Publicly Disclosed
PoC Exploits

πŸ”΄ Alway take caution when working with PoC Exploits πŸ”΄

Discovered just now...

PoC for CVE-2024-36991

SplunkSplunk Enterprise🟣 EPSS 94%7.5HIGH
Splunk Enterprise Path Traversal Vulnerability on Windows

A path traversal vulnerability exists in Splunk Enterprise running on Windows, affecting versions prior to 9.2.2, as well as versions 9.1.5 and 9.0.10. This issue allows an attacker to potentially access restricted directories and files on the server through the /modules/messaging/ endpoint. Ensu...

PoC for CVE-2025-11926

WordPressRelated Posts Lite4.4MEDIUM
Stored Cross-Site Scripting in Related Posts Lite Plugin for WordPress

The Related Posts Lite plugin for WordPress is susceptible to a Stored Cross-Site Scripting vulnerability, due to inadequate input sanitization and output escaping in admin settings. This issue affects all versions up to 1.12, enabling authenticated attackers with administrator-level permissions ...

PoC for CVE-2025-48784

Soar Cloud System...Hrd Human Resource Man...8.8HIGH
Missing Authorization Vulnerability in Soar Cloud HRD Human Resourc...

A missing authorization flaw in the Soar Cloud HRD Human Resource Management System, up to version 7.3.2025.0408, allows unauthorized remote attackers to change critical system settings. This vulnerability poses a significant risk as it enables malicious users to alter configurations without appr...

PoC for CVE-2025-6934

WordPressOpal Estate Pro – Prop...🟣 EPSS 24%9.8CRITICAL
Privilege Escalation Vulnerability in Opal Estate Pro Plugin for Wo...

The Opal Estate Pro – Property Management and Submission plugin for WordPress is susceptible to privilege escalation. This is a result of improper role restriction during user registration in the 'on_register_user' function. Attackers without authentication can exploit this vulnerability to assig...

Discovered 4 hours ago

PoC for CVE-2026-4508

PbootPbootcms6.9MEDIUM
SQL Injection Vulnerability in PbootCMS Member Login by Pboot

In PbootCMS versions up to 3.2.12, a significant vulnerability exists in the Member Login component, specifically within the checkUsername function located in apps/home/controller/MemberController.php. This flaw allows the manipulation of user-supplied input to execute SQL injection attacks, pote...

Discovered 5 hours ago

PoC for CVE-2026-4507

MindinventoryMindsql5.3MEDIUM
SQL Injection Vulnerability in Mindinventory MindSQL Product

A security flaw has been identified in Mindinventory's MindSQL that allows for SQL injection via a manipulation of the 'ask_db' function located in mindsql/core/mindsql_core.py. This vulnerability can be exploited remotely, placing users at risk of unauthorized database access and potential data ...

PoC for CVE-2026-4506

MindinventoryMindsql5.3MEDIUM
SQL Injection Vulnerability in Mindinventory MindSQL Product

A significant vulnerability has been identified in Mindinventory's MindSQL product, specifically affecting the 'ask_db' function located in 'mindsql/core/mindsql_core.py'. This flaw allows for remote code injection, posing serious security risks. An attacker could exploit this vulnerability to ma...

Discovered 7 hours ago

PoC for CVE-2026-4505

Eosphoros-aiDb-gpt5.3MEDIUM
Unrestricted Upload Vulnerability in eosphoros-ai DB-GPT Product fr...

A vulnerability in the eosphoros-ai DB-GPT affects its FastAPI Endpoint, particularly the function module_plugin.refresh_plugins located in controller.py. This flaw enables unauthorized users to perform unrestricted uploads remotely, potentially compromising system integrity. Despite early notifi...

PoC for CVE-2026-4504

Eosphoros-aiDb-gpt6.9MEDIUM
SQL Injection Vulnerability in eosphoros-ai db-gpt Product by Eosph...

An SQL injection vulnerability exists within the eosphoros-ai db-gpt product, specifically in the /api/v1/editor/ endpoint. This flaw is a result of an incomplete fix, allowing attackers to exploit remote access and manipulate database operations. The affected versions include up to 0.7.5, and th...

PoC for CVE-2026-22730

VmwareSpring Ai8.8HIGH
SQL Injection Vulnerability in Spring AI's MariaDBFilterExpressionC...

