Publicly Disclosed
PoC Exploits

A vulnerability exists in the saiftheboss7 Online MCQ Exam, where improper handling of the ans1 and ans2 parameters in the /admin/quesadd.php file allows for SQL injection attacks. This flaw can be exploited remotely, enabling unauthorized access to the database and potential manipulation of sens...

A vulnerability exists in the TRENDnet TEW-822DRE router's /boafrm/formWsc file that allows for remote command injection through manipulation of the peerPin argument. Exploiting this vulnerability could allow attackers to execute arbitrary commands on the device without authorization. The issue w...

A vulnerability has been identified in TinyFileManager, where improper handling within the tinyfilemanager.php file allows for path traversal attacks. By manipulating the fullpath argument, remote attackers can exploit this flaw to access unauthorized files on the server. This exposure can lead t...

A command injection vulnerability exists in the TRENDnet TEW-800MB router within the function sub_F934 of the file NTPSyncWithHost.cgi. This vulnerability allows for remote manipulation of commands, potentially exposing the system to unauthorized access and control. An exploit has been publicly r...

A command injection vulnerability has been identified in the TRENDnet TEW-800MB router's management interface. This weakness arises from improper handling of the 'WizardConfigured' argument in the 'do_setWizard_asp' function of the '/goform/wizardset' file. An attacker can exploit this vulnerabil...

A vulnerability has been identified in the Joey-Zhou Xiaozhi ESP32 Server Java affecting versions up to 3.0.0. The weakness lies within the 'tryAuthenticateWithCookies' function of the 'AuthenticationInterceptor.java' component, specifically the Cookie Handler. This flaw can enable an attacker to...

A security flaw in the yourmaileyes MOOC platform, specifically within the submission handler's functionality, allows an attacker to manipulate arguments leading to cross-site scripting (XSS) vulnerabilities. This issue arises from improper handling of user-supplied input in the `subreview` metho...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

A vulnerability exists in ZSPACE Z4Pro+ 1.0.0440024 due to improper handling of HTTP POST requests by the zfilev2_api_CloseSafe function. This issue allows an attacker to perform command injection, potentially enabling remote exploitation. The exploit techniques are publicly available, increasing...

A significant vulnerability has been identified in ZSPACE Z4Pro+ 1.0.0440024, specifically within the zfilev2_api_open function located in the HTTP POST Request Handler. This vulnerability allows potential command injection, enabling an attacker to execute arbitrary commands remotely. The nature ...

A command injection vulnerability exists in the function zfilev2_api_SafeStatus of the HTTP POST Request Handler for ZSPACE Z4Pro+ 1.0.0440024. This flaw allows remote attackers to manipulate the request and execute arbitrary commands on the affected system. The exploit has already been made publ...

A code injection vulnerability exists in the shanyu SyCms Administrative Panel, specifically within the addPost function located in the FileManageController.class.php file. This flaw allows for remote exploitation, permitting attackers to execute arbitrary code on affected systems. The vulnerabil...

A vulnerability has been identified in Lin-CMS-TP5, specifically affecting the file upload functionality within the application/library/file/LocalUploader.php component. This flaw can be exploited through manipulation of the File argument, enabling remote code execution. The issue was highlighted...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

A security flaw has been identified in the ZKTeco BioTime software, specifically affecting versions up to 9.0.3, 9.0.4, and 9.5.2. The issue arises from improper handling of encryption parameters related to credential storage within the /base/safe_setting/ directory of the Endpoint component. Thi...

A vulnerability has been identified in the FantasticLBP Hotels_Server affecting the Room.php file, where manipulation of the 'hotelId' argument can lead to SQL injection attacks. This flaw can be exploited remotely, allowing attackers to execute unauthorized SQL commands. Despite the vendor being...

A vulnerability has been discovered in JeecgBoot versions up to 3.9.0, specifically within the getPositionUserList function located in /sys/position/getPositionUserList. This flaw allows for manipulation of the positionId argument, leading to unauthorized access to user data. Attackers can initia...

A security flaw in JeecgBoot versions up to 3.9.0 has been identified, affecting the 'queryDepartPermission' function. The flaw arises from inadequate authorization checks when manipulating the 'departId' parameter, allowing potential remote attacks. Although the exploit is publicly available, it...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

A vulnerability has been discovered in JeecgBoot, which affects versions up to 3.9.0. This flaw occurs within the getParameterMap function located in the /sys/sysDepartPermission/list file, where improper manipulation of the departId argument can lead to unauthorized access. This vulnerability ca...

A vulnerability has been identified in JeecgBoot versions up to 3.9.0, specifically within an unknown function related to the file /sys/sysDepartPermission/datarule/. This flaw allows for improper authorization, enabling potential malicious actors to manipulate access controls remotely. The compl...

A vulnerability exists in JeecgBoot up to version 3.9.0 that affects the loadDatarule function within the file /sys/sysDepartRole/datarule/. This flaw allows for improper authorization when the departId or roleId parameters are manipulated. Attackers can potentially exploit this vulnerability rem...

