users to access sensitive information. This is due to its generation of CSV filenames containing post URLs, including private posts, in a predictable pattern based on a random six-digit...

The Order Notification plugin for WooCommerce has a vulnerability that allows unauthenticated users to bypass permission checks, granting unrestricted read/write access to store resources. This includes crucial data such as product, coupon, and customer information, potentially leading to unautho...

A cross site scripting (XSS) vulnerability has been identified in Code-Projects' Simple Laundry System version 1.0. This security issue affects the delivery of the delstaffinfo.php component, specifically through the manipulation of the 'userid' argument. Attackers can potentially launch this exp...

A security vulnerability has been identified in the Webhook Handler component of welovemedia's FFmate, specifically within the file located at /ui/app/components/AppJsonTreeView.vue. This vulnerability enables an attacker to execute cross site scripting (XSS) attacks remotely. Exploitation of thi...

A vulnerability has been discovered in bufanyun's HotGo versions 1.0 and 2.0, specifically in the editNotice Endpoint, located in the MessageList.vue file. This flaw allows for remote execution of malicious scripts through manipulation of an unknown functionality. As the exploit has been publicly...

A security flaw has been identified in the z-9527 admin application, specifically affecting the Message Create Endpoint found in the /server/routes/message.js file. This vulnerability allows for cross site scripting (XSS) attacks, which can be initiated remotely by manipulating an unidentified fu...

A security vulnerability exists in the z-9527 admin versions 1.0 and 2.0, specifically affecting the User Update Endpoint component within the user.js file. This vulnerability arises when the isAdmin parameter is manipulated with a value of 1, potentially exposing sensitive security mechanisms th...

A cross-site scripting vulnerability exists in gougucms version 4.08.18, specifically impacting the Record Endpoint's record.html file. This vulnerability arises from improper handling of user-controlled input in the content argument, allowing malicious actors to inject and execute arbitrary scri...

An insufficient input validation vulnerability exists in Citrix's NetScaler ADC and NetScaler Gateway when configured as a SAML Identity Provider (IDP). This flaw could potentially lead to memory overread, making it a target for exploitation. It's essential for administrators to be aware of this ...

Legacy profile posts in XenForo versions prior to 2.3.10 and 2.2.19 are susceptible to stored cross-site scripting (XSS) attacks. This vulnerability allows attackers to inject malicious scripts through specially crafted mentions. When other users view this content, the scripts are executed within...

The StanfordSegmenter module in NLTK is susceptible to arbitrary code execution due to inadequate input validation. It improperly handles external Java .jar files, allowing attackers to manipulate these files without verification. This flaw permits the execution of arbitrary Java bytecode when a ...

A significant vulnerability in the BloodBank Managing System 1.0 allows an attacker to exploit the /admin_state.php file through manipulation of the 'statename' argument, leading to Cross Site Scripting (XSS) attacks. This vulnerability can be remotely triggered, enabling malicious actors to inje...

A vulnerability has been discovered in the itsourcecode Payroll Management System version 1.0, specifically within the file /view_employee.php. This weakness is related to the handling of the 'ID' parameter, which can be manipulated to perform an SQL injection attack. An attacker can exploit this...

The StanfordSegmenter module in NLTK is susceptible to arbitrary code execution due to inadequate input validation. It improperly handles external Java .jar files, allowing attackers to manipulate these files without verification. This flaw permits the execution of arbitrary Java bytecode when a ...

Plunk, the open-source email platform leveraging AWS SES, was found susceptible to a Server-Side Request Forgery (SSRF) vulnerability prior to version 0.7.0. This flaw allowed unauthorized attackers to craft specific requests causing the server to issue arbitrary outbound HTTP GET requests to any...

A security flaw has been identified in the itsourcecode Payroll Management System version 1.0, specifically within the '/manage_user.php' file related to the Parameter Handler component. This vulnerability allows attackers to manipulate the 'ID' argument, resulting in SQL injection. This can be e...

A vulnerability exists in Axiomatic Bento4, specifically within the DSI v1 Parser's AP4_BitReader::SkipBits function in the Ap4Dac4Atom.cpp file. This flaw can be exploited through a local attack by manipulating the n_presentations argument, leading to a heap-based buffer overflow. The exploit is...

A significant vulnerability exists in Axiomatic Bento4 up to version 1.6.0-641, specifically within the AP4_BitReader::ReadCache function found in Ap4Dac4Atom.cpp. This issue can lead to a heap-based buffer overflow when exploited locally. Notably, the problem has been publicly disclosed, raising...

A vulnerability exists in various D-Link network storage devices, specifically in the handling of the function cgi_get_ipv6 located in /cgi-bin/network_mgr.cgi. This weakness allows attackers to exploit improper access controls, potentially leading to unauthorized access to sensitive data or conf...

A stack-based buffer overflow vulnerability exists in various D-Link network storage devices due to improper handling of the 'Name' parameter in the cgi_addgroup_get_group_quota_minsize function. This flaw allows attackers to manipulate arguments, leading to potential execution of arbitrary code ...

A stack-based buffer overflow vulnerability exists in the cgi_adduser_to_session function within the /cgi-bin/account_mgr.cgi file of several D-Link network storage devices. This flaw can be exploited remotely by manipulating the read_list argument, resulting in potential unauthorized access or s...

A stack-based buffer overflow vulnerability has been identified in several D-Link network storage devices. This issue affects the WebDAV upload functionality in the file /cgi-bin/webdav_mgr.cgi. An attacker can exploit this vulnerability by manipulating the 'f_file' argument, potentially allowing...

The pac4j-jwt library's JwtAuthenticator prior to versions 4.5.9, 5.7.9, and 6.3.3 is susceptible to an authentication bypass that could allow remote adversaries to create forged authentication tokens. By leveraging the server's RSA public key, attackers are able to craft a JWE-wrapped PlainJWT w...