A significant SQL injection vulnerability exists in Spring AI's MariaDBFilterExpressionConverter, which allows attackers to circumvent metadata-based access controls. This flaw stems from a lack of adequate input sanitization, enabling unauthorized execution of arbitrary SQL commands within the a...

PoC for CVE-2026-4500

Bagofwords1Bagofwords5.3MEDIUM
Remote Code Execution Vulnerability in Bagofwords Products by Bagof...

A security flaw exists in Bagofwords versions up to 0.0.297 that allows for code injection via the generate_df function within the backend/app/ai/code_execution/code_execution.py file. This vulnerability can be exploited remotely, posing a significant risk if left unaddressed. The exploit is publ...

PoC for CVE-2026-4499

D-linkDir-820lw6.9MEDIUM
OS Command Injection Vulnerability in D-Link DIR-820LW Router

The D-Link DIR-820LW 2.03 router has a vulnerability in its SSDP component, specifically in the ssdpcgi_main function. This issue allows for remote OS command injection, providing an attacker the opportunity to manipulate the system through crafted requests. The vulnerability has been publicly di...

Discovered 8 hours ago

PoC for CVE-2026-4497

TotolinkWa3006.9MEDIUM
OS Command Injection Vulnerability in Totolink WA300 Router

A security vulnerability has been identified in the Totolink WA300 router version V5.2cu.7112_B20190227. The issue occurs in the recvUpgradeNewFw function located within the /cgi-bin/cstecgi.cgi file, allowing for os command injection. This weakness enables attackers to execute arbitrary commands...

PoC for CVE-2026-4496

SigmadeGit-mcp-server4.8MEDIUM
OS Command Injection in sigmade Git-MCP-Server

A vulnerability has been identified in sigmade's Git-MCP-Server, which impacts the execution of commands through the child_process.exec function in the gitUtils.ts file. This security flaw allows local attackers to inject arbitrary OS commands, potentially compromising the system's integrity. Bec...

Discovered 9 hours ago

PoC for CVE-2026-4495

AtjiuPybbs5.1MEDIUM
Cross Site Scripting Vulnerability in atjiu pybbs 6.0.0

A security flaw exists in atjiu pybbs version 6.0.0, specifically within the create function of the CommentApiController.java file. This vulnerability allows for cross site scripting attacks, enabling malicious users to execute harmful scripts in the context of another user. The issue is serious ...

PoC for CVE-2026-4494

AtjiuPybbs5.1MEDIUM
Cross Site Scripting Vulnerability in atjiu pybbs 6.0.0

A cross site scripting vulnerability was discovered in atjiu pybbs version 6.0.0, specifically within the create function of the TopicApiController.java file. This flaw allows remote attackers to execute arbitrary JavaScript in the context of users' browsers, leading to potential data theft or se...

PoC for CVE-2026-4493

TendaA18 Pro8.7HIGH
Stack-based Buffer Overflow in Tenda A18 Pro MAC Filtering Configur...

A vulnerability exists in the Tenda A18 Pro router, specifically within the MAC Filtering Configuration Endpoint. The flaw is located in the function sub_423B50 of the /goform/setMacFilterCfg file, where improper handling of the deviceList argument can lead to a stack-based buffer overflow. This ...

Discovered 10 hours ago

PoC for CVE-2026-4492

TendaA18 Pro8.7HIGH
Stack-based Buffer Overflow in Tenda A18 Pro Router

A stack-based buffer overflow vulnerability exists in the Tenda A18 Pro router within the function set_qosMib_list of the /goform/formSetQosBand file. This flaw allows remote attackers to manipulate the argument list, potentially leading to arbitrary code execution. The exploit has been publicly ...

PoC for CVE-2026-4491

TendaA18 Pro8.7HIGH
Stack-Based Buffer Overflow in Tenda A18 Pro Router

A vulnerability exists in the Tenda A18 Pro router that affects the fromSetIpMacBind function within the /goform/SetIpMacBind file. This flaw allows for a stack-based buffer overflow due to improper manipulation of the argument list. Remote attackers may exploit this weakness to execute arbitrary...

PoC for CVE-2026-4490

TendaA18 Pro8.7HIGH
Stack-based Buffer Overflow in Tenda A18 Pro Router

A critical flaw exists in the Tenda A18 Pro router's setSchedWifi function, found in the /goform/openSchedWifi file. This vulnerability allows for a stack-based buffer overflow, enabling potential remote exploitation. Attackers may manipulate this function to execute arbitrary code, leading to un...

