Publicly Disclosed
PoC Exploits

A vulnerability exists in a WordPress plugin that may allow unauthorized access or manipulation of sensitive data due to inadequate security measures. Users of this plugin should be aware of potential risks and review their configurations to ensure proper security protocols are in place.

A vulnerability exists in the Linux kernel related to improper initialization of the 'flags' member of the new pipe buffer structure. This absence of proper initialization in the copy_page_to_iter_pipe and push_pipe functions can result in the presence of stale values. As a consequence, an unpriv...

A vulnerability has been identified in the Online Class Record System by SourceCodester, where improper validation allows an attacker to manipulate the argument ID in the file /admin/subject/controller.php. This manipulation can lead to SQL injection, enabling remote exploitation. The details of ...

A security flaw has been identified in version 1.1 of PHPGurukul's Beauty Parlour Management System, specifically within the /admin/accepted-appointment.php file. An attacker can exploit this vulnerability by manipulating the 'delid' argument, enabling unauthorized SQL commands to be executed. Th...

An SQL injection vulnerability has been identified in the SourceCodester Online Class Record System version 1.0, specifically impacting the /admin/login.php file. This flaw allows an attacker to manipulate the user_email input, which can lead to unauthorized database access. The exploit can be in...

A buffer overflow vulnerability exists in the Management Interface of the UTT HiPER 810G product, specifically in the strcpy function of the /goform/formFireWall file. This issue allows an attacker to manipulate the GroupName argument, potentially leading to unauthorized access and control over t...

A command injection vulnerability has been identified in the D-Link DWR-M921 router, specifically within the USSD Configuration Endpoint function sub_419F20. This vulnerability is caused by improper handling of the 'ussdValue' argument, allowing attackers to execute arbitrary commands remotely. G...

A vulnerability has been detected in the D-Link DIR-823X router, specifically in the file /goform/set_language. This weakness can be exploited through a manipulation of the langSelection argument, enabling remote attackers to inject operating system commands. The public availability of exploit de...

Samba versions 3.5.0 up to 4.6.4, along with specific earlier releases, contain a serious vulnerability where a malicious client can upload a shared library to a writable share. This exploit allows the server to load and execute the uploaded file, leading to unauthorized control and potential dam...

A security flaw has been identified in version 1.0 of code-projects' Social Networking Site, specifically within the /delete_post.php file. This vulnerability occurs due to improper handling of the ID parameter, which allows remote attackers to execute SQL injection attacks. The exploit can lead ...

Samba versions 3.5.0 up to 4.6.4, along with specific earlier releases, contain a serious vulnerability where a malicious client can upload a shared library to a writable share. This exploit allows the server to load and execute the uploaded file, leading to unauthorized control and potential dam...

A vulnerability exists in the D-Link DIR-823X 250416 caused by improper handling of arguments in the /goform/set_mac_clone function. This weakness allows an attacker to manipulate the 'mac' argument, resulting in OS command injection. The vulnerability can be exploited remotely, potentially givin...

A critical OS command injection vulnerability has been identified in the D-Link DIR-823X router, specifically in the /goform/set_password function. This issue arises when the http_passwd argument is manipulated, allowing an attacker to execute arbitrary commands on the system. The vulnerability c...

A command injection vulnerability exists in the UTT HiPER 810 product, specifically affecting the setSysAdm function in the /goform/formUser file. By manipulating the argument passwd1, an attacker can execute arbitrary commands remotely. This exploit has been made public, raising concerns over it...

A vulnerability has been identified in the Yeqifu Warehouse application leading to improper authorization within the Menu Management functionality. Specifically, the flaw is located in the addMenu/updateMenu/deleteMenu methods of the MenuController.java file. This security issue allows remote att...

A vulnerability exists in the Yeqifu Warehouse's Permission Management component that allows an attacker to manipulate the addPermission, updatePermission, and deletePermission functions. This manipulation enables improper authorization, which attackers could exploit remotely. As the exploit is n...

A vulnerability has been identified in the YeQifu Warehouse that allows improper authorization due to weaknesses in the functionality of role management operations (addRole/updateRole/deleteRole) in the RoleController.java file. This issue could permit unauthorized remote access to sensitive func...

