Publicly Disclosed
PoC Exploits

The WebSocket Application Programming Interface in E-Power systems is vulnerable due to a lack of restrictions on the number of authentication requests. This vulnerability can be exploited by attackers to perform denial-of-service attacks, which may disrupt legitimate charger telemetry. Additiona...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

In earlier versions of the ZeroMQ library (libzmq), a significant vulnerability exists that allows a remote and unauthenticated client to connect and potentially cause a stack overflow. This vulnerability arises from improper handling of buffers, leading to arbitrary data being written to the sta...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A buffer overflow vulnerability has been identified in the Totolink N300RH router, specifically in the setMacFilterRules function within the POST Request Handler of the /cgi-bin/cstecgi.cgi file. The vulnerability arises from improper handling of the mac_address argument, which allows remote atta...

A security vulnerability has been identified in the Totolink N300RH router, specifically within the function setWanConfig located in /cgi-bin/cstecgi.cgi. This issue arises from improper handling of the priDns argument, leading to a potential buffer overflow. The vulnerability can be exploited re...

A vulnerability has been identified in the Totolink N300RH router firmware version 3.2.4-B20220812, specifically within the setUpgradeFW function located in the /cgi-bin/cstecgi.cgi file. This weakness arises from the improper handling of the FileName argument, which can be exploited to trigger a...

A buffer overflow vulnerability exists in the loginauth function of the Parameter Handler component in Totolink N300RH routers running firmware version 3.2.4-B20220812. This flaw can be exploited remotely by manipulating the Password argument, leading to potential unauthorized access and adverse ...

A vulnerability exists in the SourceCodester Web-based Pharmacy Product Management System version 1.0, specifically in the edit-admin.php file. This issue arises from improper handling of the argument ID, enabling attackers to execute remote SQL injection attacks. Given that exploits are publicly...

A security flaw has been identified in CodeAstro's Online Classroom software, specifically in the faculty details functionality. This vulnerability arises from improper handling of user input in the 'deleteid' parameter, leading to SQL injection. Attackers can exploit this weakness remotely, pote...

A vulnerability has been identified in CodeAstro Online Classroom 1.0 that affects the unspecified functionality of the addnewstudent endpoint. Manipulation of the 'fname' parameter can lead to SQL injection attacks, allowing adversaries to interact with the database through crafted queries. This...

A SQL injection vulnerability exists in the CodeAstro Online Classroom 1.0, specifically in an unidentified function within the /OnlineClassroom/studentdetails file. This vulnerability allows for malicious manipulation of the 'deleteid' argument, enabling an attacker to execute remote SQL queries...

A vulnerability has been identified in CodeAstro's Online Classroom version 1.0, specifically in an undisclosed function located in the faculty login script. Manipulating the 'fid' argument allows for SQL injection attacks, which can be executed remotely. This exposure enables unauthorized users ...

The CodeAstro Online Classroom application version 1.0 is vulnerable to SQL injection through the student login function. This vulnerability allows attackers to manipulate the 'sid' argument, potentially leading to unauthorized access to sensitive data. Exploitation can be executed remotely, and ...

A vulnerability has been identified in justdan96 tsMuxer software, specifically in the function VvcVpsUnit::setFPS located in tsMuxer/vvc.cpp. This flaw allows an attacker to manipulate the track_id argument, potentially leading to a denial of service. The vulnerability requires local access to e...

A local vulnerability has been discovered in the tsMuxer software developed by justdan96, specifically affecting the HevcVpsUnit::setFPS function located in hevc.cpp file. This issue arises from improper handling of the 'track_id' argument, potentially leading to a denial of service condition. Ex...

A security flaw affecting Puchunjie's doc-tools-mcp version 1.0.18 has been identified, specifically within the functions create_document and open_document of the MCP Interface. This vulnerability can be exploited through path traversal techniques by manipulating the filePath argument. Attackers ...

The Magic Export & Import WordPress plugin prior to version 1.2.0 exposes exported CSV files in a publicly accessible location. This vulnerability allows unauthorized visitors to access and download sensitive user information contained within these files, posing significant privacy and security r...

A vulnerability has been identified in Funadmin versions up to 7.1.0-rc6 within the Frontend Chunked Upload Endpoint. It stems from a flaw in the UploadService::chunkUpload function located in app/common/service/UploadService.php. This weakness allows an attacker to manipulate the File argument, ...

An unrestricted file upload vulnerability exists in the BloodBank Managing System 1.0, specifically in the request_blood.php file. This issue allows an attacker to remotely upload files without proper validation, potentially leading to the execution of arbitrary code. As the exploit is now public...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security vulnerability has been identified in the BloodBank Managing System version 1.0, specifically within the 'get_state.php' file. This vulnerability arises from inadequate validation of the G_STATE_ID parameter, allowing for SQL injection attacks. Attackers can exploit this vulnerability r...

A vulnerability has been detected in the privsim mcp-test-runner version 0.2.0 affecting the child_process.spawn function located in src/index.ts. By manipulating the command argument, an attacker could execute arbitrary OS commands, potentially leading to severe security breaches. This vulnerabi...

A security flaw has been identified in the pixelsock directus-mcp version 1.0.0. This vulnerability resides in the validateUrl function located in index.ts of the MCP Interface component. An attacker can manipulate the fileUrl argument, potentially leading to servers being tricked into making una...

A security vulnerability has been identified in the MCP Interface of the mcp-rtfm product. This issue allows an attacker to manipulate the function get_doc_content/read_doc/update_doc through the argument docFile, leading to unauthorized access to files outside the intended directory structure. T...

