Publicly Disclosed
PoC Exploits

A security flaw has been identified in the mwielgoszewski Doorman application, specifically in the is_safe_url function located in doorman/users/views.py. This vulnerability allows attackers to manipulate the Next argument, leading to potential open redirect attacks. Such exploits can be executed...

A vulnerability exists in the D-Link DIR-615 router, specifically within the Web Configuration Interface's adv_routing.php file. This flaw allows for OS command injection due to improper handling of inputs related to dest_ip, submask, and gw arguments. Remote attackers can exploit this weakness t...

A vulnerability exists in the D-Link DIR-615 router, specifically in the DMZ Host Feature's adv_firewall.php file, which can be exploited to perform OS command injection. By manipulating the dmz_ipaddr argument, an attacker can execute arbitrary OS commands remotely. This vulnerability primarily ...

A vulnerability exists in the SourceCodester Patients Waiting Area Queue Management System 1.0 that allows attackers to exploit the file /checkin.php. This flaw enables the manipulation of the 'patient_id' argument, resulting in cross site scripting (XSS). The attack can be executed remotely, pot...

An XSS vulnerability was identified in the Patrick Mvuma Patients Waiting Area Queue Management System version 1.0, specifically within the appointments.php file. The issue stems from insufficient validation of the 'patient_id' parameter, allowing remote attackers to craft malicious inputs that e...

A security vulnerability has been identified in the Tenda AC21, specifically within the web management interface at the /cgi-bin/DownloadFlash endpoint. This vulnerability allows unauthorized access to sensitive information due to improper handling of requests. An attacker could potentially explo...

A vulnerability has been detected in the Tenda AC21 Web Management Interface, specifically within the /cgi-bin/DownloadLog function. This weakness allows an attacker to perform remote manipulations that can lead to unauthorized information disclosure. The exploit method has been publicly disclose...

A security vulnerability has been identified in the Guchengwuyue Yshopmall application, specifically affecting versions up to 1.9.1. The flaw is present within the updateAvatar function located in the file /api/users/updateAvatar, related to co.yixiang.utils.FileUtil. This vulnerability allows an...

A critical flaw was discovered in the cym1102 nginxWebUI prior to version 4.3.7, where an unknown function within the Web Management Interface's configuration file allows attackers to inject malicious scripts. This vulnerability can be exploited remotely by manipulating the 'nginxDir' argument, l...

A security vulnerability exists in the D-Link DIR-823X 250416 router, specifically in the DDNS Service component. The vulnerability arises from improper handling of user inputs within the /goform/set_ddns file, leading to potential OS command injection. This flaw can be exploited remotely, allowi...

A vulnerability exists in Langflow that allows remote attackers to execute arbitrary code without authentication. The flaw is rooted in the improper handling of the exec_globals parameter at the validate endpoint, resulting in the dynamic inclusion of resources from untrusted sources. Attackers c...

A vulnerability exists in the D-Link DIR-823X, specifically affecting the set_qos function. This flaw enables remote attackers to execute arbitrary OS commands, potentially compromising the device's integrity. The exploit has been publicly disclosed, raising concerns amongst users regarding the s...

A security flaw in WukongCRM versions up to 11.3.3 has been identified, specifically within the URL Handler component located at gateway/src/main/java/com/kakarote/gateway/service/impl/PermissionServiceImpl.java. This vulnerability permits improper authorization, allowing an attacker to exploit t...

A vulnerability exists in the Tenda TX9 routers, specifically in the setMacFilterCfg function located at /goform/setMacFilterCfg. An issue arises when the deviceList argument is manipulated, leading to a buffer overflow. This vulnerability can be exploited remotely, allowing potential attackers t...

A buffer overflow vulnerability exists in the Tenda TX9 device, specifically in the function responsible for configuring Wi-Fi settings. This flaw is triggered when an attacker manipulates the 'ssid' parameter in the '/goform/fast_setting_wifi_set' file. The vulnerability allows for potential rem...

A buffer overflow vulnerability exists in the Tenda TX9 router, specifically in the sub_42D03C function located in the /goform/SetStaticRouteCfg file. This critical flaw allows attackers to manipulate the argument list to execute arbitrary code remotely. As the exploit has been publicly disclosed...

