Publicly Disclosed
PoC Exploits

Hikvision network camera devices suffer from an improper authentication vulnerability, which arises when the system fails to adequately authenticate users. This deficiency could enable an attacker to escalate privileges and obtain sensitive information, risking the integrity and confidentiality o...

A security issue in Docker Desktop has been discovered, enabling local running Linux containers to communicate with the Docker Engine API through the default Docker subnet. This issue can arise irrespective of whether Enhanced Container Isolation (ECI) is active or if the 'Expose daemon on tcp://...

A vulnerability has been identified in Janet, the programming language developed by Janet-lang, where a flaw in the 'janetc_if' function within 'src/core/specials.c' could allow for an out-of-bounds read. This security issue requires local execution for exploitation and has been publicly disclose...

A Local Privilege Escalation vulnerability exists in pam-config, part of the Linux Pluggable Authentication Modules (PAM). This flaw permits a local attacker, such as an SSH user, to escalate their privileges to those of a privileged console user. By exploiting this vulnerability, attackers can e...

n8n, the open-source workflow automation platform, has a vulnerability that allows authenticated users who can create or modify workflows to manipulate expressions in workflow parameters. This could lead to unintended command execution on the host system running n8n, posing a significant security...

A vulnerability has been identified in Janet Language versions prior to 1.40.1, specifically within the os_strftime function of the src/core/os.c file. This flaw allows local attackers to perform manipulations that could result in out-of-bounds reads. Such vulnerabilities can lead to unauthorized...

A vulnerability exists in the Janet programming language, specifically in the janetc_pop_funcdef function located in src/core/compile.c. This issue allows for out-of-bounds read operations, potentially exposing sensitive data when exploited. The attack must be executed locally. It is crucial for ...

A Local Privilege Escalation vulnerability exists in pam-config, part of the Linux Pluggable Authentication Modules (PAM). This flaw permits a local attacker, such as an SSH user, to escalate their privileges to those of a privileged console user. By exploiting this vulnerability, attackers can e...

The WeGIA Web Manager for charitable institutions contains an authenticated SQL Injection vulnerability in the Atendido_ocorrenciaControle endpoint, specifically through the id_memorando parameter. This security flaw can lead to full database exfiltration, exposing sensitive Personally Identifiab...

A command injection vulnerability exists in the D-Link DCS-931L camera's firmware, specifically in the 'doSystem' function located in the '/setSystemAdmin' file. This issue arises from improper handling of the 'AdminID' argument, allowing remote attackers to execute arbitrary commands. This vulne...

A remote code execution vulnerability found in React Server Components allows attackers to exploit improperly handled payloads. This issue affects versions 19.0.0 through 19.2.0, compromising server function endpoints through unsafe deserialization of HTTP request payloads. As a result, this flaw...

A significant vulnerability exists in DouPHP affecting versions up to 1.9, linked to improper handling of input in the file /admin/file.php, specifically concerning the ZIP File Handler. This flaw allows an attacker to manipulate the sql_filename argument, facilitating unrestricted file uploads. ...

A significant SQL injection vulnerability exists within the itsourcecode News Portal Project version 1.0. This flaw specifically targets the Administrator Login component, where improper handling of user input in the email argument of the /admin/index.php file allows attackers to manipulate SQL q...

A security flaw has been identified in the Online Reviewer System version 1.0 developed by Code-Projects that enables attackers to exploit the application through cross site scripting (XSS). The vulnerability specifically affects the file /system/system/admins/manage/users/btn_functions.php, wher...

A security vulnerability has been identified within the Online Reviewer System version 1.0 by Code-Projects. This issue is associated with a particular functionality in the file located at /system/system/students/assessments/pretest/take/index.php. An unvalidated manipulation of the argument ID c...

A vulnerability identified in Code-Projects' Online Reviewer System 1.0 can be exploited via the /login/index.php file. By manipulating the Username argument, attackers can execute SQL injection attacks remotely, potentially compromising the system's integrity. This security flaw has been made pu...

A vulnerability exists in the Code-Projects Online Reviewer System 1.0, specifically in the /system/system/admins/assessments/pretest/btn_functions.php file. This flaw can be exploited through remote manipulation of the difficulty_id parameter, enabling attackers to execute SQL injection attacks....