A vulnerability has been identified in Yeqifu Warehouse affecting its User Management Endpoint. The flaw exists within the addUser/updateUser/deleteUser functions in UserController.java, allowing for improper authorization. This issue can be exploited remotely, enabling unauthorized users to mani...

The Post Slides plugin for WordPress, up to version 1.0.1, is susceptible to a Local File Inclusion (LFI) vulnerability, which arises from improper validation of shortcode attributes. This allows authenticated users, including those with contributor roles or higher, to exploit this flaw by contro...

A security flaw exists in the Yeqifu Warehouse within the Role-Permission Binding Handler, specifically in the saveRolePermission function of RoleController.java. This vulnerability allows for improper access controls, making it possible for attackers to take advantage of this flaw remotely. The ...

A notable vulnerability exists in O2OA versions up to 9.0.0, specifically concerning a function within the HTTP POST Request Handler. This flaw allows for XML external entity reference, potentially enabling attackers to exploit the vulnerability remotely. With the exploit already available public...

A security flaw exists in the itsourcecode School Management System version 1.0, specifically within the file located at /ramonsys/user/index.php. This vulnerability arises from inadequate validation of the argument ID, which allows attackers to execute SQL injection attacks remotely. The exploit...

The Vendure open-source headless commerce platform has a vulnerability in the `NativeAuthenticationStrategy.authenticate()` method, which is susceptible to timing attacks. This flaw allows malicious actors to differentiate between valid and invalid usernames by exploiting the timing discrepancies...

The GNU Inetutils telnet daemon (telnetd) is vulnerable to a remote authentication bypass that can occur when an attacker manipulates the USER environment variable by specifying a '-f root' value. This flaw allows unauthorized users to gain access without proper authentication. Affected users sho...

Wing FTP Server versions prior to 6.2.7 are susceptible to a cross-site request forgery (CSRF) vulnerability within its web administration interface. This security flaw enables an attacker to create a malicious HTML page that triggers unintended actions, such as deleting administrative user accou...

The application TapinRadio 2.12.3 is vulnerable to a denial of service attack due to improper handling of the proxy username configuration. Local attackers may exploit this vulnerability by inputting 10,000 bytes of arbitrary data into the username field, leading to an application crash and disru...

In TapinRadio version 2.12.3, a denial of service vulnerability exists due to improper validation of the application proxy address configuration. Local attackers can exploit this weakness by injecting 3000 bytes of arbitrary data into the address field, which may lead to a crash of the applicatio...

AbsoluteTelnet 11.12 is vulnerable to a denial of service attack that can be exploited by a local attacker. By supplying an oversized license name, specifically a payload of up to 2500 characters, an attacker can trigger an application crash, leading to service disruption. This vulnerability high...

AbsoluteTelnet 11.12 is susceptible to a denial of service vulnerability in the SSH2 username input field. This flaw allows local attackers to exploit the application by overwriting the username field with a 1000-byte buffer, leading to application crashes and unresponsiveness. It is critical for...

AbsoluteTelnet 11.12 is susceptible to a denial of service vulnerability, allowing local attackers to crash the application. By inputting an oversized license name, attackers can send a payload of up to 2500 characters into the license entry field, leading to application instability and crashes. ...

QuickDate version 1.3.2 is susceptible to a SQL injection vulnerability that enables remote attackers to manipulate database queries through the '_located' parameter in the find_matches endpoint. This flaw permits the injection of UNION-based SQL queries, potentially giving attackers access to se...

Wedding Slideshow Studio 1.36 contains a vulnerability that allows an attacker to exploit a buffer overflow via the registration key input. This can be achieved by crafting a malicious payload of 1608 bytes that targets the application's stack memory, enabling the execution of arbitrary code. The...

Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability in its alarm scheduling feature, which can be exploited by attackers to execute arbitrary code by manipulating memory registers. By crafting a payload larger than 260 bytes, an attacker can overwrite critical registers, such as ...

Wedding Slideshow Studio version 1.36 is susceptible to a buffer overflow vulnerability that enables attackers to execute arbitrary code. By manipulating the registration name field with specially crafted input, an attacker can overwrite critical memory locations, which could lead to unauthorized...

