Publicly Disclosed
PoC Exploits

CVE-2023-43208 is an unauthenticated remote code execution vulnerability that affects NextGen Healthcare Mirth Connect before version 4.4.1. The vulnerability stems from an incomplete patch of a previous vulnerability, making it a patch bypass issue. It allows for the insecure use of the Java XSt...

A command injection vulnerability exists within MagnusSolution's MagnusBilling versions 6.x and 7.x, allowing unauthorized remote attackers to execute arbitrary commands through unauthenticated HTTP requests. This can potentially lead to serious security breaches, compromising the integrity of th...

A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromNatStaticSetting of the file /goform/NatStaticSetting of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been ma...

A security flaw has been discovered in Tenda F453 1.0.0.3. The impacted element is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component httpd. Performing a manipulation of the argument webSiteId results in buffer overflow. The attack may be initiated remotely. The e...

A vulnerability was identified in Tenda F453 1.0.0.3. The affected element is the function fromRouteStatic of the file /goform/RouteStatic of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit is publicly availabl...

Frigate, a network video recorder, has a significant Remote Command Execution vulnerability present in versions before 0.16.4. This flaw arises from inadequate sanitization of user input in the video stream configuration file, config.yaml. As a result, attackers can inject system commands via the...

A buffer overflow vulnerability exists in the Tenda F453 router's firmware version 1.0.0.3, specifically within the fromSetWifiGusetBasic function located in the /goform/AdvSetWrlsafeset component of httpd. This vulnerability can be exploited remotely by manipulating the mit_ssid argument, allowi...

A vulnerability exists in itsourcecode News Portal Project version 1.0, specifically in the file /admin/contactus.php. This vulnerability arises from improper processing of the pagetitle argument, which can lead to SQL injection attacks. Attackers can exploit this issue remotely, potentially gain...

A SQL injection vulnerability exists in the itsourcecode Document Management System 1.0, specifically within the file /register.php. By manipulating the 'Username' argument, an attacker can execute unauthorized SQL queries against the database. This vulnerability can be exploited remotely, posing...

A vulnerability exists in Langflow that allows remote attackers to execute arbitrary code without authentication. The flaw is rooted in the improper handling of the exec_globals parameter at the validate endpoint, resulting in the dynamic inclusion of resources from untrusted sources. Attackers c...

A vulnerability exists in itsourcecode College Management System version 1.0 due to improper handling of input in the /admin/teacher-salary.php file. By manipulating the teacher_id parameter, an attacker can execute SQL injection attacks, which may lead to unauthorized access to sensitive data. T...

A vulnerability within the itsourcecode College Management System version 1.0 has been identified, specifically affecting the 'login.php' file. The issue arises when the application fails to properly sanitize the 'email' argument, allowing attackers to execute SQL injection attacks from a remote ...

A vulnerability has been identified in itsourcecode College Management System 1.0, specifically in the '/admin/display-teacher.php' file. This security flaw allows attackers to manipulate the 'teacher_id' argument, leading to SQL injection attacks. Such exploits can be executed remotely, exposing...

A vulnerability has been discovered in the itsourcecode College Management System version 1.0, specifically within the file /admin/asign-single-student-subjects.php. This weakness allows an attacker to manipulate the 'course_code' argument, leading to SQL injection attacks that can be executed re...

A security flaw has been identified in the SourceCodester Simple and Nice Shopping Cart Script version 1.0, affecting the /signup.php file. This vulnerability allows attackers to exploit the Username input, leading to a SQL injection attack. The attack can be executed remotely, posing significant...

A vulnerability in libvips, specifically in the function vips_foreign_load_csv_build located within the file libvips/foreign/csvload.c, allows for heap-based buffer overflow. This issue can be exploited locally, and the potential for exploitation is significant, as public exploit proof-of-concept...

A security flaw in itsourcecode News Portal Project 1.0 has been identified, specifically affecting an unknown function in the file /newsportal/admin/edit-category.php. This vulnerability allows potential attackers to manipulate the argument 'Category', leading to SQL injection. This exploit can ...