A command injection vulnerability exists in D-Link DCS-933L firmware versions up to 1.14.11 due to improper handling of parameters in the '/setSystemAdmin' functionality of the alphapd component. This flaw allows an attacker to remotely execute arbitrary commands by manipulating the AdminID argum...

Camaleon CMS, a robust content management system built on Ruby on Rails, has a path traversal vulnerability in the MediaController's download_private_file method. This flaw permits authenticated users to potentially download any file stored on the web server, depending on file permissions configu...

A security flaw has been identified in version 1.0 of the itsourcecode Event Management System, specifically within the /admin/manage_user.php file. The vulnerability arises due to improper handling of user input in an unknown function, allowing an attacker to manipulate the ID argument. This res...

A vulnerability has been identified in the WeRSS we-mp-rss plugin versions up to 1.4.8. The flaw resides in the function download_export_file located in apis/tools.py, where improper validation of the filename argument can enable attackers to perform path traversal. This can lead to unauthorized ...

A vulnerability has been identified in the rachelos WeRSS we-mp-rss component, particularly regarding the JWT Handler in the core/auth.py file. An attacker can manipulate the SECRET_KEY argument, leading to the use of a default cryptographic key. This scenario poses significant risks as it allows...

A vulnerability has been discovered in the Code-Projects Plugin specifically within the AdminAddAlbum.php file. This weakness allows attackers to manipulate the txtalbum argument, leading to potential cross site scripting attacks. Exploitation of this vulnerability could be executed remotely, pos...

A security flaw has been identified in the Code-Projects Online Music Site 1.0, specifically within the functionality of the file located at /Administrator/PHP/AdminAddAlbum.php. The vulnerability allows for an unrestricted file upload due to improper handling of the argument 'txtimage'. This fla...

A vulnerability exists in the Online Music Site 1.0 developed by Code-Projects, specifically within the file /Administrator/PHP/AdminEditCategory.php. This flaw enables an SQL injection attack via manipulation of the argument ID, allowing remote attackers to execute unauthorized SQL commands. The...

A security vulnerability exists in Code-Projects' Online Music Site version 1.0, specifically within the /Administrator/PHP/AdminDeleteCategory.php file. An attacker can manipulate the ID argument, resulting in a SQL injection. This vulnerability allows for unauthorized access and manipulation of...

A vulnerability exists in the D-Link DIR-823X router that allows remote attackers to exploit the 'set_filtering' function. By manipulating specific parameters, an attacker can execute arbitrary operating system commands, potentially leading to unauthorized access and control over the affected dev...

A vulnerability exists in the Tenda AC8 router's Embedded Httpd Service, specifically within the /goform/fast_setting_wifi_set function. This flaw arises when manipulating the 'timeZone' argument, leading to a buffer overflow. Such a vulnerability can allow remote attackers to exploit the flaw, p...

A buffer overflow vulnerability exists in the Tenda AC8 router, specifically in the 'fromSetWifiGusetBasic' function of the '/goform/WifiGuestSet' component. The flaw is triggered by improper handling of the 'shareSpeed' argument, which allows an attacker to execute arbitrary code remotely. The e...

A security vulnerability has been identified in the ZeroWdd StudentManager, specifically within the addLeave function of LeaveController.java. This vulnerability allows for cross-site scripting (XSS) attacks through improper handling of the 'Reason for Leave' input, potentially enabling remote at...

A weakness has been discovered in heyewei JFinalCMS 5.0.0, specifically in the API Endpoint's save function located at /admin/admin/save. This vulnerability allows attackers to perform cross-site scripting (XSS) attacks, which can be executed remotely. Publicly available exploit vectors have been...

A security flaw exists in the Code-Projects Online Reviewer System 1.0, specifically affecting the user deletion functionality located in the file /reviewer/system/system/admins/manage/users/user-delete.php. An unauthenticated attacker can exploit this flaw by manipulating the 'ID' parameter, lea...

A vulnerability exists in the Online Reviewer System 1.0 from Code-Projects, specifically within the file /system/system/admins/assessments/pretest/loaddata.php. This flaw, stemming from the manipulation of the 'difficulty_id' parameter, allows for SQL injection attacks. Attackers can exploit thi...