The articles discuss two iOS zero-day vulnerabilities, CVE-2024-23225 and CVE-2024-23296, that affect a range of iPhone and iPad models. Both vulnerabilities allow attackers to bypass kernel memory protections and may lead to arbitrary code execution. Apple released patches in March and backporte...

A buffer overflow vulnerability exists in the Tenda TX3 routers, specifically in the SetIpMacBind function. This vulnerability allows for manipulation of input parameters, which could lead to an overflow condition, potentially allowing remote attackers to execute arbitrary code on the device. The...

A vulnerability exists in projectworlds Online Food Ordering System 1.0 that allows remote attackers to exploit an identified function in the view-ticket.php file. By manipulating the 'ID' argument, attackers can execute unauthorized SQL queries, potentially compromising the application's databas...

A command injection vulnerability exists in the UTT HiPER 810 device version 1.7.4-141218, specifically within the function sub_43F020 located in the /goform/formPdbUpConfig file. By manipulating the argument policyNames, an attacker can execute arbitrary commands remotely. This vulnerability has...

A security vulnerability has been identified in the PHPGurukul Hospital Management System 4.0, specifically in the /hms/admin/manage-doctors.php file. The vulnerability allows for SQL injection via manipulation of the 'ID' argument, making it possible for attackers to execute arbitrary SQL querie...

A vulnerability has been identified in the Code-Projects Online Music Site version 1.0, specifically within the AdminUpdateCategory.php file located in the Administrator/PHP directory. This vulnerability allows remote attackers to manipulate the txtimage argument to perform unrestricted file uplo...

A SQL injection vulnerability has been identified in the Online Music Site 1.0 developed by Code-Projects. This flaw resides in the /Administrator/PHP/AdminUpdateCategory.php file, allowing attackers to manipulate the txtcat argument, potentially leading to unauthorized database access. The explo...

A security flaw has been detected in the input_text function of XixianLiang's HarmonyOS-mcp-server version 0.1.0. This vulnerability allows attackers to manipulate the text argument, leading to potential OS command injection. The exploit is publicly available, making it essential for users to add...

A security issue has been identified in the D-Link DIR-823X router, specifically within the functionality of the /goform/set_ac_status file. This vulnerability allows an attacker to perform an OS command injection by manipulating certain arguments, which can be exploited remotely. The potential f...

A vulnerability has been identified in Xiaopi Panel's WAF Firewall versions up to 20260126, where improper handling of input parameters in the /demo.php file allows for SQL injection attacks. This security flaw could be exploited remotely, potentially giving an attacker unauthorized access to the...

A vulnerability exists in the D-Link DIR-823X router that allows remote attackers to exploit the /goform/set_server_settings functionality. By manipulating parameters such as terminal_addr, server_ip, and server_port, an attacker can perform os command injection. This security flaw enables unauth...

A vulnerability exists in the itsourcecode Society Management System 1.0, specifically within an unknown function in the /admin/edit_activity.php file. This vulnerability allows an attacker to perform SQL injection through manipulation of the activity_id argument. Remote exploitation is possible,...

A SQL injection vulnerability exists in the itsourcecode Society Management System 1.0, specifically within the /admin/edit_expenses.php file. By manipulating the expenses_id argument, attackers can execute unauthorized SQL commands. This vulnerability allows for remote exploitation, posing a sig...

A vulnerability has been identified in the itsourcecode Society Management System 1.0, located within the admin/delete_expenses.php file. This issue arises from improper handling of incoming data, specifically the expenses_id parameter, which results in SQL injection. Attackers can exploit this f...

A security flaw has been discovered in the itsourcecode Society Management System version 1.0, specifically within the file /admin/edit_admin.php. This vulnerability allows an attacker to manipulate the admin_id parameter, leading to a SQL injection attack. As a result, unauthorized access to sen...

The Tenda G300-F router's firmware vulnerabilities relate to the WAN diagnostic functionality, specifically in the formSetWanDiag process. This vulnerability allows remote attackers, with access to the management interface, to inject arbitrary shell commands through inadequate input validation in...

A local vulnerability has been identified in Mapnik versions up to 4.2.0, specifically in the function mapnik::detail::mod<...>::operator located in src/value.cpp. This issue allows for a divide by zero manipulation, which could potentially be exploited. The vulnerability has been publicly disclo...