Discovered 11 hours ago

PoC for CVE-2026-4489

TendaA18 Pro8.7HIGH
Stack-Based Buffer Overflow in Tenda A18 Pro Wi-Fi Router

A vulnerability exists in the Tenda A18 Pro routers due to improper handling of the form_fast_setting_wifi_set function in the /goform/fast_setting_wifi_set file. This flaw allows attackers to execute a stack-based buffer overflow remotely, leading to potential unauthorized access or control over...

PoC for CVE-2026-32989

PrecurioPrecurio Intranet Portal8.6HIGH
Cross-Site Request Forgery Vulnerability in Precurio Intranet Porta...

The Precurio Intranet Portal version 4.4 is susceptible to a Cross-Site Request Forgery (CSRF) attack. This vulnerability could permit an authenticated user to be tricked into submitting a manipulated request to a profile update endpoint responsible for processing file uploads. If an attacker suc...

PoC for CVE-2026-32986

TextpatternTextpattern Cms5.1MEDIUM
Second-Order XSS Vulnerability in Textpattern CMS 4.9.0

A Second-Order Cross-Site Scripting (XSS) vulnerability is present in Textpattern CMS version 4.9.0 due to inadequate sanitization and contextual encoding of user-supplied input within Atom feed XML elements. It permits user-controlled parameters, like the category, to be reflected in Atom fields...

PoC for CVE-2026-4488

UttHiper 1250gw8.7HIGH
Buffer Overflow Vulnerability in UTT HiPER 1250GW by UTT

A buffer overflow vulnerability has been identified in UTT HiPER 1250GW devices, specifically within the strcpy function located in the /goform/setSysAdm file. This flaw arises when the argument GroupName is manipulated, allowing an attacker to exploit the overflow. The attack can be executed rem...

PoC for CVE-2026-20643

AppleMac OS5.4MEDIUM
Cross-Origin Vulnerability in Apple Navigation API

A cross-origin vulnerability exists within the Navigation API that could allow maliciously crafted web content to bypass the Same Origin Policy. This issue has been rectified with enhanced input validation in version updates for iOS, iPadOS, and macOS, specifically in versions 26.3.1 and 26.3.2. ...

Discovered 12 hours ago

PoC for CVE-2026-4487

UttHiper 1200gw8.7HIGH
Buffer Overflow Vulnerability in UTT HiPER 1200GW Device

A buffer overflow vulnerability has been identified in the UTT HiPER 1200GW device affecting versions up to 2.5.3-170306. The flaw arises within the strncpy function of the /goform/websHostFilter file, allowing attackers to exploit this vulnerability remotely. This manipulation could lead to unau...

Discovered 13 hours ago

PoC for CVE-2026-4486

D-linkDir-5138.7HIGH
Stack-Based Buffer Overflow in D-Link DIR-513 Web Service

A vulnerability exists in D-Link DIR-513 version 1.10, specifically within the formEasySetPassword function of the /goform/formEasySetPassword component. This flaw allows an attacker to manipulate the curTime argument, leading to a stack-based buffer overflow. The exploit can potentially be execu...

PoC for CVE-2026-4485

ItsourcecodeCollege Management System5.3MEDIUM
SQL Injection Vulnerability in itsourcecode College Management System

A critical SQL injection vulnerability has been identified in the itsourcecode College Management System version 1.0 within the /admin/search_student.php file. This vulnerability allows attackers to manipulate the 'Search' argument, potentially leading to unauthorized access to the database. The ...

Discovered 21 hours ago

PoC for CVE-2026-4474

ItsourcecodeUniversity Management ...4.8MEDIUM
Cross Site Scripting in itsourcecode University Management System b...

A security flaw in the itsourcecode University Management System version 1.0 permits remote attackers to exploit cross site scripting vulnerabilities via manipulation of the 'st_name' parameter in the /admin_single_student_update.php file. This issue can lead to unauthorized script execution in u...

PoC for CVE-2026-4473

ItsourcecodeOnline Doctor Appointm...5.1MEDIUM
SQL Injection Vulnerability in itsourcecode Online Doctor Appointme...

A security flaw has been identified in the itsourcecode Online Doctor Appointment System 1.0, specifically related to the processing of the 'appointment_id' parameter in the /admin/appointment_action.php file. This vulnerability enables an attacker to execute SQL injection attacks remotely, poten...