A significant SQL injection vulnerability has been identified in the itsourcecode Document Management System version 1.0. The flaw arises from inadequate input validation in the login component, specifically within the loging.php file. An attacker can manipulate the Username argument, potentially...

In the Tattile Smart+, Vega, and Basic device families, the firmware versions 1.181.5 and earlier include a significant security flaw: the authentication token (X-User-Token) lacks a proper expiration mechanism. This deficiency allows attackers to exploit valid tokens, which may be obtained throu...

The Tattile Smart+, Vega, and Basic device families are affected by a significant security issue where devices are shipped with default credentials that are not required to be changed upon installation or commissioning. This oversight allows an attacker who can access the management interface to ...

The firmware of Tattile Smart+, Vega, and Basic device families prior to version 1.181.5 have a vulnerability that permits remote attackers to access Real-Time Streaming Protocol (RTSP) streams without authentication. This security flaw enables unauthorized individuals to connect to the RTSP serv...

The jsPDF library, widely used for generating PDFs in JavaScript, is subject to a security flaw that allows attackers to control the parameters of the `addJS` method. This oversight enables the injection of arbitrary PDF objects, which can lead to execution of malicious actions or manipulation of...

A critical security vulnerability has been identified in the Intelbras TIP 635G version 1.12.3.5, specifically affecting the Ping Handler component. This weakness allows for remote attackers to execute arbitrary operating system commands on the affected device, posing a serious risk of unauthoriz...

The latest vulnerability in SPIP allows attackers to execute arbitrary code remotely due to improper handling of data serialization in form inputs within the public area. This flaw could enable unauthorized access and manipulation of the system, highlighting the need for immediate updates to the ...

The Responsive Lightbox & Gallery WordPress plugin is susceptible to an Unauthenticated Stored-XSS attack due to inadequate regex replacement rules. Attackers can exploit this vulnerability by submitting a comment containing a malicious link when lightbox comments are enabled. If the comment is s...

A path traversal vulnerability exists in MuYuCMS version 2.7, specifically within the delete_dir_file function of the Template Management Page's controller. This issue arises due to improper handling of user-supplied input, allowing an attacker to manipulate the 'temn/tp' argument and potentially...

The Valkey distributed key-value database has a vulnerability that allows a malicious user to inject arbitrary data into the response stream using scripting commands. This can lead to the corruption of data or tampered responses affecting other users connected to the same session. The issue arise...

The SourceCodester Modern Image Gallery App version 1.0 is susceptible to a cross site scripting vulnerability through its upload.php file. An attacker can exploit this by manipulating the 'filename' parameter, potentially launching the attack remotely. This exploit is now publicly available, hig...

A security vulnerability has been identified in itsourcecode Document Management System 1.0, specifically within an unknown function of the file /edtlbls.php. This vulnerability allows for SQL injection through the manipulation of the argument 'field1'. Attackers can exploit this flaw remotely, p...

A vulnerability has been discovered in itsourcecode's Document Management System version 1.0 that affects the deluser.php file. An improper handling of the 'user2del' argument can lead to SQL injection attacks, which can be executed remotely. The exploit has been publicly disclosed, making it cru...

A vulnerability has been identified in HummerRisk's Archive Extraction functionality, specifically within the 'extractTarGZ/extractZip' methods in the CommandUtils.java file. This issue enables an attacker to manipulate the file path used during archive extraction, leading to a path traversal con...

A command injection vulnerability exists in the HummerRisk Cloud Compliance Scanning component, specifically within the fixedCommand function located in the PlatformUtils.java file. This flaw allows remote attackers to execute arbitrary commands on the affected system, potentially leading to unau...

A command injection vulnerability has been identified in the HummerRisk software affecting the Cloud Task Dry-run component. Specifically, the issue resides in the function CommandUtils.commonExecCmdWithResult located in CloudTaskService.java. An attacker can manipulate the argument 'fileName' to...

A security vulnerability has been identified in HummerRisk Cloud Task Scheduler affecting versions up to 1.5.0, specifically in the file ResourceCreateService.java. This vulnerability arises from improper handling of the argument 'regionId', allowing attackers to execute arbitrary commands. The e...

