Publicly Disclosed
PoC Exploits

A security vulnerability has been found in version 1.0 of the Code-Projects Simple Laundry System, specifically within the checkupdatestatus.php file related to the Parameters Handler component. An attacker can exploit this vulnerability by manipulating the serviceId argument, enabling a remote S...

A vulnerability in the Linux kernel allows for improper socket binding, leading to potential use-after-free scenarios. Specifically, the issue arises in the vsock module where socket bindings may not be preserved correctly during transport reassignment. This flaw can cause unintended memory acces...

A security flaw has been discovered in Simple Laundry System version 1.0, specifically within the Parameters Handler component. This vulnerability occurs in the /viewdetail.php file, where improper handling of the input parameter 'serviceId' can result in SQL injection. Attackers can exploit this...

A cross-site scripting vulnerability exists in the Exam Form Submission product developed by code-projects. This issue arises from improper validation of the 'sname' argument in the /admin/update_s3.php file. An attacker can exploit this vulnerability remotely by inputting malicious scripts, pote...

MCPJam Inspector, designed for local-first development on MCP servers, has a vulnerability allowing remote code execution (RCE) due to improper binding settings. In versions 1.4.2 and earlier, the platform listens on 0.0.0.0 by default, enabling attackers to exploit this configuration through cra...

A cross-site scripting vulnerability exists in the Code-Projects Exam Form Submission version 1.0, specifically in the '/admin/update_s4.php' file. Insufficient input validation allows an attacker to manipulate the 'sname' argument, leading to the execution of arbitrary scripts in the context of ...

The trx_addons WordPress plugin prior to version 2.38.5 contains a flaw in its AJAX action that improperly validates file types. This weakness enables unauthenticated users to upload malicious files, posing a significant threat to website security. The vulnerability stems from an unsuccessful fix...

A vulnerability in the code-projects Exam Form Submission software has been identified, specifically within the file /admin/update_s5.php. The flaw allows remote attackers to manipulate the 'sname' parameter, leading to Cross Site Scripting (XSS) attacks. This exploitation can potentially comprom...

A cross site scripting vulnerability exists in the Exam Form Submission 1.0 application, specifically in the handling of input within the /admin/update_s2.php file. The flaw allows an attacker to manipulate the 'sname' parameter, enabling remote code execution through malicious scripts. This coul...

A vulnerability has been identified in the SourceCodester Simple E-learning System 1.0, specifically within the User Profile Update Handler. This flaw allows an attacker to manipulate the 'firstName' argument, facilitating SQL injection attacks. Such an attack can be executed remotely, compromisi...

A security vulnerability has been discovered in the SourceCodester Simple E-learning System that allows an attacker to manipulate the HTTP GET parameter 'post_id' within the delete_post.php file. This flaw can lead to SQL injection, enabling remote attackers to execute unauthorized SQL commands a...

A vulnerability exists in the SourceCodester Sales and Inventory System version 1.0 that allows an attacker to exploit the HTTP POST request handler in the /view_product.php file. By manipulating the searchtxt parameter, an SQL injection attack can be executed remotely, leading to unauthorized ac...

A security flaw has been identified in the SourceCodester Sales and Inventory System 1.0, specifically within the '/view_payments.php' file associated with the HTTP POST Request Handler component. By manipulating the 'searchtxt' argument, an attacker can exploit this vulnerability to execute SQL ...

A vulnerability exists in the SourceCodester Sales and Inventory System 1.0, specifically within the /view_customers.php file. The HTTP POST Request Handler is susceptible to SQL injection due to improper validation of the 'searchtxt' parameter. An attacker can exploit this loophole remotely, all...

A SQL injection vulnerability exists in the SourceCodester Sales and Inventory System version 1.0, specifically within the /view_category.php file. The issue arises due to improper handling of the 'searchtxt' parameter in HTTP POST requests. This flaw allows attackers to manipulate the input to e...

A vulnerability in the SourceCodester Sales and Inventory System version 1.0 allows for SQL injection through improper handling of the 'sid' argument in the /update_supplier.php file. This weakness can be exploited remotely, potentially allowing attackers to execute arbitrary SQL commands and com...