A vulnerability exists in PrefectHQ's product related to the GitRepository Pull Handler, specifically within the file src/prefect/runner/storage.py. The issue arises from improper handling of arguments, specifically the 'commit_sha' and 'directories' parameters, leading to potential argument inje...

A vulnerability exists in the PrefectHQ Prefect software within the Webhook/Notification component. The specific flaw lies in the validate_restricted_url function, which is susceptible to a time-of-check time-of-use condition. This vulnerability allows remote attackers to exploit the system under...

A security flaw has been identified in the WebSocket Endpoint of the PrefectHQ Prefect application, affecting versions up to 3.6.13. This vulnerability permits remote exploitation, as it allows an attacker to manipulate the system due to a lack of proper authentication mechanisms. To mitigate thi...

A vulnerability was identified in the Health Check API of PrefectHQ's Prefect, affecting versions up to 3.6.21. This flaw allows for improper authentication through the 'endswith' function in the /api/health endpoint. Attackers could exploit this vulnerability remotely, increasing the risk of una...

A security vulnerability has been identified in the Totolink WA300 router, specifically within the NTPSyncWithHost function located in the /cgi-bin/cstecgi.cgi file. This flaw allows an attacker to manipulate the 'hostTime' argument, leading to the possibility of command injection. The vulnerabil...

A vulnerability has been discovered in the Totolink WA300 router's POST Request Handler, specifically within the setLanguageCfg function in the /cgi-bin/cstecgi.cgi script. This weakness allows an attacker to manipulate the langType argument, potentially leading to command injection. The exploit ...

A security flaw has been identified in the Totolink WA300 access point, specifically in the 'loginauth' function located in the cstecgi.cgi file of the POST Request Handler. The vulnerability arises from improper handling of the 'http_host' argument, leading to a buffer overflow that can be explo...

A vulnerability has been identified in the Totolink WA300 router, specifically within the function setWebWlanIdx located in /cgi-bin/cstecgi.cgi of the POST Request Handler. An attacker can manipulate the webWlanIdx argument, resulting in command injection, which may be initiated remotely. The ex...

A buffer overflow vulnerability exists in the UploadCustomModule function of the Totolink WA300 router's POST Request Handler. This issue stems from improper handling of input on the /cgi-bin/cstecgi.cgi script, allowing attackers to manipulate the 'File' argument. If successfully exploited, this...

A SQL injection vulnerability has been identified in the Code-Projects Gym Management System, specifically affecting the file /index.php. This flaw occurs due to improper handling of input parameters in the 'day' argument, allowing attackers to execute arbitrary SQL commands remotely. The public ...

A path traversal vulnerability exists in the MCP Interface's arango_backup function within the ravenwits mcp-server-arangodb software, affecting versions up to 0.4.7. An attacker can manipulate the outputDir argument, leading to unauthorized access to filesystem paths. This vulnerability can be e...

An authentication flaw has been identified in the Admin Endpoint of Crocodilestick's Calibre-Web-Automated within the file cps/cwa_functions.py. This vulnerability allows remote attackers to manipulate the application due to inadequate authentication mechanisms. As a result, unauthorized users ma...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A security vulnerability exists within MindsDB versions up to 26.01, specifically in the 'pickle.loads' function of the Pickle Handler component. This vulnerability allows for malicious manipulation that leads to deserialization issues, enabling attackers to exploit the flaw remotely. The exploit...

A vulnerability has been discovered in the MindsDB Engine Handler, specifically within the exec function of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py. This issue allows for remote attackers to exploit the system by carrying out unauthorized file uploads. With the exploit...

A security flaw exists in the YunaiV yudao-cloud up to version 3.8.0, specifically within the doFilterInternal function of JwtAuthenticationTokenFilter.java related to the Ruoyi-Vue-Pro component. This vulnerability allows attackers to manipulate the argument mock-token, resulting in improper aut...

A significant vulnerability exists within the Janeczku Calibre-Web application, specifically in the Endpoint function located in the kobo_auth.py file. This flaw allows for unauthorized manipulation of the user_id argument in the generate_auth_token function, leading to improper authorization. Re...

A vulnerability exists in Open5GS up to version 2.7.7, specifically in the function ogs_dbi_subscription_data within the UDR component's library. This vulnerability allows for a remote denial of service attack by manipulating the 'supi_id' argument. Exploitation of this flaw can lead to service i...

A vulnerability has been identified in the Linux kernel's crypto subsystem, specifically within the algif_aead component. This issue arises from an unnecessary complexity in operating in-place, which has been reverted for improved security and performance. The change eliminates the need for in-pl...

A denial of service vulnerability exists in the UDR component of Open5GS versions up to 2.7.7. This vulnerability is found within the `udr_nudr_dr_handle_subscription_context` function in the file `/src/udr/nudr-handler.c`. An attacker can exploit this weakness by manipulating the argument 'pei',...

A vulnerability exists within the Open5GS AMF component, specifically in the gmm_handle_service_request function located in the gmm-handler.c file. This issue can result in a denial of service, potentially allowing malicious actors to disrupt service availability remotely. Public disclosure of th...

A command injection vulnerability exists in JD Cloud JDCOS version 4.5.1.r4518, specifically within the set_iptv_info function located in the /jdcap component of the Service Interface. By manipulating the 'vid' argument, an attacker can execute arbitrary commands remotely. This issue poses a sign...

A pointer overflow vulnerability exists in the ZeroMQ library (libzmq) that can allow an authenticated attacker to execute arbitrary code. The flaw arises from an integer overflow in the v2_decoder.cpp component, specifically within the zmq::v2_decoder_t::size_ready function. This vulnerability e...

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.