A buffer overflow vulnerability exists in multiple D-Link network devices, specifically affecting the UPnP_AV_Server_Path_Del functionality within the /cgi-bin/app_mgr.cgi file. By manipulating the f_dir parameter, remote attackers can exploit this flaw, potentially leading to arbitrary code exec...

The pac4j-jwt library's JwtAuthenticator prior to versions 4.5.9, 5.7.9, and 6.3.3 is susceptible to an authentication bypass that could allow remote adversaries to create forged authentication tokens. By leveraging the server's RSA public key, attackers are able to craft a JWE-wrapped PlainJWT w...

On March 19, 2026, a supply chain attack targeted Aqua Security's Trivy when compromised credentials were used to publish a malicious version of Trivy (v0.69.4). The attacker force-pushed numerous version tags to the 'aquasecurity/trivy-action' repository, embedding credential-stealing malware. T...

A security vulnerability has been identified in the Simple Gym Management System 1.0, specifically within the Payment Handler component. The flaw arises from improper handling of user input in the parameters Payment_id, Amount, customer_id, payment_type, and customer_name, which could allow attac...

Hoverfly, an open source API simulation tool, is susceptible to a command injection vulnerability stemming from insufficient validation and sanitization of user inputs at the '/api/v2/hoverfly/middleware' endpoint. This vulnerability, found in versions 1.11.3 and earlier, allows an adversary to e...

A buffer overflow vulnerability exists in the parameter handler of the Tenda CH22 router, specifically within the formWebTypeLibrary function accessed via the /goform/webtypelibrary endpoint. An attacker can exploit this vulnerability remotely by manipulating the webSiteId argument, potentially a...

An identified vulnerability in CMS Made Simple versions up to 2.2.22 affects the _copyFilesToFolder function located in the UserGuide Module XML Import component. This vulnerability allows an attacker to exploit path traversal, enabling them to manipulate file paths and potentially access restric...

A SQL injection vulnerability exists in the Admin Login component of the Code-Projects Student Membership System 1.0, specifically through an unprotected function in /admin/index.php. By manipulating the username and password arguments, attackers may exploit this vulnerability to execute remote c...

A critical security flaw exists in the Student Membership System version 1.0 from Code-Projects. The vulnerability arises from an unknown function in the /delete_user.php file, where improper handling of the ID argument allows for SQL injection attacks. This could enable remote attackers to manip...

A significant SQL injection vulnerability exists in the code-projects Student Membership System 1.0, specifically within the /delete_member.php file. When the ID argument is manipulated, it allows an attacker to execute arbitrary SQL queries against the database. This vulnerability can be exploit...

A command injection vulnerability exists in the TRENDnet TEW-713RE router, allowing attackers to exploit an unknown function within the /goform/setSysAdm file. Through manipulating the 'admuser' argument, unauthorized command execution can occur, enabling remote exploitation. The vulnerability ha...

An issue has been identified that may allow an application to unexpectedly terminate the system or corrupt kernel memory due to inadequate memory handling protocols. Affected users are advised to update to the latest versions of iOS, iPadOS, macOS, tvOS, visionOS, and watchOS, where these vulnera...

The Performance Monitor plugin for WordPress, up to version 1.0.6, is prone to a security vulnerability where it does not properly validate certain parameters. This oversight could allow unauthorized users to execute Server-Side Request Forgery (SSRF) attacks, compromising the integrity of the se...

A command injection vulnerability exists in the TRENDnet TEW-713RE routers prior to version 1.02. Specifically, this issue pertains to the function sub_421494 located in the /goform/addRouting file. By manipulating the 'dest' argument, an attacker can remotely execute arbitrary commands, posing a...

A vulnerability exists in the SourceCodester Teacher Record System 1.0 that allows attackers to exploit the parameter handler via an SQL injection attack. By manipulating the 'searchteacher' argument, an attacker can execute arbitrary SQL code on the backend database, potentially leading to unaut...

The Java OpenWire protocol marshaller in Apache ActiveMQ is susceptible to a remote code execution vulnerability, allowing attackers with network access to execute arbitrary shell commands. By manipulating serialized class types in the OpenWire protocol, an attacker can cause the client or broker...

A vulnerability in SourceCodester's Simple Doctors Appointment System allows for unrestricted file uploads through manipulation of the 'img' argument in the /doctors_appointment/admin/ajax.php?action=save_category endpoint. This situation can lead to potential exploitation by remote attackers, wh...

A security flaw exists in the SourceCodester Simple Doctors Appointment System 1.0, specifically in the /admin/ajax.php?action=login2 endpoint. This vulnerability enables attackers to manipulate the email parameter, leading to SQL injection attacks. Consequently, this vulnerability allows unautho...

A SQL injection vulnerability has been identified in the SourceCodester Simple Doctors Appointment System version 1.0. This vulnerability exists within the /admin/login.php file, where improper handling of the Username parameter allows attackers to manipulate SQL queries. The issue can be exploit...

The Totolink A3300R router has a command injection vulnerability within the function setIptvCfg of the cstecgi.cgi file. By manipulating the vlanPriLan3 argument, an attacker can execute arbitrary commands on the affected device. This vulnerability allows for remote exploitation, posing a signifi...

The XWiki Platform prior to version 12.8 exhibits a vulnerability in the handling of escape functions within its property display logic. This flaw allows for improperly escaped content, which could lead to security implications such as script injection or other attacks where the application fails...

A command injection vulnerability has been identified in the Totolink A3300R router, specifically within the setWiFiBasicCfg function located in /cgi-bin/cstecgi.cgi. This weakness allows an attacker to manipulate the rxRate argument, potentially leading to unauthorized command execution on the d...