Discovered 22 hours ago

PoC for CVE-2026-4472

ItsourcecodeOnline Frozen Foods Or...5.3MEDIUM
SQL Injection Vulnerability in itsourcecode Online Frozen Foods Ord...

A security vulnerability in the itsourcecode Online Frozen Foods Ordering System version 1.0 allows for SQL injection through the /admin/admin_edit_supplier.php file. By manipulating the Supplier_Name argument, an attacker could execute arbitrary SQL commands. This vulnerability can be exploited ...

PoC for CVE-2026-4471

ItsourcecodeOnline Frozen Foods Or...5.1MEDIUM
SQL Injection Vulnerability in itsourcecode Online Frozen Foods Ord...

A vulnerability has been discovered in the itsourcecode Online Frozen Foods Ordering System 1.0, specifically in the /admin/admin_edit_employee.php file. This weakness can be exploited through manipulation of the First_Name argument, leading to SQL injection attacks. As it allows remote attackers...

PoC for CVE-2026-4470

ItsourcecodeOnline Frozen Foods Or...5.1MEDIUM
SQL Injection Vulnerability in itsourcecode Online Frozen Foods Ord...

A security vulnerability has been identified in the itsourcecode Online Frozen Foods Ordering System version 1.0, specifically in the /admin/admin_edit_menu.php file. The vulnerability allows attackers to exploit a flaw by manipulating the 'product_name' argument, facilitating SQL injection attac...

Discovered 23 hours ago

PoC for CVE-2026-4469

ItsourcecodeOnline Frozen Foods Or...5.1MEDIUM
SQL Injection Vulnerability in itsourcecode Online Frozen Foods Ord...

A vulnerability has been discovered in the itsourcecode Online Frozen Foods Ordering System version 1.0, specifically within the file /admin/admin_edit_menu_action.php. This issue arises from improper handling of the product_name argument, which can be exploited to perform SQL injection attacks. ...

PoC for CVE-2026-4468

ComfastCf-ac1005.1MEDIUM
Command Injection Vulnerability in Comfast CF-AC100 by Comfast

A command injection vulnerability exists in the Comfast CF-AC100 (version 2.6.0.8) in the file /cgi-bin/mbox-config?method=SET&section=update_interface_png. This flaw allows an attacker to execute arbitrary commands via crafted requests, potentially enabling unauthorized access to the device. The...

Discovered 1 day ago

PoC for CVE-2026-4467

ComfastCf-ac1005.1MEDIUM
Command Injection Vulnerability in Comfast CF-AC100 Router

A vulnerability has been identified in the Comfast CF-AC100 router, specifically in version 2.6.0.8, which allows for command injection through an insecure function within the /cgi-bin/mbox-config?method=SET&section=wireless_device_dissoc endpoint. This could enable remote attackers to execute ar...

PoC for CVE-2026-4466

ComfastCf-ac1005.1MEDIUM
Command Injection Vulnerability in Comfast CF-AC100 Router

A command injection vulnerability has been identified in the Comfast CF-AC100 router, specifically in the configuration file handler located at /cgi-bin/mbox-config?method=SET&section=ntp_timezone. This vulnerability allows attackers to execute arbitrary commands remotely, potentially compromisin...

PoC for CVE-2026-4465

D-linkDir-5135.3MEDIUM
OS Command Injection Vulnerability in D-Link DIR-513 Device

A vulnerability exists in the D-Link DIR-513 1.10, specifically within an undisclosed function related to the /goform/formSysCmd file. By manipulating the sysCmd parameter, an attacker can exploit this flaw to execute arbitrary OS commands remotely. This vulnerability primarily affects devices th...

PoC for CVE-2026-32985

XerteXerte Online Toolkits9.3CRITICAL
Unauthenticated File Upload Vulnerability in Xerte Online Toolkits

Versions 3.14 and earlier of Xerte Online Toolkits contain a security flaw that allows unauthorized users to upload arbitrary files via the template import functionality. The vulnerability resides in /website_code/php/import/import.php, where inadequate authentication checks enable the upload of ...

PoC for CVE-2026-32255

KanbnKan8.6HIGH
Open-Source Project Management Tool Vulnerability in Kan

The Kan project management tool has a serious security flaw in its /api/download/attachment endpoint present in versions 0.5.4 and earlier. This vulnerability allows unauthenticated users to pass a URL query parameter directly to the server, which could lead to unintended HTTP requests being made...