A significant vulnerability in NiceHash QuickMiner version 6.12.0 allows for remote code execution through unverified software updates. The application performs updates over HTTP without validating digital signatures or implementing hash checks. This flaw can be exploited by an attacker who redir...

A security flaw has been identified in JeecgBoot versions up to 3.9.0, impacting the getDeptRoleList function in the file /sys/sysDepartRole/getDeptRoleList. This vulnerability arises from the manipulation of the departId argument, which leads to improper authorization controls. An attacker can e...

An improper authorization vulnerability has been identified in JeecgBoot versions up to 3.9.0, specifically within the queryPageList function located in /sys/sysDepartRole/list. This issue arises from manipulative inputs to the argument deptId, which may allow unauthorized users to gain access to...

A security vulnerability has been identified in the Macrozheng Mall application that compromises the Member Endpoint component. Specifically, the issue exists in the code handling the update of member addresses, which allows for improper authorization. This vulnerability poses a risk of remote ex...

A deserialization vulnerability exists in PyArrow, specifically in its handling of Arrow IPC, Feather, and Parquet data. This flaw enables potential adversaries to execute arbitrary code during data reading processes when using vulnerable versions of PyArrow (0.14.0 to 14.0.0) with untrusted inpu...

A security flaw has been identified in OpenCart up to version 4.1.0.3, specifically within the Single-Use Coupon Handler component. This vulnerability allows remote attackers to manipulate the race condition, potentially leading to unauthorized actions. Although the complexity of the exploit is c...

A discrepancy in error messages for invalid login attempts in Webmin Usermin v2.100 allows attackers to enumerate valid user accounts.

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

The Royal Elementor Addons and Templates plugin for WordPress prior to version 1.3.79 is susceptible to a significant security flaw due to improper validation of uploaded files. This vulnerability permits unauthenticated users to upload arbitrary files, including potentially malicious PHP scripts...

A security flaw has been identified in the backend of the jackq XCMS product, specifically within the ProductImageController.class.php file. This vulnerability allows attackers to manipulate the 'File' argument during upload operations, which may lead to unauthorized file uploads. The flaw can be...

A significant vulnerability has been identified in jackq XCMS that allows for unrestricted file uploads through the 'upload.php' script located in the Public/javascripts/admin/plupload-2.1.2/examples directory. This flaw enables remote attackers to upload malicious files, potentially leading to f...

A vulnerability has been identified in PandaXGO's PandaX, specifically within the JWT Secret Handler component. The issue lies in the manipulation of the 'key' argument within the config.yml file, leading to the use of a hard-coded cryptographic key. This flaw presents significant security risks ...

An improper verification of cryptographic signature vulnerability has been identified in Fortinet products, including FortiOS and FortiProxy, allowing unauthenticated attackers to potentially bypass FortiCloud SSO login authentication. This issue arises when crafted SAML response messages are uti...

A security flaw has been identified in the Actiontech SQLE's JWT Secret Handler component, specifically within the file sqle/utils/jwt.go. The vulnerability arises from the manipulation of the JWTSecretKey argument, leading to the use of a hard-coded cryptographic key. This issue allows for poten...

A vulnerability exists in the getmaxun authentication endpoint, specifically within the router.get function located in server/src/routes/auth.ts. This weakness allows for improper authorization, enabling remote attackers to manipulate requests in a way that bypasses intended security measures. De...

A security flaw has been identified in the getmaxun product, particularly within the authentication endpoint located in the file /getmaxun/maxun/blob/develop/server/src/routes/auth.ts. The issue is triggered by manipulation of the 'api_key' argument, leading to the use of a hard-coded cryptograph...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

The Xspeeder SXZOS platform has a security flaw that allows an attacker to execute arbitrary code remotely. The vulnerability arises from the improper handling of the chkid parameter in the vLogin.py script, which can be exploited through base64-encoded Python code. Additionally, the parameters '...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the hide_notices function in all versions up to, and including, 2.6.2. This makes it possible for unauthenticated attackers to enable u...

A security issue in Docker Desktop has been discovered, enabling local running Linux containers to communicate with the Docker Engine API through the default Docker subnet. This issue can arise irrespective of whether Enhanced Container Isolation (ECI) is active or if the 'Expose daemon on tcp://...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

The vulnerability in Windows Server Update Service arises from the deserialization of untrusted data, which could allow an unauthorized attacker to execute arbitrary code over a network. This flaw demonstrates the importance of secure coding practices to prevent untrusted input from being process...

The vulnerability arises from mismatched length fields in Zlib compressed protocol headers within MongoDB Server, potentially allowing an unauthenticated client to access uninitialized heap memory. This could lead to unauthorized information exposure, affecting versions of MongoDB Server across m...

n8n, an open-source workflow automation platform, has a Remote Code Execution vulnerability affecting specific versions. Authenticated users can inadvertently supply expressions that, under certain circumstances, are evaluated in a context insufficiently isolated from the runtime. This flaw enabl...

A vulnerability was discovered in SimStudioAI software that affects the CRON Secret Handler component, specifically within the file apps/sim/lib/auth/internal.ts. This vulnerability arises from improper handling of the argument INTERNAL_API_SECRET, allowing for potential authentication bypass. Th...