A stack-based buffer overflow vulnerability in the Apache httpd server's mod_cgi module on SonicWall's SMA100 appliances could allow a remote, unauthenticated attacker to execute arbitrary code with the privileges of the 'nobody' user. This issue affects multiple SMA appliance models, specificall...

A security flaw exists in the backend interface of pearProjectApi, specifically within the 'dateTotalForProject' function in the Task.php file. This vulnerability allows attackers to manipulate the 'projectCode' argument, potentially leading to unauthorized SQL commands being executed against the...

A security vulnerability exists in the OpenAPI Endpoint of DataLinkDC Dinky prior to version 1.2.6, particularly in the addInterceptors function within AppConfig.java. This flaw allows unauthorized access due to missing authentication checks. An attacker can remotely exploit this vulnerability, p...

A vulnerability exists in the DataLinkDC dinky where the function proxyUba of the Flink Proxy Controller can be manipulated, leading to server-side request forgery (SSRF). This flaw allows attackers to initiate remote attacks, potentially exposing sensitive server resources. The vulnerability has...

A path traversal vulnerability exists in the DataLinkDC dinky product, specifically in the function getProjectDir within the GitRepository.java file. This vulnerability allows attackers to manipulate the projectName argument, potentially accessing files outside the intended directory. The exploit...

A security flaw has been identified in the Horilla CRM platform, specifically within the Leads Module. This vulnerability allows attackers to manipulate input in the 'Notes' function found in static/assets/js/global.js, leading to potential cross site scripting (XSS) exploits. The attack can be e...

This vulnerability arises from the improper handling of special elements in command execution within Windows PowerShell. An attacker could exploit this flaw to execute arbitrary code locally on affected systems, potentially leading to unauthorized access and system compromise. Users of Windows Po...

A security flaw has been identified in the Horilla CRM software impacting versions up to 1.0.2. Specifically, the `get` function in the Query Parameter Handler component, located in the `horilla_generics/global_search.py` file, is susceptible to manipulation through the `prev_url` argument. This ...

A vulnerability has been identified in the itsourcecode E-Logbook with Health Monitoring System for COVID-19 version 1.0, specifically affecting the file /check_profile_old.php. This vulnerability allows an attacker to manipulate the profile_id argument, leading to SQL injection attacks. Such vul...

A critical security vulnerability has been identified in the Tenda AC8 router version 16.03.34.06, specifically within the Httpd Service. The function webCgiGetUploadFile located in the /cgi-bin/UploadCfg file is susceptible to manipulation of the argument boundary, leading to a stack-based buffe...

A vulnerability has been discovered in the itsourcecode Event Management System version 1.0, specifically in the file /admin/navbar.php. This flaw allows attackers to manipulate the 'page' argument, leading to the potential execution of cross-site scripting (XSS) attacks. Such attacks are executa...

A security flaw was identified in the itsourcecode Event Management System version 1.0, specifically within an unknown function located in /admin/index.php. This vulnerability allows an attacker to manipulate the argument ID, leading to SQL injection. As a result, malicious users may exploit this...

A cross-site scripting vulnerability exists in the Article Sidebar Module of xingfuggz BaykeShop, specifically in the file located at src/baykeshop/contrib/article/templates/baykeshop/sidebar/custom.html. This issue arises from improper handling of the sidebar.content argument, allowing attackers...

A vulnerability exists in the DrayTek Vigor 300B's web management interface, specifically within the cgiGetFile function of the /cgi-bin/mainfunction.cgi/uploadlangs component. This security flaw allows for OS command injection through the manipulation of the File parameter, enabling remote attac...

A cross-site scripting vulnerability exists in the erzhongxmu JEEWMS web application, specifically in the 'doAdd' function of the JeecgListDemoController.java file. This flaw allows an attacker to manipulate the 'Name' argument, enabling the execution of malicious scripts in the context of users'...

A cross site scripting vulnerability has been identified in the erzhongxmu JEEWMS platform, specifically within the UEditor component. This vulnerability resides in the 'getContent.jsp' file, where improper handling of the 'myEditor' argument can lead to the execution of arbitrary JavaScript in t...