A vulnerability exists in a WordPress plugin that may allow unauthorized access or manipulation of sensitive data due to inadequate security measures. Users of this plugin should be aware of potential risks and review their configurations to ensure proper security protocols are in place.

A security vulnerability has been identified in the WebUploader component of Yuan1994's Tpadmin software. Found in the file /public/static/admin/lib/webuploader/0.1.5/server/preview.php, this flaw enables deserialization of untrusted data. Attackers can exploit this vulnerability remotely, puttin...

A vulnerability exists in JeecgBoot versions up to 3.9.0, specifically within the Retrieval-Augmented Generation Module. This weakness arises from improper validation of the filePath argument in the component responsible for document editing. An attacker can exploit this vulnerability remotely, l...

A vulnerability exists in the Linux kernel related to improper initialization of the 'flags' member of the new pipe buffer structure. This absence of proper initialization in the copy_page_to_iter_pipe and push_pipe functions can result in the presence of stale values. As a consequence, an unpriv...

A security vulnerability has been identified in Tasin1025's SwiftBuy software, specifically within the /login.php file. This flaw allows unauthorized manipulation that leads to improper restrictions on the number of authentication attempts. Such an oversight could enable potential remote attacker...

A security flaw has been discovered in jsbroks COCO Annotator, specifically in the Delete Category Handler's undo function located at /api/undo/. This vulnerability allows unauthorized manipulation of the argument ID, potentially letting attackers perform unauthorized operations. The issue can be...

A vulnerability exists in jsbroks COCO Annotator versions up to 0.11.1, specifically affecting the Endpoint component located at /api/info/long_task. This security issue allows an attacker to initiate a denial of service attack remotely, disrupting service availability. The exploit has been made ...

A security vulnerability has been identified within the yeqifu warehouse, specifically in the Log Info Handler’s functions: loadAllLoginfo, deleteLoginfo, and batchDeleteLoginfo. This flaw allows for improper authorization, potentially enabling remote attackers to manipulate logging data. Despite...

A vulnerability exists in the YeQifu Warehouse's Notice Management component, specifically within the functions addNotice, updateNotice, deleteNotice, and batchDeleteNotice found in NoticeController.java. This flaw allows for improper authorization, enabling remote attackers to exploit the system...

A vulnerability has been identified in the Yeqifu Warehouse system, particularly within the Department Management component. This flaw resides in the functions responsible for adding, updating, and deleting departments. Attackers can exploit this issue to bypass authorization controls, enabling u...

A SQL injection vulnerability exists in SourceCodester Online Class Record System version 1.0, where improper processing of input in the /admin/message/search.php file allows attackers to manipulate the 'term' argument. This flaw can be exploited remotely, potentially allowing unauthorized access...

A vulnerability has been identified in the Online Class Record System by SourceCodester, where improper validation allows an attacker to manipulate the argument ID in the file /admin/subject/controller.php. This manipulation can lead to SQL injection, enabling remote exploitation. The details of ...

A security flaw has been identified in version 1.1 of PHPGurukul's Beauty Parlour Management System, specifically within the /admin/accepted-appointment.php file. An attacker can exploit this vulnerability by manipulating the 'delid' argument, enabling unauthorized SQL commands to be executed. Th...

An SQL injection vulnerability has been identified in the SourceCodester Online Class Record System version 1.0, specifically impacting the /admin/login.php file. This flaw allows an attacker to manipulate the user_email input, which can lead to unauthorized database access. The exploit can be in...

A buffer overflow vulnerability exists in the Management Interface of the UTT HiPER 810G product, specifically in the strcpy function of the /goform/formFireWall file. This issue allows an attacker to manipulate the GroupName argument, potentially leading to unauthorized access and control over t...

A command injection vulnerability has been identified in the D-Link DWR-M921 router, specifically within the USSD Configuration Endpoint function sub_419F20. This vulnerability is caused by improper handling of the 'ussdValue' argument, allowing attackers to execute arbitrary commands remotely. G...

A vulnerability has been detected in the D-Link DIR-823X router, specifically in the file /goform/set_language. This weakness can be exploited through a manipulation of the langSelection argument, enabling remote attackers to inject operating system commands. The public availability of exploit de...