A vulnerability has been identified in the Tenda A15 router, specifically in the function UploadCfg located at /cgi-bin/UploadCfg. The flaw arises from improper handling of the File argument, which can lead to a stack-based buffer overflow. This vulnerability allows for remote exploitation, posin...

A vulnerability has been identified in the Belkin F9K1122 router version 1.00.33, specifically within the function formWISP5G located in the /goform/formWISP5G file. This flaw allows an attacker to manipulate the 'webpage' argument, potentially leading to a stack-based buffer overflow. The exploi...

A security flaw has been identified in the RuoYi Management System by yangzongzhuan, affecting versions up to 4.8.2. The vulnerability resides in the Quartz Job Handler, specifically in the handling of arguments for the /monitor/job/ file. This issue allows unauthorized code execution via injecte...

A vulnerability has been discovered in MacCMS versions prior to 2025.1000.4052, specifically within the order_info function located in the User.php file of the Member Order Detail Interface. This security flaw allows an attacker to manipulate the order_id argument, potentially leading to unauthor...

A security flaw has been identified in MacCMS 2025.1000.4052, specifically within the file application/api/controller/Timming.php of the Timming API Endpoint. This vulnerability leads to missing authentication, allowing attackers to execute unauthorized actions remotely. The exploit has been publ...

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default config...

A relative path traversal vulnerability exists in Fortinet FortiWeb products versions 8.0.0 to 8.0.1, 7.6.0 to 7.6.4, 7.4.0 to 7.4.9, 7.2.0 to 7.2.11, and 7.0.0 to 7.0.11. This vulnerability allows an attacker to potentially execute unauthorized administrative commands on the system by sending sp...

A significant vulnerability has been identified in the Linksys MR9600 firmware version 2.0.6.206937. A flaw in the 'smartConnectConfigure' function located in the SmartConnect.lua file allows for OS command injection through manipulation of specific arguments such as configApSsid, configApPassphr...

A cross site scripting vulnerability has been identified in the Exam Form Submission product by Code-Projects, specifically within the updating function located in /admin/update_s1.php. By manipulating the 'sname' argument, an attacker can inject malicious scripts into web pages viewed by other u...

A vulnerability has been identified in the D-Link DIR-513 router, specifically within the formEasySetTimezone function in the boa component. This issue can lead to a stack-based buffer overflow when the curTime argument is manipulated. Attackers can exploit this vulnerability remotely, potentiall...

A security flaw has been identified in the Tenda F453 router, specifically in the FormWriteFacMac function located within the /goform/WriteFacMac file. This vulnerability allows for command injection through manipulation of the mac argument, enabling an attacker to execute unauthorized commands r...

The vulnerability in the TLS and DTLS implementations of OpenSSL versions prior to 1.0.1g allows remote attackers to exploit crafted Heartbeat Extension packets. This exploitation results in a buffer over-read, potentially revealing sensitive information from the memory of the affected process. A...

A stack-based buffer overflow vulnerability has been identified in the Tenda F453 device, specifically in the Parameters Handler within the function fromNatlimit. The vulnerability arises due to improper handling of argument manipulation for the 'page' parameter in the /goform/Natlimit file. An a...

A stack-based buffer overflow vulnerability exists in the Tenda F453 router version 1.0.0.3, specifically within the fromVirtualSer function in the Parameters Handler. By manipulating the 'page' argument of the /goform/VirtualSer file, an attacker can exploit this vulnerability remotely, potentia...

A vulnerability in the Tenda F453 device allows for a stack-based buffer overflow due to improper handling of user-supplied input in the fromSafeClientFilter function of the Parameters Handler component. This issue can be exploited remotely, potentially allowing attackers to manipulate the menufa...

An SQL injection vulnerability exists in the Simple Gym Management System's func.php file, specifically through unsanitized data passed via the Trainer_id or fname parameters. This flaw allows attackers to execute arbitrary SQL queries, potentially leading to unauthorized data access or modificat...

FTP Shell Server version 6.83 is vulnerable to a buffer overflow attack in the 'Account name to ban' field. This flaw enables local attackers to execute arbitrary code on the system by supplying a crafted string within the Manage FTP Accounts dialog. By manipulating the account name parameter, at...