SprintWork 2.3.1 presents multiple local privilege escalation vulnerabilities due to improper file, service, and folder permissions in Windows environments. Unprivileged local users can exploit these weaknesses, including missing executable files and misconfigured services, enabling them to creat...

The DBPower C300 HD Camera is susceptible to a configuration disclosure vulnerability that enables unauthorized users to access sensitive information. The flaw arises from an exposed configuration backup endpoint that can be accessed without authentication. By targeting the /tmpfs/config_backup.b...

Core FTP Lite 1.3 is susceptible to a buffer overflow vulnerability in the username input field. By supplying an oversized payload, such as a 7000-byte string of repeated 'A' characters, attackers can exploit this flaw to crash the application. This vulnerability does not require any additional i...

The DBPower C300 HD Camera is susceptible to a configuration disclosure vulnerability that enables unauthorized users to access sensitive information. The flaw arises from an exposed configuration backup endpoint that can be accessed without authentication. By targeting the /tmpfs/config_backup.b...

eLection 2.0 contains an authenticated SQL injection vulnerability within its candidate management endpoint. By manipulating the 'id' parameter, attackers can execute arbitrary SQL commands, potentially resulting in unauthorized data access or alterations. This flaw can be exploited using tools l...

eLection 2.0 contains an authenticated SQL injection vulnerability within its candidate management endpoint. By manipulating the 'id' parameter, attackers can execute arbitrary SQL commands, potentially resulting in unauthorized data access or alterations. This flaw can be exploited using tools l...

ATutor version 2.2.4 features a SQL injection vulnerability that exists within the admin user deletion page. This flaw permits authenticated users to manipulate SQL queries via the 'id' parameter in the admin_delete.php script. Attackers can leverage this vulnerability to inject harmful SQL comma...

The ACE Security WiP-90113 HD Camera is affected by a configuration disclosure vulnerability that enables attackers, without authentication, to access sensitive configuration files. By exploiting an endpoint vulnerability, attackers can send a GET request to /config_backup.bin, which allows them ...

AMSS++ 4.7 is vulnerable to an authentication bypass, enabling attackers to gain unauthorized access to administrative accounts by exploiting hardcoded credentials. Specifically, the default admin login details, ‘1234’ as both username and password, allow unauthorized users to access sensitive ad...

The AMSS++ application version 4.31 contains a SQL injection vulnerability within the mail module's maildetail.php script. This vulnerability arises due to improper handling of the 'id' parameter, allowing attackers to craft malicious SQL queries. By exploiting this flaw, attackers could gain una...

aSc TimeTables 2020.11.4 is vulnerable to a Denial of Service attack that can be exploited by an attacker through the manipulation of the Subject title field. By inputting an excessively long 1000-character string into this field, the attacker can cause the application to crash, resulting in pote...

SpotFTP-FTP Password Recover version 2.4.8 is susceptible to a denial of service attack due to a buffer overflow vulnerability. Attackers can exploit this weakness by providing a specially crafted registration code comprising 1000 'Z' characters, leading the application to crash. This vulnerabili...

The Business Live Chat Software 1.0 is susceptible to a cross-site request forgery (CSRF) vulnerability that permits attackers to alter user account roles without the need for proper authentication. By crafting a malicious HTML form, an attacker can send a POST request to modify user privileges, ...

Core FTP LE 2.2 is susceptible to a denial of service attack that can render the application inoperable. By exploiting this vulnerability, an attacker can enter an excessively large buffer into the account field, causing the application to freeze and necessitate reinstallation to restore function...

The Cyberoam Authentication Client version 2.1.2.7 is susceptible to a buffer overflow vulnerability, enabling remote attackers to exploit the 'Cyberoam Server Address' input field. By crafting malicious input, attackers can overwrite memory associated with the Structured Exception Handler (SEH),...

A buffer overflow vulnerability exists in the UTT 进取 520W router, specifically in the strcpy function located in the /goform/formPolicyRouteConf file. This flaw allows an attacker to manipulate the GroupName argument, potentially leading to unauthorized access and exploitation. The vulnerability ...