Discovered 2 days ago

PoC for CVE-2025-71260

Bmc Software, Inc.Footprints8.7HIGH
Deserialization Vulnerability Affecting BMC FootPrints ITSM

The BMC FootPrints ITSM application is susceptible to a vulnerability in its ASP.NET VIEWSTATE handling mechanism that allows authenticated users to exploit the system. By supplying specially crafted serialized objects through the VIEWSTATE parameter, attackers can gain the ability to execute arb...

PoC for CVE-2026-32731

ApostrophecmsImport-export10CRITICAL
File Write Path Vulnerability in ApostropheCMS by Apostrophe

ApostropheCMS is an open-source content management framework that has a vulnerability in the `@apostrophecms/import-export` package prior to version 3.5.3. The vulnerability lies within the `extract()` function in `gzip.js`, where file-write paths are constructed using `fs.createWriteStream(path....

PoC for CVE-2026-24061

GnuInetutils🟣 EPSS 78%9.8CRITICAL
Remote Authentication Bypass in GNU Inetutils Telnetd

The GNU Inetutils telnet daemon (telnetd) is vulnerable to a remote authentication bypass that can occur when an attacker manipulates the USER environment variable by specifying a '-f root' value. This flaw allows unauthorized users to gain access without proper authentication. Affected users sho...

PoC for CVE-2026-2991

WordPressKivicare – Clinic & Pa...9.8CRITICAL
Authentication Bypass Vulnerability in KiviCare Plugin for WordPress

The KiviCare – Clinic & Patient Management System for WordPress has a critical vulnerability that allows attackers to bypass authentication checks. The flaw exists in the `patientSocialLogin()` function, which does not properly verify the access token provided by social providers. As a result, an...

PoC for CVE-2023-46604

ApacheApache ActiveMQ🟣 EPSS 94%10CRITICAL
Remote Code Execution Vulnerability Affects Java OpenWire Protocol ...

The Java OpenWire protocol marshaller in Apache ActiveMQ is susceptible to a remote code execution vulnerability, allowing attackers with network access to execute arbitrary shell commands. By manipulating serialized class types in the OpenWire protocol, an attacker can cause the client or broker...

PoC for CVE-2026-24291

MicrosoftWindows 10 Version 16077.8HIGH
Elevation of Privilege Vulnerability in Windows Accessibility Infra...

An elevation of privilege vulnerability exists in the Windows Accessibility Infrastructure due to incorrect permission assignment for critical resources within ATBroker.exe. This flaw enables authorized attackers to gain elevated access to system resources, potentially allowing them to execute un...

PoC for CVE-2008-0166

OpenSSLOpenSSL7.5HIGH
Predictable Random Number Generation in OpenSSL on Debian Systems

On Debian-based operating systems, certain versions of OpenSSL utilize a flawed random number generator that produces predictable outputs. This vulnerability can facilitate brute force attacks, enabling adversaries to guess cryptographic keys with higher success rates. Organizations using affecte...

PoC for CVE-2026-3888

7.8HIGH
Local Privilege Escalation in Snapd Affecting Ubuntu Linux

A local privilege escalation vulnerability in Snapd on Linux systems allows attackers to exploit the automatic cleanup of Snap's private /tmp directory. By re-creating this directory under certain configurations of systemd-tmpfiles, an attacker can potentially gain root privileges. This issue imp...

PoC for CVE-2025-4396

WordPressRelevanssi – A Better ...🟣 EPSS 25%7.5HIGH
SQL Injection Vulnerability in Relevanssi Search Plugin for WordPress

The Relevanssi – A Better Search plugin for WordPress presents a vulnerability that allows time-based SQL injection through the cats and tags query parameters. This issue affects all versions up to and including 4.24.4 for free and 2.27.4 for premium users. The vulnerability arises from inadequat...

PoC for CVE-2026-32746

GnuInetutils9.8CRITICAL
Out-of-Bounds Write Vulnerability in GNU Inetutils Telnetd

The telnetd component of GNU Inetutils, specifically versions up to 2.7, is susceptible to an out-of-bounds write vulnerability. This flaw occurs in the LINEMODE SLC (Set Local Characters) suboption handler due to insufficient checks in the add_slc function, allowing for data to be written past t...