The Ease Audio Converter version 5.30 is vulnerable to a denial of service attack through its Audio Cutter function. This vulnerability allows local attackers to exploit the application by processing specially crafted MP4 files that contain oversized buffers. When these malformed files are loaded...

AdminExpress 1.2.5 is susceptible to a denial of service vulnerability that enables local attackers to crash the application. By submitting oversized input in the Folder Path field within the System Compare feature, attackers can trigger unresponsiveness or a full crash of the application, render...

AnMing MP3 CD Burner version 2.0 is susceptible to a buffer overflow vulnerability that can be exploited by local attackers. By inputting a specially crafted oversized string (up to 6000 bytes) into the registration name field, an attacker can trigger a denial of service condition, effectively cr...

Lavavo CD Ripper 4.20 has a structured exception handling (SEH) buffer overflow vulnerability that can be exploited by local attackers to execute arbitrary code. By providing a specially crafted string in the License Activation Name field, an attacker can manipulate the application's memory and c...

Free Float FTP 1.0 has a critical buffer overflow vulnerability in its STOR command handler. This flaw allows an unauthenticated attacker to execute arbitrary code on the FTP server. By sending a specially crafted STOR request with an oversized payload, attackers can manipulate the server into ex...

The Easy Chat Server version 3.1 is susceptible to a denial of service attack, which allows remote attackers to crash the server. By sending an excessively large message through the message parameter in a POST request to the chat.ghp endpoint, attackers can disrupt the normal functioning of the a...

The version 1.2.5.485 of Admin Express, developed by Softonic, is susceptible to a local structured exception handling buffer overflow vulnerability. This flaw allows an attacker with local access to craft a payload that, when injected into the Folder Path field through the System Compare feature...

MiniFtp contains a buffer overflow vulnerability in the parseconf_load_setting function, which allows local attackers to execute arbitrary code. This occurs when oversized configuration values are provided, specifically exceeding 128 bytes. Attackers can craft a malicious miniftpd.conf file to ov...

The JetAudio JetCast Server 2.0 contains a vulnerability in the Log Directory configuration field that leads to a stack-based buffer overflow. Local attackers can exploit this weakness by injecting specially crafted alphanumeric encoded shellcode into the Log Directory field. This manipulation al...

The NetNumber Titan Master 7.9.1 is vulnerable to a path traversal issue in the drp endpoint. This flaw permits authenticated users to exploit directory traversal sequences, enabling them to download arbitrary files from the server. By manipulating the path parameter using base64-encoded payloads...

Iperius Backup 6.1.0 is susceptible to a vulnerability that permits low-privilege users to execute arbitrary applications with elevated permissions. This is achieved by crafting backup jobs that can trigger the execution of malicious scripts or programs, either before or after backup processes. T...

Fast AVI MPEG Joiner version 1.2.0812 is susceptible to a buffer overflow vulnerability that permits local attackers to crash the application. By injecting an oversized payload, specifically a text file with 6000 bytes of data into the License Name field, an attacker can trigger a denial of servi...

Axessh version 4.2 suffers from a stack-based buffer overflow vulnerability in the log file name field. Local attackers can exploit this vulnerability by providing an excessively long filename, which leads to buffer overflow at an offset of 214 bytes. This allows them to overwrite the instruction...

Axessh version 4.2 suffers from a stack-based buffer overflow vulnerability in the log file name field. Local attackers can exploit this vulnerability by providing an excessively long filename, which leads to buffer overflow at an offset of 214 bytes. This allows them to overwrite the instruction...

Axessh version 4.2 suffers from a stack-based buffer overflow vulnerability in the log file name field. Local attackers can exploit this vulnerability by providing an excessively long filename, which leads to buffer overflow at an offset of 214 bytes. This allows them to overwrite the instruction...

EquityPandit version 1.0 is susceptible to an insecure logging vulnerability that permits malicious actors to retrieve sensitive user credentials. By exploiting the Android Debug Bridge (ADB), attackers can gain access to developer console logs where plaintext passwords are recorded during the pa...

TuneClone 2.20 is susceptible to a structured exception handler (SEH) buffer overflow vulnerability. Local attackers can exploit this weakness by providing a specially crafted license code string, which allows for arbitrary code execution. By manipulating the buffer and redirecting execution flow...