A security flaw has been identified in the Online Reviewer System 1.0 by Code-Projects, located in the admin assessment interface. This vulnerability enables an attacker to manipulate the argument ID within the questions-view.php file, leading to potential SQL injection attacks. This exploit can ...

A security flaw has been identified in the D-Link DI-7100G C1 router, specifically within the start_proxy_client_email function. This vulnerability allows an attacker to execute commands on the device remotely, potentially compromising its security. Exploitation can be carried out without physica...

A security vulnerability affecting the Tenda AC9 router has been identified, specifically in its function formGetRebootTimer. By manipulating arguments like sys.schedulereboot.start_time and sys.schedulereboot.end_time, an attacker can induce a stack-based buffer overflow. This vulnerability can ...

A vulnerability in the Tenda AC9 router has been identified, specifically in the function formGetDdosDefenceList. This flaw allows for the manipulation of the argument security.ddos.map, leading to a stack-based buffer overflow. This weakness can be exploited remotely, presenting significant secu...

A security flaw has been identified in the itsourcecode School Management System version 1.0, which affects the processing of user input in the controller.php file. This vulnerability allows remote attackers to exploit an unvalidated argument ID, leading to SQL injection attacks. By manipulating ...

A critical SQL injection vulnerability has been discovered in the itsourcecode School Management System version 1.0. This flaw is located in the file /ramonsys/report/index.php, where improper handling of a user-supplied argument, 'ay', allows an attacker to execute arbitrary SQL queries against ...

A notable security vulnerability has been identified in UTT 进取 521G version 3.1.1-190816, specifically within the function sub_446B18 of the file /goform/formPdbUpConfig. This vulnerability allows an attacker to manipulate the argument 'policyNames', potentially leading to remote OS command injec...

Pterodactyl, a widely used free and open-source game server management panel, has a significant vulnerability that allows unauthorized remote code execution. This occurs through the /locales/locale.json endpoint when specific query parameters are manipulated. Attackers exploiting this flaw can ex...

A stack-based buffer overflow vulnerability exists in the Tenda RX3 router, specifically within the set_qosMib_list function of the /goform/formSetQosBand file. This weakness allows an attacker to manipulate the argument list, potentially leading to unauthorized remote code execution. Given that ...

The Tenda RX3 router suffers from a stack-based buffer overflow vulnerability in the fromSetIpMacBind function located in the /goform/SetIpMacBind file. This flaw allows attackers to manipulate the argument list remotely, potentially leading to arbitrary code execution. The public disclosure of t...

A security flaw has been identified in the Tenda RX3 router, specifically in the MAC Filtering Configuration Endpoint. The vulnerability lies in the function set_device_name located in the /goform/setBlackRule file, where improper handling of the devName/mac argument leads to a stack-based buffer...

A security weakness has been discovered in the UTT 进取 521G, specifically within the doSystem function of the /goform/setSysAdm file. Manipulating the argument 'passwd1' can allow an attacker to perform command injection, leading to potential unauthorized execution of commands. This vulnerability ...

A security vulnerability has been identified in the Tenda RX3 router, specifically in the '/goform/openSchedWifi' file. This flaw allows for a stack-based buffer overflow when the arguments 'schedStartTime' and 'schedEndTime' are manipulated. The issue can be exploited remotely, posing significan...

A vulnerability in Tenda RX3 firmware version 16.03.13.11 has been discovered, leading to a stack-based buffer overflow due to unauthorized manipulation of the ssid_5g parameter in the /goform/fast_setting_wifi_set function. This issue can be exploited remotely, posing a significant risk as the e...

A vulnerability has been identified in the PHPGurukul Hospital Management System 4.0, specifically within the /admin/manage-users.php file. This issue arises from improper handling of the ID argument, allowing attackers to execute SQL injection attacks. As a consequence, malicious actors could po...

A vulnerability has been identified in the PHPGurukul Hospital Management System 4.0, specifically within the /admin/manage-users.php file. This issue arises from improper handling of the ID argument, allowing attackers to execute SQL injection attacks. As a consequence, malicious actors could po...

A command injection vulnerability exists in the registerXcodeTools function of the r-huijts xcode-mcp-server, which affects versions prior to f3419f00117aa9949e326f78cc940166c88f18cb. When manipulating the 'args' argument, an attacker can exploit this vulnerability to execute arbitrary commands r...